This week, Seattle’s cloud giants, Microsoft and Amazon, focused on cybersecurity in different ways. Microsoft President Brad Smith testified before the U.S. House Homeland Security Committee on security challenges, while Amazon held its annual AWS re:Inforce cloud security conference in Philadelphia. Steve Schmidt, Amazon’s chief security officer, discussed how generative AI is impacting cybersecurity. Generative AI enables attackers to be more effective in areas such as crafting phishing emails, but it also benefits defenders by allowing security engineers to be more effective and focus on critical thinking tasks.
Generative AI can assist in tasks such as summarizing complex events in plain language, making it easier to convey technical information to non-technical stakeholders. Schmidt highlighted three key questions companies should consider when adopting generative AI securely, including understanding how data is handled throughout the workflow, what happens with user queries and associated data, and ensuring the accuracy of model outputs. The quality of outputs from these models is steadily improving, and security teams can use generative AI as a tool to address challenges based on the specific use case.
Schmidt’s experience at the FBI has shaped his approach to cybersecurity, focusing on understanding the motives of adversaries behind adverse actions. He draws parallels between motivations for espionage and hacking, emphasizing the importance of addressing factors such as money, ideology, coercion, and ego. Additionally, Schmidt’s volunteer work as an EMT and firefighter provides him with a tangible sense of impact and feedback that is often lacking in the virtual world of cybersecurity. Helping individuals in crisis situations allows him to see the real human impact of his actions, providing a sense of satisfaction and value.
Overall, generative AI is changing the security landscape by enabling both attackers and defenders to be more effective in different ways. Companies adopting generative AI must consider the security implications of data handling, user queries, and model outputs to ensure secure implementation. Schmidt’s background at the FBI and volunteer work as an EMT and firefighter influence his approach to cybersecurity, emphasizing the importance of understanding adversaries’ motives and the tangible impact of his actions. Subscribe to the GeekWire Podcast for more insights on cybersecurity and technology trends.