I am seriously thinking of starting a blog series about how Generative AI is ruining the cybersecurity industry.
Trend Micro put out this largely GenAI written story about Google being breached, which was complete nonsense (Trend Micro's entire marketing has turned into GenAI bollocks - there's so many examples of this).
Google are still, two months later, trying to fight the misinformation. Started by our own industry.
I literally spend my days now doing this:
1) Sign in
2) Read a panic about something
3) Look into it. It's GenAI nonsense
4) Defuse
5) Another GenAI nonsense begins
There's now multiple major vendors just making up threats using GenAI. And mainstream publications are running the stories, as the vendors front them with 'experts'. Microsoft's own threat intel team appears to have disappeared into an AI marketing cupboard, too.
It's absolutely the perfect time to get into being a threat actor by the way, as Generative AI is the perfect opportunity - not because of the security threat it poses, but it's caused everybody to lose their fuken marbles and become cats looking at an AI laser pointer.
We've automated a way for orgs to avoid doing any actual foundation security work, and also monetised it. We've gone from 'buy my magic box' to 'buy my magic box because AI CYBER WAR LOOK AT THE PEN WOOOOOOOOOOOOOOOOOO'
@GossiTheDog Google and the likes be like
"[β¦]Oh, here comes my master! Help me Lord, I plead!
Spirits I have conjured, no longer pay me heedβ¦" source by The Sorcererβs Apprentice, #Goethe π€£π€£π€£ #rofl #aisusinformation πππ
You're at least partially joking... but we've unintentionally been following the "Soviet" path (creating trained computer people w/o job prospects, who become backbone of the malware industry) for at least 10yrs
Step 1:
- create overabundance of highly trained professionals for an industry that can't support influx of new talent
Step 2:
- hollow out both industry & academia so that those highly trained people have no where to go
Step 3:
? ? ? ? ? ?
Step 4:
Profit!
A long time ago there was a german website called "DAU-Jones". Where DAU stands for "the most stupid user you can think of". Full of funny stories of dumbest user fails from IT support guys.
Maybe such a thing?
@GossiTheDog Meanwhile:
Ex-CISA head thinks AI might fix code so fast we won't need security teams
Ex-CISA head Jen Easterly claims AI could spell the end of the cybersecurity industry, as the sloppy software and vulnerabilities that criminals rely on will be tracked down faster than ever.
Speaking at AuditBoard's user conference in San Diego, Easterly said the threat landscape has never stopped evolving.
The proliferation of data, platforms, and devices meant "we've expanded the attack surface for cyber threat actors like China and Russia and Iran and North Korea and gangs of cybercriminals." Easterly said that if cybercrime was a country, it would be the third biggest in the world, just behind the US and China.
But ultimately, this is all the result of bad software, ridden with vulnerabilities.
Kevin Beaumont
π¦βπ₯nemoβ’π¦ββ¬ πΊπ¦π
For I am CJ 
Oliver Vanderb
Kuddel
Kevin Cheek
WowSuchCyber
Bee O'Problem 
Kluthulhu' XOR 1=1--
zenkat
RRB
Doughnut Lollipop γθ¨ι²δΏγ
joany
Phil