AI, ChatGPT &

Cybersecurity
A Match Made in Heaven or a Hack Waiting
to Happen?

James R. McQuiggan, CISSP

Security Awareness Advocate
 • Security Awareness Advocate, KnowBe4 Inc.

• Producer, Security Masterminds Podcast

• Professor, Valencia College

• President, (ISC)2 Central Florida Chapter

• Board of Trustees, Center for Cyber Safety & Education

• Former Cyber Security Awareness Lead, Siemens Energy

• Product Security Officer, Siemens Gamesa

James R. McQuiggan, CISSP

Security Awareness Advocate

3
 About KnowBe4
• World’s largest integrated Security
Awareness Training & Simulated Phishing
platform
• We help tens of thousands of
organizations manage the ongoing
problem of social engineering
• CEO & employees are industry veterans
in IT Security
• Global Sales, Courseware Development,
Customer Success, and Technical
Support teams worldwide
• Offices in the USA, UK, Netherlands,
Germany, South Africa, United Arab
Emirates, Singapore, Japan, Australia,
India and Brazil
 Our mission
To help organizations manage the
ongoing problem of social engineering

We do this by
Enabling employees to make smarter
security decisions everyday
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

5
6
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

7
AI Is No Longer Science Fiction

8
 “What we want is a machine that can learn
from experience, and that the possibility of
letting the machine alter its own instructions
provides the mechanism for this.”
- Alan Turing, 1947

9
 AI Over
the
Years

Source: https://sitn.hms.harvard.edu/flash/2017/history-artificial-intelligence/

10
I was created by OpenAI, a leading AI research organization. I am a
machine learning model that has been trained on a large corpus of
text data to generate human-like responses to text inputs. The
training process involved using advanced deep learning algorithms,
such as transformer networks, to analyze the patterns and
relationships within the text data and generate a model that can
generate new text based on that analysis.

Once the model was trained, it was fine-tuned to perform specific

tasks, such as answering questions or generating text, by being
exposed to additional training data and fine-tuning parameters. This
process allowed the model to become specialized in a particular area,
such as providing answers to questions about a specific topic, like
cybersecurity.

I am designed to respond to text inputs in real-time, providing

answers that are relevant and accurate to the best of my abilities
based on my training data and algorithms.

-ChatGPT
What is ChatGPT?
• "Chat Generative Pretrained Transformer”
• A conversational AI model developed by OpenAI
• Generates human like responses, providing the ability to participate in
“conversations”
• Trained on large “corpus” datasets of text up until 2021

Hardware Training Time

Supercomputer w/ 10,000 120 people with Chief 18 months for data collection
GPUs, 285,000 CPU Cores Scientists, analysts and 12 months for training
programmers (~$200m)
12
Transformer Architecture?

• What is a transformer network architecture?

• Concept from 2017 paper "Attention is All You Need”

• What does ChatGPT say about this 2017 Paper?

Before this paper, most AI systems that dealt with text used complicated systems to process the text a little bit at a time.
However, this had some problems when dealing with long pieces of text.

The authors of this paper came up with a new type of AI system called the Transformer that uses a different approach to
understand text. Instead of processing the text bit by bit, the Transformer looks at all the words in the text at the same
time and decides which words are important for understanding the overall meaning. This new approach works much
better for long pieces of text and has since become a standard way to build AI systems that deal with text.

13
 As part of the research, I was
curious who was smarter?

14
HAL from 2001: A Space Odyssey is a fictional AI character in
the movie, and is portrayed as having advanced artificial
intelligence capabilities, including speech recognition and
natural language processing, as well as the ability to control
and monitor the spacecraft it is installed on.

KITT from Knight Rider is a fictional AI character in the TV show

and is depicted as an advanced car with an AI system capable
of advanced problem solving, speech recognition, and
autonomous driving.

ChatGPT is a language model developed by OpenAI and is

capable of generating human-like text based on patterns and
relationships in the data it was trained on. Its strengths lie in its
ability to generate coherent and contextually relevant
responses to text inputs, but it is limited by the scope of its
training data and algorithms.
 It's difficult to compare ChatGPT and IBM's Watson as they are designed for
different purposes and have different capabilities.

ChatGPT is a language generation model developed by OpenAI that can perform

a variety of language-related tasks, including question answering, summarization,
and conversation. It's trained on a large corpus of text and uses deep learning
techniques to generate text that is coherent and relevant to the input.

