@Weiyee In Thanks for letting me know... not sure if @Wendy Batten can do something with that.
Thank you for your insightful comment. You make an excellent point, particularly in highlighting the limitations of traditional cyber threat detection methods in the face of advanced polymorphic malware generation and dynamic phishing techniques. As you rightly pointed out, many heuristic and annealing systems, although promising, are still in their nascent stages and may not fully meet the demands of this new landscape.
This situation opens up a valuable discussion on the integration of advanced artificial intelligence and machine learning in cybersecurity.
It's a reminder that in the field of cybersecurity, we must always be learning, adapting, and staying ahead of the curve.
------------------------------
Jose Arias
Mainframe Security Specialist
Mainframe Blog in Spanish:
https://mainframeseguro.blogspot.com/------------------------------
Original Message:
Sent: Wed November 15, 2023 07:56 AM
From: Weiyee In
Subject: Who is better at phishing - humans or AI
Jose (your name or user name does not come up in the directory) but you make a great point though - especially because some of the attacks that come up are not really easily dealt with by "security awareness" and just "staying informed" because just keeping the tools up to date against genAI that can generate polymorphic malware that can change its appearance away from fixed code patterns through genAI is difficult for signature-based detection. Moreover phishing that can dynamically alter its own attack patterns to bypass detection tools make traditional static detection sort of obsolete, and many of the "heuristic" and "annealing" systems I have seen in demos are just not there yet.
------------------------------
Weiyee In
Original Message:
Sent: Tue November 14, 2023 05:40 AM
From: Jose Arias, CISSP, ITIL
Subject: Who is better at phishing - humans or AI
Thanks @Wendy Batten
A critical takeaway from the article is the alarming rate at which AI is empowering phishing attacks. AI's ability to analyze vast amounts of data and mimic human behavior has led to more personalized and convincing phishing attempts. This evolution necessitates a shift in how cybersecurity is approached, with an emphasis on advanced detection systems and increased awareness training for users.
This piece really underscores a kind of cat-and-mouse game in cybersecurity. It's like as soon as we get wise to their tricks, hackers find a new way to up the ante, especially with AI in their toolkit. It makes you think – maybe the real key in staying ahead isn't just in the tech we use but in understanding the human factor behind these attacks. Keeping people informed and alert might just be our best defense against these increasingly clever phishing scams.
------------------------------
Jose Arias
Original Message:
Sent: Tue October 24, 2023 02:21 PM
From: Wendy Batten
Subject: Who is better at phishing - humans or AI
IBM Chief People Hacker, Stephanie Carruthers, launched a phishing test at a global health provider to answer this question and explore the potential impact of #AI on social engineering attacks today and tomorrow.
Find out the final results in her blog here.
------------------------------
Wendy Batten
Community Manager
IBM Security
wjbatten@us.ibm.com
------------------------------