Generative AI: A Game Changer for Blue Teams
Artificial Intelligence & Machine Learning
,
Governance & Risk Management
,
Next-Generation Technologies & Secure Development
Mandiant’s Nader Zaveri on AI-Driven Defense Tactics
With the unveiling of ChatGPT in late 2022, security leaders anticipated a bigger influx of phishing campaigns and ransomware attacks, but this surge has not yet been observed. Nader Zaveri, senior manager of incident response and remediation at Mandiant, likened it to the Nigerian prince email scam that is designed to deceive only a select few. “If you are able to discern that it is a fake email, that’s not the target audience,” he said.
See Also: Safeguarding Election Integrity in the Digital Age
But ChatGPT has enabled threat actors to advance their techniques for other malicious activities, mainly deepfakes, which require a lot more human interaction. Such attacks, Zaveri said, could be countered by blue teams, with less skilled individuals using generative AI to create and analyze codes more effectively.
“There are still things out there – what they call prompt poisoning attacks – where attackers can trick AI into trying to create its code. But if you are somebody who is not skilled at coding, asking the generative AI platforms to create pieces of code – that’s something the blue team is able to do a lot better,” he said.
In this video interview with Information Security Media Group at Cybersecurity Implications of AI Summit: North America West, Zaveri also discussed:
- The role AI plays in enhancing blue team capabilities;
- How generative AI aids in threat detection and response;
- Best practices for detecting and mitigating deepfake threats.
Zaveri has more than 15 years of experience in IT security, infrastructure and risk management domains. He has led hundreds of incident response and remediation investigations related to on-premises or cloud-based incidents and helped investigate allusive threat actors such as nation-states.