Table of contents
What is generative AI (GenAI)?
Generative AI applications like ChatGPT and DALL-E are designed to mimic human creativity by generating text, images, videos, and other types of content upon request.
GenAI technologies and their applications vary across industries and use-case. Many people are familiar with large language models (LLMs) like GPT-4 and Claude, but these represent just one type of GenAI. Other models and tools are used to create content in different forms:
|
GenAI Technology
|
Application
|
Unique Features
|
|---|---|---|
|
DALL-E (OpenAI)
|
Image Generation
|
Capable of generating images from textual descriptions, known for its creativity in producing complex and detailed images based on specific prompts.
|
|
Synthesia
|
Video Generation
|
AI-based video generation made for learning management systems and business communications.
|
|
AlphaFold (Google DeepMind)
|
Protein Structure Prediction
|
Used for predicting protein structures with remarkable accuracy, representing a significant advancement in biological research and drug discovery.
|
|
Generative Adversarial Networks (GANs)
|
Competitive neural networks, synthetic data generation
|
Used in various applications when real data is limited. Cybersecurity solutions and predictive business applications are among those that benefit from GAN training.
|
GenAI differs from other forms of artificial intelligence (AI) because it learns relationships, patterns, and other characteristics within a dataset. These datasets vary based on the technology and application. In the case of LLMs, the datasets contain massive amounts of human-generated content taken from books, articles, web pages, and other text formats. Billions of parameters are applied to these datasets during the learning process. These parameters control how the models learn from the data and what types of responses the models can provide. Ideally LLMs will produce new and original content upon request, but the response will be based on the parameters used in the training. Compare ChatGPT and Claude for an example on how parameters influence the output of the LLM.
LLMs are a core subset of GenAI, which in turn is one subset of artificial intelligence:
- Machine Learning (ML) enables machines to learn from data to improve their performance over time. It includes subfields such as neural networks, deep learning, and reinforcement learning.
- Deep Learning is a form of ML that uses neural networks to analyze complex data and identify patterns in ways that are beyond human capabilities.
- Natural Language Processing (NLP) capabilities allow machines to understand and generate human language. This is only language, not spoken words.
- Speech Recognition technologies enable computers to recognize and translate spoken language into text. This is a separate set of technologies from NLP.
- Generative AI creates content that is based on what it has previously learned. Applications like ChatGPT and Microsoft Co-pilot are GenAI technologies.
More subsets of GenAI and artificial intelligence will be created as use-cases continue to grow. AI technologies are maturing and companies across all sectors are embracing AI solutions and creating their own purpose-built applications. GenAI and ML will be significant drivers in this growth.
How is GenAI used in business?
| Sector | Use of generative AI |
|---|---|
|
Finance
|
Predictive analytics for market trends and credit risk assessment
Fraud detection and sophisticated risk simulations Portfolio optimization and generating financial reports |
|
Retail and eCommerce
|
Personalized product recommendations
Inventory management optimization Enhancing customer engagement through tailored marketing strategies |
|
Manufacturing
|
Predictive maintenance and product design
Supply chain optimization and defect detection Energy consumption optimization |
|
Education
|
Personalized learning experiences adapting to student needs
Regulation of GAI use in schools to protect data privacy |
How is GenAI used in critical infrastructure?
| Sector | Generative AI Applications |
|---|---|
|
Energy (Electricity, Gas, Oil)
|
Optimizing energy distribution, forecasting demand, predictive maintenance
|
|
Water and Wastewater
|
Enhancing water quality analysis, predictive maintenance for treatment plants, optimizing distribution
|
|
Transportation (Road, Rail, Air, Maritime)
|
Traffic optimization, predictive maintenance, accident risk analysis
|
|
Healthcare and Public Health
|
Disease outbreak prediction, resource allocation optimization, patient treatment personalization
|
|
Emergency Services
|
Emergency situation prediction and management, resource optimization
|
|
Food and Agriculture
|
Crop yield prediction, resource management, pest and disease control
|
|
Chemical Sector
|
Process monitoring, equipment failure prediction, safety compliance assurance
|
|
Nuclear Reactors, Materials, and Waste
|
Maintenance scheduling, radiation level monitoring, safety protocol improvement
|
|
Dams
|
Structural integrity analysis, flood risk prediction, maintenance planning
|
What are the cybersecurity risks of using GenAI?
Proper use of GenAI can improve business efficiencies, customer service, and even quality of life through healthcare and health-related applications. Many will argue that the benefits of GenAI outweigh the risks, but those risks should be considered and mitigated as much as possible.
The cybersecurity risks associated with using Generative AI (GenAI) are multifaceted and stem from both the inherent characteristics of the technology and the ways in which it is deployed and utilized. These risks can broadly be categorized into several key areas:
- Privacy and data protection: GenAI systems require access to vast amounts of data that most users cannot control. Some of this data may include sensitive or personal information that might be publicly shared in response to a request.
- Input and output: Threat actors have used the request/prompt process of GenAI LLMs to inject malicious data or exploit vulnerabilities in the system. This can cause a data breach if the system is purpose-built for a controlled use, like healthcare or finance. GenAI can also respond to requests with outputs that are inappropriate and harmful. These outputs can be influenced by training, parameters, and malicious action by threat actors. Most users will not know what caused the output.
- Compliance and legal risks: GenAI can complicate compliance with data protection and privacy regulations. For example, the European Union's General Data Protection Regulation (GDPR) imposes strict requirements on the processing of personal data, and GenAI's data handling practices could potentially conflict with these regulations.
- Automated Social Engineering attacks: GenAI is designed to imitate human communication styles, making it a perfect tool for sophisticated phishing and social engineering campaigns. Malicious actors could leverage GenAI to automate the creation of highly convincing phishing emails or messages, making it harder for individuals to distinguish between legitimate and fraudulent communications. Several LLMs have already been stolen and repurposed for malicious use:
- FraudGPT: A subscription based malicious GenAI tool that creates content for cyberattacks like phishing and impersonation. operates similarly to OpenAI's ChatGPT but lacks the built-in controls and limitations that prevent misuse.
- WormGPT: An open-source system that is designed to help criminals write malware and malicious code, create phishing content, and find system vulnerabilities.
- PoisonGPT: This tool spreads misinformation online by inserting false details into political and historical narratives, creating fake news, and manipulating public opinion.
- XXXGPT: This application was developed to help criminals deploy botnets, malware, keyloggers, infostealers, remote access trojans, and cryptostealers.
Generative AI also creates new risks when it is deployed with an application programming interface (API). APIs enable the integration of separate technologies and are required components in many of the use-cases described above. APIs can create significant risk across the organization. These must be managed and secured like any other component in the digital infrastructure.
Learn more about GenAI
Further reading
- A CISO’s guide to the role of AI in cybersecurity
- AI and cybersecurity: The good, the bad, and the unknown
- How artificial intelligence is changing the threat landscape
- The evolution of artificial inlligence
- Artificial Intelligence and Machine Learning
- API discovery is key to securing your applications