IBM's Watson, on the other hand, is an AI platform that offers a variety of AI

services, including natural language processing, machine learning, and computer
vision. Watson is designed to be a comprehensive AI solution for businesses, and
it can be customized and trained for specific applications.

In terms of raw computational power, Watson has access to more resources and
hardware than ChatGPT. However, it depends on the specific task and how the
models are fine-tuned for that task. In some language-related tasks, ChatGPT may
perform better than Watson, while in other tasks, Watson may perform better.

In conclusion, it's not a matter of one being more powerful than the other, but
rather a matter of their different capabilities and strengths.
16
Other AI Tools

• DALL-E 2 – image creation based on text

• GPT-3 – application development
• Compose AI – browser plugin email writer
• Capsho – Podcast marketing content
material
• Descript – OverDubing (takes your voice
and repeats the words)
• InPainting – removes objects from video

17
 ChatGPT Has the Knowledge to Pass
Doctor’s Boards

18
Education
• People will find a way
• VPNs
• Personal Devices
• Remember Calculators?
• Embrace the Technology
• Go back to writing papers?
 DATASETS

20
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

21
AI - Exponential Accelerating Technology

• Any technology that doubles in power

while dropping in price regularly
• Moore’s Law
• Tech doubles every 18 months
• Law of Accelerating Returns
• Technology increasing to help increase
technology
• Overlaps & Convergence
• Multiple technologies combine their
powers
Converging Technologies

• Biotech
• Big Data
• IoT
• Quantum
• Robotics
• Smart Sensors
• VR, AR, XR

23
Key Benefits of Using AI
Automation of Repetitive Tasks
• Moving files, emails,calendars, office apps

AI powered ChatBots
• Customer Service, Level 1 tech

Predictive Maintenance
• Check Engine light, notify shop

Fraud Detection
• Learning habits and detects issues

24
Key Benefits for AI – In Cybersecurity

Threat Detection

Malware Detection

Password Cracking

Network Security
25 25
Why doesn’t
Superman fight
cybercrime?

He’s afraid of
Krypto-currency
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

27
 Artificial Intelligence
Acceptable risk with less human interaction
AI Threats For Our Organizations

Fraud and
scams Cyberattacks
Phishing, APTs, DDoS
Impersonation

Data breaches
Exploiting
Vulnerabilities
Faster
29
AI Threats for Our Organizations

Manipulation & Autonomous

disinformation weapons
Unknowingly Spread Development
Misinformation Capabilities

Biased decision
making
Mistraining,
Misinformation

30
Biases – ChatGPT Response
• One area where ChatGPT could improve is
in terms of bias and fairness.
• AI models can be influenced by the biases
present in the training data they were
trained on, leading to biased or unfair
results.
• For example, ChatGPT might generate
biased or stereotypical responses if the
training data it was trained on contains
such biases.
• OpenAI is actively working on improving
the fairness and bias of its models, and this
is an ongoing area of research and
development in the AI community.
• By reducing bias and increasing fairness,
ChatGPT can become a more reliable and
trustworthy tool for a wider range of
applications.
31
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

33
Investing in AI

• “…invest in artificial intelligence

solutions to speed analysis and
response;”

-Kelly Bissell, SiberX CISO Forum

Canada 2023

34
Strategies

Implement strong security measures

Regularly audit and test AI systems

Transparency and Accountability

Develop and enforce ethical AI policies

Foster a culture of cybersecurity

Stay informed about AI advancements

35 35
 • Impact on Society
• Key Benefits & Uses
Agenda • Threats
• Strategies
• Defenses

37
Effective Technology Communication
Open and clear communication channel around new
technologies, processes and value proposition.
Red Teaming Mindset: It’s about getting people to spot malicious threats
on their own with new tech and have a second nature red teaming mind.
 Cultural Immunity Through Education
Security culture serves as a form of immunity during rapid change.
Culture Growth
Rewards
• Avoid the tech jargon, keep it
simple
• Make it relatable for everyone
Home &
from the mail room to board Life Relatable
room Security
Culture
• Use the carrot, not the stick
• Frequent Security awareness
campaigns
• Incorporate the lessons with Frequency Everyone
work and personal life
How Do You Manage the Ongoing Problem of Social Engineering?
Baseline Testing
We provide baseline testing to assess the Phish-prone™
Percentage of your users through a free simulated phishing attack.

Train Your Users

The world's largest library of security awareness training content;
including interactive modules, videos, games, posters and
newsletters. Automated training campaigns with scheduled
reminder emails.

