Rapid growth of generative AI-based software is challenging business technology leaders to keep potential cybersecurity issues in check.

Amazon's AI chatbot Q is experiencing severe hallucinations and leaking confidential data, including the location of AWS data centers and unreleased features. Employees have raised concerns about accuracy and privacy issues. Amazon downplayed the significance of the employee discussions and stated that no security issue was identified. Q is presented as a secure enterprise-software version of ChatGPT and competes with similar tools from Microsoft and Google. It is currently available in a free preview.

Investigation on LLM applications in the security domain has revealed their potential to effectively generate and conceal malware.

36% of code generated by GitHub CoPilot contains security flaws, according to an article. The article provides an item ID, creation and last edited time, and a link to the full article. It also mentions that the article is in draft status.

Chinese startups face challenges in AI due to competition, limited data access, and economic uncertainty. Many focus on AI applications for efficiency gains rather than creating large models. Regulatory clarity is needed. AI's role in cost reduction and job automation grows amid economic challenges. Startups adapt to survive.

If you're a bad guy and you're not using ChatGPT or other LLMs to go and find vulnerabilities, you're probably not doing your job as a bad guy, said Scott Giordano, general counsel of Spirion.

Securing AI requires special security considerations. AI tools are vulnerable to new attacks and organizations must secure them against drift from their intended function. Implementing a secure AI framework involves understanding the specific AI tools and use cases, assembling a team, training employees, and implementing core security elements. Keeping humans in the loop and remaining vigilant in identifying and mitigating threats is crucial for AI security.

Shadow AI is potentially a lot more pernicious and pervasive than Shadow IT, says Abhishek Gupta.

Generative AI surveys from 2023 reveal that smaller businesses are using GenAI tools despite security concerns, ChatGPT's popularity has triggered a surge in generative AI investment, and tech leaders struggle to keep up with AI advances. Companies have high confidence in the competitive advantage of Generative AI, but security leaders fear AI-generated attacks. Risk leaders are not fully prepared for GenAI threats, and building GenAI competence is crucial for business growth. Misinterpretation and SaaS security implications are major concerns.

Minimizing data risks for generative AI and LLMs in the enterprise involves hosting LLMs within the organization's security and governance boundaries, customizing models to align with specific business needs and trusted internal data, utilizing natural language processing to handle unstructured data, and proceeding cautiously while exploring the opportunities of AI technology. By working within their existing security perimeters and optimizing LLMs with internal data, businesses can strike a balance between innovation and data security, reducing the risk of privacy breaches and biases while leveraging the benefits of generative AI.

The adoption of AI tools is high, but organizations are concerned about the impact on data security. Data governance and security controls are top priorities, and organizations need AI-specific security strategies to protect data. Concerns include the exposure of sensitive data and the lack of ownership for data security. Data access remains a major security obstacle, with a lack of visibility and slowed access to data.

WASHINGTON—Today, privacy and cybersecurity policy expert James X. Dempsey released a paper, commissioned by NetChoice, titled “Generative AI: The Security and Privacy Risks of Large Language Models.” In the paper, […]