AI for Cybersecurity

Artificial Intelligence is all the buzz right now, and by the end of this article, I want to convince you that the true potential of AI is largely untapped by the masses. AI is big, but why? Sure, it's fun to generate poems about cybersecurity using OpenAI:

Cyber Sentinel
In shadows deep, the hackers creep,
Through firewalls strong, our secrets keep.
Phishing lurks with hidden lies,
But training makes the mind more wise.
Zero-days and ransom schemes,
Yet vigilance protects our dreams.
Update, encrypt, stay aware—
Cyber warriors, always there.

Or maybe you are interested in writing a song about cybersecurity:

🔐 Cybersecurity Anthem 🎶
(To the tune of a catchy pop beat!)
[Verse 1]
Hackers creeping late at night,
Phishing emails left and right,
Click that link? Don't take the bait,
Stay secure—don't seal your fate!
[Chorus]
🔒 Lock it down, stay aware,
Strong passwords, show you care!
Patch it up, don’t delay,
Keep the threats all far away!
[Verse 2]
Zero-days and ransom schemes,
Stealing data, killing dreams,
But with updates, firewalls tight,
We will win this cyber fight!
[Chorus]
🔒 Lock it down, stay aware,
Strong passwords, show you care!
Patch it up, don’t delay,
Keep the threats all far away!
[Outro]
Click with caution, think it through,
Cyber safe—it starts with you! 🚀🎵

Some of the many examples I have seen people sharing from AI include but are not limited to creating shopping lists, drafting meal plans, defining workout routines, explaining complex concepts, refining business strategies, generating code, suggesting new ways to solve problems, generating riddles, creating jokes, creating new images and videos, creating audio, and so much more. This list of what AI can assist with is so long that I couldn't easily encapsulate all of the use-cases in a single blog post, and the capabilities and reach of AI are only growing.

AI Tools worth investigating

Like the above, there are far too many tools out there to put together a comprehensive list of all the tools available in the market, so below, I will capture a few and their use cases for you to dive into further.

Open AI (ChatGPT, DALL-E, Sora, and more)

Starting at the top of the list is one of the tools I use most frequently, and that is OpenAI's ChatGPT. I used ChatGPT to create the above song and poem examples, and I have used it for many of the examples shared in the previous list of capabilities. From workout plans to meal ideas to support crafting some blog entries. What I have found is that the only limit to ChatGPT is my imagination. I have been in CTFs where we used ChatGPT to help guide our actions through some challenges. I have had it help write code for some data analytics work, and I've even used it to help me translate from English to Spanish with great success.

DALL-E is ChatGPT's image-generation technology that you have to be a paid subscriber to take advantage of. I have used this to create an emblem for my Discord server, and I've even had it create an avatar that I use on many different online platforms as a cool way to stand out from others. DALL-E is another amazingly innovative use of AI that can quickly transform your next presentation from a series of bullet points into an image-rich and engaging conversation.

Sora is OpenAI's newest tool as part of their platform, which is built to create short videos based on the prompts that you provide. I have found less use for this tool as of today, but as I stated earlier, the only limitation is my imagination...

OpenAI's subscription model also has a marketplace where you can search for different GPTs that may fit your unique use case. This is where I will start specifying a couple of the example GPTs that will help with your cybersecurity needs.

An important note before we dive into some tool recommendations: Many, if not all, of these tools are internet-based, which means there are risks if you copy-paste code or errors from your work computers into the tools. Be sure to check your internal data-handling policies before sharing data with third parties like the ones below.

DFIR (Digital Forensics and Incident Response)

This is a community-built chat agent that is built to help with Digital Forensics and Incident Response tasks. If you have a cybersecurity incident and you're not sure what steps you should take, this GPT is for you. It can also help with forensics steps and paradigms that the basic ChatGPT may miss. So far, my experience with this specific GPT is limited, but initial testing has revealed some promising results. I think this tool would be great to help you think through the steps needed when engaging in Digital Forensics and Incident Response activities.

NIST Cyber Security Framework Assistant

This is another community-created chat agent to help navigate the complexities of implementing NIST CSF. Like the DIFR GPT, this would be great to use when attempting to define a strategy to adopt NIST CSF inside your business. ChatGPT by itself could likely provide some guidance, but the benefit of this GPT is that it has been trained specifically on the NIST CSF and will likely have more detail and specifics than the base model.

Anthropic (Claude AI)

Claude is a newer AI chat offering in the market, but it has already made some waves because the interface allows you to select the type of output you may be interested in receiving from the tool. You can specify the style that you would like the output to be in: Normal, Concise, Explanatory, or Formal. You can even create and edit the output styles available to ensure Claude fits your needs.

And many more...

Creating an exhaustive list of AI capabilities is much like creating an exhaustive list of the use cases. There are so many different AI platforms available online that, if I were to create a full list of all the platforms available at noon, by 3pm there would be more that didn't make the list. So I recommend exploring them all and finding a few that work for you.

Some notes and warnings

What sort of security article would this be if it didn't have a section on some warnings and things to be aware of?

Hallucinations....

AI is an amazing capability that is changing the world around us, and it is up to us to keep up. But something to be painfully aware of is this: AI is NOT always right.... AI can do something called hallucinate, and that is when an AI system confidently provides information that is inaccurate and sometimes blatantly incorrect. I offer this warning as I have seen it first-hand and have had many conversations at length to try to show AI the error in its ways, but it consistently came up short in my example. Be sure to check AI's work every time before using it. I don't know if we will ever see a perfectly correct AI system, but just like we should do with all the information that we take in from any source (news, blog posts, Wikipedia, etc.), be sure to check and double-check the "facts" that the system may generate. Otherwise, you may end up spreading misinformation of your own or hurting your credibility.

Malicious AI....

There have been a few articles posted already about how DeepSeek's online platform shares your data (queries, conclusions, and conversations) with TikTok owner ByteDance, which in turn means that the Chinese government has access to this data. There have also been experiments performed where people have intentionally trained their AI models to add unexpected and malicious code into the code that the AI outputs. Remain vigilant!

Learn More About Cybersecurity

Want to learn more about cybersecurity? We can help! Our team is ready to help guide you through your questions and improve your security posture. Contact us today for a free consultation. Let’s work together to secure your digital environment.