Phish Your Users

Best-in-class, fully automated simulated phishing attacks,
thousands of templates with unlimited usage, and community
phishing templates.

See the Results

Enterprise-strength reporting, showing stats and graphs for both
security awareness training and phishing, ready for management.
Show the great ROI!

42
10
 KnowBe4
Security Awareness
Training Works
Effectively managing this problem requires
ongoing due diligence, but it can be done and it
isn’t difficult. We’re here to help.

Source: 2022 KnowBe4 Phishing by Industry Benchmarking Report

Note: The initial Phish-prone Percentage is calculated on the basis of all users
evaluated. These users had not received any training with the KnowBe4 console prior
to the evaluation. Subsequent time periods reflect Phish-prone Percentages for the
subset of users who received training with the KnowBe4 console.

16
Most Secure Emma Faye
Woman?

Multifactor
MFA Authentication
44
Wrap-up
Looking Ahead

• New Jobs - While some human jobs

will be replaced by robots / AI, new jobs
will rise to take their place

• Work / Life Balance – AI increases

productivity among the machines
allowing people to have more leisure
time or to themselves

• Regulations - Governments need laws

to adapt to the growing AI uses

46
A Better Edge?

47
What’s Next?

Today

2030

2040

2045

48 48
https://futurism.com/images/the-dawn-of-the-singularity
What’s Next For Artificial Intelligence?
The field of Artificial Intelligence is rapidly evolving and there are many exciting developments on the
horizon. Some of the areas where AI is expected to have a significant impact in the near future include:

• Natural Language Processing (NLP): There is growing interest in developing AI systems that can
understand and generate human-like text, including speech and written language. This will open up new
possibilities for conversational AI and virtual assistants.
• Computer Vision: AI is expected to continue making rapid advancements in the area of computer vision,
enabling machines to better understand and interpret visual data, such as images and videos.
• Autonomous Systems: AI will play an increasingly important role in the development of autonomous
systems, including self-driving cars, drones, and robots.
• Healthcare: AI is being used to analyze vast amounts of medical data and develop new treatments and
therapies, as well as to improve diagnostics and patient care.
• Financial Services: AI is being used to analyze financial data, detect fraud, and make more informed
investment decisions, among other applications.
• Climate Change: AI is being used to analyze and understand complex climate data and develop new
strategies to mitigate the effects of climate change.

These are just a few of the many exciting developments in the field of AI, and it is likely that new applications
and breakthroughs will continue to emerge in the coming years.

49
 securitymasterminds.buzzsprout.com

The podcast that brings you the very best in all things, cybersecurity, taking
an in-depth look at the most pressing issues and trends across the industry.
I Asked ChatGPT For Some Cyber Dad Jokes

51
52
 Thank you
for your attention
Questions? For more information visit
blog.knowbe4.com

Know more about KnowBe4.

Contact: Rob Henley
(727) 304-3727
roberth@knowbe4.com
 YouTube: James McQuiggan and Dad Jokes
https://www.youtube.com/@JamesMcQuigganCISSP
Sources
• CSA & ChatGPT:
https://www.linkedin.com/feed/update/urn:li:activity:7024144426948067328/?utm_source=share&utm_
medium=member_ios
• FUD:
https://www.linkedin.com/feed/update/urn:li:activity:7024434009841565696/?utm_source=share&utm_
medium=member_ios
• https://www.helpnetsecurity.com/2023/01/26/chatgpt-cybersecurity-threat/
• https://www.darkreading.com/vulnerabilities-threats/chatgpt-opens-new-opportunities-for-
cybercriminals-5-ways-for-organizations-to-get-ready
• https://www.linkedin.com/pulse/chatgpt-revolutionary-ai-language-model-integrating-microsoft-
ryan/?trackingId=OfolxxRCR3ueu39kIrtAyA%3D%3D
• https://cyberguardnews.com/exploring-the-role-of-artificial-intelligence-in-cybersecurity/
• https://www.wsj.com/articles/is-it-human-or-ai-new-tools-help-you-spot-the-bots-
11673356404?reflink=integratedwebview_share
• https://www.iflscience.com/chatgpt-can-pass-part-of-the-united-states-medical-licensing-exam-67233
• https://lifearchitect.ai/kurzweil/
• https://www.itworldcanada.com/article/cyber-attacks-work-because-cisos-dont-do-basic-security-
microsoft/524809
• https://medium.com/a-writers-life/i-asked-chatgpt-to-write-fiction-and-it-turned-into-a-moral-showdown-
b9092993337b