AI raises ethical questions in cybersecurity acceleration

Rapid integration of AI in security practices challenges traditional methods.

In recent years, the integration of artificial intelligence (AI) into cybersecurity has drastically accelerated, transforming traditional security measures and raising significant ethical questions. 

Casey Ellis, Founder and CTO of Bugcrowd, said that AI's influence in cybersecurity has been notable, especially with the advent of technologies such as generative AI. 

"AI has really transformed a lot of things over the past 18 months," Ellis stated. The introduction of sophisticated AI tools into cybersecurity strategies is not just a technological upgrade but also a shift in how security operations are conducted at speed. 

According to Ellis, "The reality is that AI has been in play for much longer than that, but with chat GPT generative AI, kind of dumping itself into people's thinking, we’ve seen the speed of development and integration increase over time."

However, the rapid integration of AI technologies presents a unique challenge: maintaining high security standards. Ellis pointed out that "the challenge with security is that if you do something quickly, it's hard to do it well." 

Alongside the technological challenges are the ethical implications of using AI in cybersecurity. There is an increasing concern about AI's ability to be used maliciously, such as in disinformation campaigns or other deceptive practices. 

Ellis noted, "Ethical issues around AI itself, how effective it is going to be at being used to trick people, for example, in a disinformation context, that’s where a lot of the AI bias testing and that sort of work is happening."

Recognizing that adversaries will inevitably utilise AI, Ellis argues that it is ethically imperative for defenders to also leverage this technology. "We know that the bad guys are going to use these tools in ways that are available to them. So, it becomes our job ethically to figure out how to integrate AI into trying to outsmart the bad guys, because they're gonna do it," he explained.

Ellis also discussed the potential of crowdsourced security to enhance AI safety and mitigate biases. He believes that the diversity within crowdsourced platforms can play a crucial role in identifying and correcting biases inherent in AI models. 

"When you think about how AI models are trained, it's usually by generating data that's generated by a crowd. And bias is going to exist within that data because of the inherent bias of the people that are created," he said.