Work With AI Securely

AIs are currently THE #1 topic globally and an excellent technology, if used securely. We explain how.

The emergence of Artificial Intelligence, and in particular Large Language Models (LLMs) such as ChatGPT, has taken over the Internet and the world of work in the blink of an eye. Companies around the world are facing the challenge of how to make sense of these new technologies and not fall behind. It is therefore important not only to understand the areas of application for the new AI, but also to be aware of how it works and how to mitigate its security risks.

Can systems like ChatGPT really think? Are the answers always correct? And where does the knowledge actually come from?

In this know-how article, we take a deeper look at these questions and tell you what really matters when it comes to secure use of ChatGPT and the like.

How does artificial intelligence work?

AI systems like ChatGPT can be roughly described as "sentence completers." They are fed a variety of data, including web pages, books, online forums, and social media. This data is analyzed and broken down into individual fragments, such as words or even chunks of words. Using all this input data, the computer system creates statistical patterns and calculates the probability of which word should follow next.

A question such as "What color is snow?" is therefore not a real question for an AI system, to which it has a fixed answer. Rather, the system recognizes the beginning of a sentence and completes it based on statistical patterns and probabilities. For example, the most likely next word for the sentence "What color is snow?" would be "snow," followed by "is" and "white."

User AI (Artificial Intelligence) securely

To us, that may look like an answer. But to the AI, it's just the most likely completion of the sentence based on the data it's been fed.

The AI is continually being trained as well. If users provide feedback that the answer is not perfect, for example because snow can be other colors (such as slushy gray), the probabilities for the next word change and the sentence may be completed to "snow is usually white." In this way, the AI "learns".

So What Does This Mean for Information in Everyday Work?

Artificial intelligence will positively impact our everyday work, especially when it comes down to finding answers to standardized questions. However, we should never blindly trust the answers. After all, ChatGPT and the like can only output the probabilities for the next words. For example, if the topic "color of snow" was not previously included in the database and someone feeds the input "snow is blue" several times, the AI would complete the sentence just as naturally reuslting in the answer "Snow is blue". After all, this word combination would have the highest probability. So an AI works well for queries that have already been in the database countless times, but not necessarily for new of niche topics.

Please remember: an AI processes every interaction and every newly added word and integrates it into its following calculations and uses the input to expand its database. This is how machine learning works. Therefore, we should never feed public AI systems with sensitive information such as confidential documents, special software snippets, personal or customer data etc. All the dara you enter will be processed and might integrated into future outputs. This could leak confidential information or personal data to the public. Therefore, please use AI systems with caution.

How To Use AIs Securely

Threat Threat Example
Phishing & social engineering attacks Criminals can use AIs to fake motivation letters, emails or manipulated phone calls.
Information leaks Employees can feed AIs with personal or other sensitive data and thereby unconsciously publish confidential information.
Infection with malware

Criminals distribute free fake AI apps that steal sensitive data when installed.

Beware of Fake Plug-Ins and Apps - No Software from the Internet!

Artificial intelligence naturally not only offers diverse opportunities and advantages for companies, but also for Criminals who are taking advantage of the hype surrounding AIs.

  • For weeks, there was a fake ChatGPT plug-in in the Google Webstore that stole Facebook credentials. It was even displayed as an ad in search results via Google Ads and downloaded millions of times before it was removed.
  • Other criminals offered a ChatGPT desktop app for Windows on the Internet. Those who installed it installed malware that spied on credentials.
Graphic of Trojan Horse

This is precisely why the same principle applies in cyber security with regard to artificial intelligence: In most companies, you are not allowed to download software from the Internet on your own. In your private life, too, make sure that you only install software from reputable sources and read appropriate reviews beforehand.

Tips for Users: How To Use AI Systems Safely

Treat freely available AI systems like public cloud systems, i.e. comparable to social media. Any input from you can end up as output to someone else. Therefore:

  • Do not feed confidential information to ChatGPT or other AI systems.
  • Do not give personal data such as names, health data or images as examples, neither from you, nor from customers or other persons.
  • Don't upload process flows, network diagrams or code snippets from software. The next user may get your network plan as ChatGPT output.

Don't blindly trust the answers given out by the AI.

While these are often correct, they can also be

  • simply be wrong, even though they sound good,
  • outdated. ChatGPT has long worked with a database from 2021. For many other systems, the exact database is not even known at all.
  • biased because the input data was also biased. One example: An AI will very likely give you a middle-aged white man as the answer to the question "who is suitable as a manager in the company". Not because this type of person has the best qualifications, but by far the highest probability.

Tips for Security Professionals: Raise Awareness Among Your Employees

AIs will conquer the working world and are already in the midst of doing so.

That's why you should provide company-wide training on the topic of "using AI safely" and raise awareness of it:

  • Create guidelines for the use of AI systems. Employees need to know what they are and are not allowed to do in relation to AI.
  • Train and educate employees, through e-learning nuggets or intranet content. This is essential so that they not only understand how to use AIs, but also properly assess the associated risks and have best security practices to fall back on at all times.
  • Use the hype to communicate other security-related topics (e.g., protection of personal data) on this wave. Webinars on AI have zillions of times higher registration rates than webinars on data protection 😁.

In our protected demo area, you will find a cyber security training course on artificial intelligence designed by our security experts. This allows you to train your employees in the secure use of artificial intelligence.

Demo & Consulting? Prices? References?

Get a demo account and let us talk about your needs in a web meeting. We'll show you how to successfully strengthen your security awareness in your company with employee training.