AI Insecurity - The Unmanaged Risk of Chatbots, GPT-4, and More

AI has emerged as a transformative technology used in almost every industry. However, rapid adoption of AI also poses significant unmanaged risks that has recently captured the attention of the public with the advent of powerful but fallible language models and chatbots. While these appear to be ethical risks in nature, there is also a growing concern in security: AI inherits the vulnerabilities from the software stack, but also introduces new security concerns that are unique to AI. In this talk, Hyrum Anderson explores the burgeoning field of AI security and the key role that security practitioners must play in securing AI technologies. This includes immediate challenges of fundamental security hygiene and software supply chain security adapted to the new paradigm. Additionally, new classes of confidentiality, integrity and availability violations have emerged with AI as a new attack surface. Today, those vulnerabilities are exploited in rather simple, but impactful ways. And this is why security practitioners must step in for help.

This presentation was delivered at Microsoft BlueHat IL 2023, a leading cybersecurity conference that beings together offensive and defensive security experts to address modern threats.

“Companies should continue to invest in AI technology, but also own the risk and responsibility that comes with its adoption.”

Hyrum Anderson
CTO

AI Insecurity - The Unmanaged Risk of Chatbots, GPT-4, and More

AI has emerged as a transformative technology used in almost every industry. However, rapid adoption of AI also poses significant unmanaged risks that has recently captured the attention of the public with the advent of powerful but fallible language models and chatbots. While these appear to be ethical risks in nature, there is also a growing concern in security: AI inherits the vulnerabilities from the software stack, but also introduces new security concerns that are unique to AI. In this talk, Hyrum Anderson explores the burgeoning field of AI security and the key role that security practitioners must play in securing AI technologies. This includes immediate challenges of fundamental security hygiene and software supply chain security adapted to the new paradigm. Additionally, new classes of confidentiality, integrity and availability violations have emerged with AI as a new attack surface. Today, those vulnerabilities are exploited in rather simple, but impactful ways. And this is why security practitioners must step in for help.

This presentation was delivered at Microsoft BlueHat IL 2023, a leading cybersecurity conference that beings together offensive and defensive security experts to address modern threats.

“Companies should continue to invest in AI technology, but also own the risk and responsibility that comes with its adoption.”

Hyrum Anderson
CTO