top of page
Search

AI – It CAN’T Solve All Your Problems

  • Writer: Nick Oles
    Nick Oles
  • Mar 3
  • 2 min read

Updated: Mar 5

Not a day goes by that I don’t hear a tool, threat, or story involving some capacity of artificial intelligence (AI). Unless you live off grid or #vanlife, this is likely the case for you as well.


While some people will tell you that AI will be our savior and that we should fully adopt it into every tool and process available, the reality is that for most of us, AI won't live up to the hype. No one is really automating everything with AI, and if they are, its not likely to go well. You shouldn't feel left out.


But what AI can absolutely do is impact our ability to identify and manage risk within an organization. We’ve seen attackers rapidly use AI to improve the quality of phishing attacks at an alarming rate. Al is allowing individuals (criminals) to craft social engineering emails in any language in a matter of minutes, where before this took more significantly more time, effort, and skill.

 

So we have to ask ourselves...

  • Do we (and our employees/coworkers) understand the impact of AI on phishing attacks?

  • Can we identify AI written emails?

  • Are we trained on this and other emerging threats?

 

If somehow social engineering and phishing isn’t a major attack vector for your organization (hint: they almost certainly are), there are still other things to consider when it comes to artificial intelligence. While AI can help improve efficiency for manipulating large data sets, access disparate resources, or aide in your decision-making processes, many organizations lack clear policy around how and when AI can be leveraged, or training to aide in the proper use of AI at your organization. Ignoring this could expose you to additional risk previously unaccounted for; we've seen it far to many times already.


So what do you do? Well, a good place to start is creating and communicating your stance on AI usage, preferably within a policy or procedure document. Need help with that? Well we've created a standalone policy template that can get you started, and you can have it for free - just e-mail info@entoosecurity.com.

 


Looking for a hand with your company's cybersecurity?

Entoo's security advisory service provides access to an experienced and certified team of vCISOs and security experts that work directly with you to build and mature your security program.  See what a vCISO can do to help you adopt AI safely, clean up your policies, or avoid ending up in a van down by the river. #vanlife                                                                                                                                                                                                                                           

 

bottom of page