Overview:
In episode nine of the State of Enterprise IT Security podcast, host Brad Bussie, Chief Information Security Officer at E360, covers the utilization of open AI systems by hackers from nations like China and Russia for cyberattacks, the introduction of Pindrop's real-time audio deep fake detection tool named Pindrop Pulse, and the potential implications of the Biden administration's new executive order on AI for cybersecurity.
The episode highlights how these hackers are using AI in mundane ways to augment their productivity, such as drafting emails and debugging code. He also discusses the steps taken by companies like OpenAI and Microsoft to revoke access and track the misuse of AI technologies. The episode further explores the capabilities of Pindrop Pulse in identifying synthetic audio, aiding in the fight against phone-based fraud, especially with the upcoming election season. Lastly, Bussie unpacks the Biden administration's executive order on AI, emphasizing its focus on developing AI tools, protecting critical infrastructure, and setting guidelines for AI usage across various sectors, despite the challenges in enforceability and the need for legal framework updates.
Listen to the Episode:
Watch the Episode:
Key Topics Covered:
1. Hackers' Use of AI: Hackers from various countries are exploiting open AI systems for cyberattacks, using them for tasks like email drafting and document translation to increase productivity.
2. Pindrop Pulse: A new tool that can detect audio deep fakes in real-time, helping to combat phone-based fraud and potentially aiding political campaigns and call centers in ensuring communication security.
3. Biden Administration's Executive Order on AI: Outlines initiatives for AI development, critical infrastructure protection, and the establishment of guidelines for AI usage, with enforceability dependent on agency action and legal framework updates.
Links Referenced:
- NY Times: Hackers for China, Russia and Others Used OpenAI Systems, Report Says
- Voicebot: Pindrop Launches Real-Time Audio Deepfake Detection Tool Pindrop Pulse
- Wyoming News: What the Biden administration's new executive order on AI will mean for cybersecurity
Read the Transcript:
00:00 All right, hey everybody, I'm Brad Bussie, Chief Information Security Officer here at E360. Thank you for joining me for the State of Enterprise IT Security Edition. This is the show that makes IT security approachable and actionable for technology leaders. I'm happy to bring you three topics this week. First, hackers from China, Russia, and other countries are using open AI systems.
00:49 Second, following up on our deep fake topic from last episode, Pindrop launches a real-time audio deep fake detection tool, which they call Pindrop Pulse. And third, what will the Biden administration's new executive order on AI mean for cybersecurity? So with that, let's get started.
01:43 So first topic today, hackers from China, Russia, and other countries, they are using open AI systems. And honestly, they're using other gen AI systems as well. But the research right now is showing that hackers that are either working for nation states or nation states themselves, they've used open AI systems in the creation of cyber attacks. And this research comes from OpenAI and Microsoft. But instead of using AI to generate these exotic attacks that we were all worried about, the hackers, they've used it in pretty mundane ways.
03:15 Now the companies didn't say which of the open AI technology and tools were being used. And what I like to see is that when they noticed this, they being open AI, they revoked access and they shut down the ability to use the platform for these hacker groups and nation states.
04:52 Second topic today, following up on last episode, we talked a little bit about deep fakes and there's a company pin drop. They launched a real-time audio deep fake detection tool, which they're calling pin drop pulse. So they unveiled this solution and what they actually did, I found pretty interesting is they, they proved that the voice cloning tech that was used to simulate president Biden's voice and mislead New Hampshire residents, uh, they were able to pinpoint that it was simulated. They were able to pinpoint the technology that was used.
07:17 It's just like it's a rising attack surface. Fake audio crimes, I think we're gonna see more and more of that. So this kind of technology is pretty exciting. Because you heard me last time throw a little bit of shade on some of the social media and just social networks on not policing their own platform. So when I see technology like this, it makes me excited because that means that there is going to be hope.
09:40 You hear me talk about AI all the time. That's the time we live in. So third topic, what will the Biden administration's new executive order on AI mean for cybersecurity? So I found, you know, we all hear about this stuff. Some of us read it. Some of us listen to it. I'm a big fan of tell someone, then tell them what you told them and then tell them again.
12:03 Law enforcement has some mandates. So the attorney general, they're looking at best practices for law enforcement and their ability to leverage AI. There's a need for AI talent in government. So how are we going to bring up the next generation? And it's not like we're going to bring up the next generation of generative AI, so to speak. It's the people that can create prompts.
14:26 It really is going to depend on the current legal powers of the agency. This is, I would say that, that AI, securing AI, governing AI, it's, it's an ongoing development of standards and policies. NIST is still in the very early stages of their AI policy and their AI governance. It's good foundational knowledge, but that
17:17 So thank you for tuning in and I will talk to you next episode.
