Thoroughly Modern: Proceed With Caution With AI In The Landscape Of Cybersecurity

April 8, 2024 Pauline Brazil Ayala

In the fast-evolving realm of technological innovation, AI has emerged as one of the most compelling yet controversial advancements. Its potential spans industries, revolutionizing not only how data is processed but also how ideas are conceived.

A recent study by PEW Research indicates that almost a quarter of employed Americans aged 30 to 49 have used ChatGPT for work, up from 8 percent last year. Its allure lies in automation; augmenting tasks like writing contracts and analyzing data with speed and efficiency that far surpass human limitations.

However, with innovation comes the need for vigilance – particularly in the realm of information security. The surge in generative AI adoption has drawn much attention to understanding its implications – especially in cybersecurity and the legalities surrounding copyright, data privacy, and intellectual property rights.

The Security Implications of AI

We know that AI tools can revolutionize efficiency, but without proper controls in place there is also the potential of opening the door to security breaches and data privacy issues. Organizations must pay special attention to train their people on what data is considered private or proprietary and the criticality of ensuring that information is not used as input into public AI engines. Such exposure of sensitive information could result in unprecedented vulnerabilities, directly impacting a company’s resilience against cyber-attacks.

I recommend a balanced approach when companies are considering how they might integrate AI into their users’ arsenal of tools. The truth is that people are already engaging powerful AI engines on their smart phones, so education on how improper usage can affect the company from a security and privacy standpoint is paramount. Policies must be drawn up, detailing the ins and outs of what constitutes safe interaction with AI systems.

The inherent risks of inputting private data into public AI engines cannot be overstated. A key concern is preventing leakage of sensitive data into AI models that are publicly accessible, thereby inadvertently handing crucial information to potential adversaries. Companies must be particularly discerning about the information they input into public AI engines to avoid compromising sensitive data – personal customer information, company financial details, and precious trade secrets.

When it comes to copyright, intellectual property (IP), and data privacy, the waters are even murkier. The question of who maintains the rights to generated content remains hotly debated and without clear legal consensus. If you use generative AI to write a software application for your company, who owns that IP? Can you copyright it? Are you infringing on someone else’s copyright or IP? Has it exposed data that should be held private? Industries have speculated, lawyers have deliberated, but no clear consensus has emerged. Consequently, any utilization of generative AI in processes such as software development demands thorough scrutiny to ensure proprietary information remains protected.

With the urge to integrate AI into the fabric of business operations rising, I urge companies to think twice before employing AI for their development processes. Every line of code fed into a system you do not own may risk divulging trade secrets, and as it stands, legal experts have yet to determine unequivocally who retains rights to the generated material.

Securing Your IBM i

While IBM i is known for its strong security, there are still vulnerabilities that need to be addressed and older practices that must be updated. The rise of generative AI is likely to make exploitation easier for those seeking to leverage vulnerabilities. The convenience of crafting hacks is poised to increase significantly, putting sensitive systems at greater risk. New technologies, particularly in their early stages, are often vulnerable to misuse.

Now more than ever, ensuring a strong security posture on your systems is crucial. Implementing a robust security solution, such as Fresche’s IBM i security suite, to fortify your IBM i systems’ defenses and ensure data security is paramount. I recommend a zero-trust, multi-layered approach that involves assessing and securing each component of your environment – this will increase protection for your organization against internal and external security threats.

Employing fundamental security strategies like separation of duties and the principle of least privilege is also key. These measures are critical in controlling who has access to what data and, consequently, what can be fed into an AI engine. By preventing unauthorized access to restricted data, the risk associated with what can be done with it is significantly reduced.

Towards A Responsible Future

AI stands at the forefront of a technological revolution, its impact just beginning to ripple through the fabric of information security. The landscape of AI is ever-changing, making it crucial to stay informed as its integration touches every industry.

For IBM i professionals, navigating this new territory demands a careful approach – building on the strong security foundations that define the platform, while considering the innovative potential AI introduces. Striking this balance is crucial as we venture into an AI-driven future, aware of its potential yet ready for the challenges it may bring. This means exploring how AI can enhance current processes without undermining the secure base of the platform. A critical approach, strategic planning, and unwavering dedication to protecting key assets are vital to ensure that as we advance into the future, our most sensitive information remains secure.

As we bridge the gap between technology and application, I encourage stakeholders to proceed with caution, ensuring that the infrastructure and policies we establish are stringent enough to meet the demands of AI. Our aim is to ensure that as technology evolves, security standards do not diminish. Upholding strong security measures and sensible policies is paramount in protecting the integrity of IBM i systems and data.

Pauline Brazil Ayala is Senior Security Advisor at Fresche Solutions. Pauline is an IBM i security expert with over 25 years of experience in developing enterprise-level security software. Her involvement has spanned the entire spectrum of software production, from initial requirements gathering to final delivery, including sales and ensuring ongoing customer satisfaction.

This content is sponsored by Fresche Solutions.

This Issue Sponsored By

Table of Contents

Content archive

Recent Posts

Subscribe

Pages

Search