Welcome to ThatThirdPartyGuy.com – my website highlighting my journey in third party cyber-security.

Flattery Can Get You Places – Artificial Intelligence and Security


3 July 3, 2023

“Imitation is the sincerest form of flattery that mediocrity can pay to greatness” – Oscar Wilde

The human mind is an awesome wonder.  Nobody has really figured out how to harness the power of the mind, let alone definitively determine how powerful it really is.  One Computerworld article from 2011 estimated the human brain “…can hold about 1.25 TB of data, and performs at roughly 100 teraflops.”  A 2022 article from Science ABC said, “Although it is impossible to calculate precisely, it is postulated that the human brain operates at 1 exaFLOP, equivalent to a billion billion calculations per second.”  

In other words, nobody really knows exactly how powerful the human brain is.  Artificial Intelligence (AI) is getting a lot of media attention at the moment.  People are becoming aware of its use, but aren’t quite sure what it is or if its risky. 

Personally, I like to use AI and I’m a huge proponent of its use in many business and healthcare use cases.  But AI imitates what the human brain can do on a much smaller scale.  As such, its use is applicable differently than a human might. 

So what risks are there for cyber security?  I can think of a few, can you?  As a backdrop, let’s look at the C.I.A. cyber security triangle – Confidentiality, Integrity, and Availability. 

To be fair, availability of AI is an easy one to solve with today’s cloud platforms.  If you use cloud hosted apps.  If not, you’ll still be able to ensure its availability with good design and deployment. 

Integrity is a little different.  As with any application, the answer is only as good as the data that went into it and the programmer that wrote the it.  AI is no different.  The results of any prompts can be inaccurate.  I’ve seen inaccurate results many times, especially during the initial training cycle of the implementation.

Confidentiality is where it gets really interesting in the current market.  If you input your data to an AI instance, such as ChatGPT your data may be at risk.  It most likely is.  That’s because the way AI works is to collect information and make a decision based on the prompt.  When it gets it right, it considers that answer correct.  When it doesn’t, it considers it incorrect.  But to make that decision, it needs data.  Lots of it. 

Guess where that data goes and never leaves? 

AI can imitate the human decision making process and often predict answers.  That can be really useful.  It can correlate information from vast amounts of data.  That can be used to find new and novel ways to treat illness for example.  But be cautious what data you feed it – that may expose your sensitive information to attackers now or in the future. 

For some primers on AI, check out these links:

https://blog.mozilla.org/en/internet-culture/how-does-ai-work/

https://csuglobal.edu/blog/how-does-ai-actually-work#:~:text=AI%20systems%20work%20by%20combining,performance%20and%20develops%20additional%20expertise.

https://blog.hubspot.com/marketing/how-does-ai-work#:~:text=To%20put%20it%20simply%2C%20AI,is%20not%20just%20one%20algorithm.