Building a Resilient World:
The ISAGCA Blog

Welcome to the official blog of the ISA Global Cybersecurity Alliance (ISAGCA).

This blog covers topics on automation cybersecurity such as risk assessment, compliance, educational resources, and how to leverage the ISA/IEC 62443 series of standards.

The material and information contained on this website is for general information purposes only. ISAGCA blog posts may be authored by ISA staff and guest authors from the cybersecurity community. Views and opinions expressed by a guest author are solely their own, and do not necessarily represent those of ISA. Posts made by guest authors have been subject to peer review.

All Posts

How ChatGPT is Impacting Cybersecurity

The COVID-19 pandemic expedited artificial intelligence (AI) innovations, driving the push to delegate work to computers and minimize interactivity. Now, humanity is facing the repercussions of this accelerated technological advancement. Chatbots like ChatGPT have revolutionized conversational robotics, stretching the capabilities of natural language processing (NLP) and machine learning (ML) to replicate human speech and craft novel content. However, cybersecurity analysts question how chatbot resources like ChatGPT will impact their industry. 

What is ChatGPT?

ChatGPT is a program that uses AI to mimic human dialogue, drawing from one of the largest bodies of data in the AI world. Most internet users are familiar with automated text-based customer support chatbots from their favorite companies. ChatGPT is one of the most advanced of these systems, understanding logical conversational pathways and knowing how to respond to unethical requests from human agents. 

What sets ChatGPT apart from other chatbots is how it generates responses. Virtual assistants like Alexa develop answers to voice-activated queries by gathering and reiterating search engine results—these assistants still operate using NLP and other AI technologies. ChatGPT ignores search engines and instead forms an original response by distilling relevant information from machine learning data. 

Many cybersecurity analysts wonder how this slight distinction could manipulate digital security. While analysts could use ChatGPT to help identify the source of cyber threats, hackers could also exploit its data. The ultimate impact of these chatbots could be positive or negative, benefitting analysts or hostile actors—it’s unknown which motivator will be more prevalent. 

What are ChatGPT’s Impacts on Cybersecurity?

Some companies will require chatbots and other AI as part of their risk management and assessment strategies as communication maximizing AI potential becomes more popular. AI provides a competitive advantage, demonstrating how a contractor’s bid embraces new technologies and works with them to deliver advanced services. This change in expectations may be one of the most prominent ways ChatGPT impacts cybersecurity. Now, analysts may feel pressure to find ways to implement it while navigating its inadequacies as it develops as a cybersecurity tool. 

For example, ChatGPT can write scripts for code or emails. This behavior is a red flag because there are workarounds for the chatbot’s ethical policies. A hacker couldn’t ask ChatGPT to write a phishing email with that phrasing, but they could ask it to write an email in the voice of someone with authority and include specific links that lead to malicious pages. Thanks to its conversational capabilities, ChatGPT could also execute ransomware attacks through automated text generation to discuss negotiations. 

On the other hand, the software’s defenders say users can deploy ChatGPT to strengthen remediation and education. ChatGPT could write defensive codes, move files to safer locations and encrypt them, or prompt employees to second-guess emails they open. The possibilities are seemingly endless, and, while ChatGPT is highly advanced, it’s still in the early development stages, with most of its capabilities still unknown. 

What Do Analysts Predict for the Future?

The intention of digital actors will determine ChatGPT’s future and its role in cybersecurity, whether positive or negative. In the meantime, the future of cybersecurity will involve two umbrellas—learning how to work with ChatGPT for better cybersecurity, and anticipating the worst-case scenarios to pre-engineer ways to combat them. All of this will happen while users navigate new regulations about communicative AI. 

More companies may enlist the help of white hat hackers or similar services to experiment with gaps in cybersecurity with an AI influence. New subsects of the industry will come to light as programs create curricula about ChatGPT’s cybersecurity influence and how to identify and fight malicious instances. The road ahead will contain countless shifts as the knowledge adapts to ChatGPT’s new abilities and analysts’ discoveries. 

Adversely, the future could be more pessimistic if threat actors take advantage of AI more intensely than defenders. Supervised manipulation of the data could make this software even more problematic and morally gray. Cyberattacks are already higher than at any point in history, and the ease with which ChatGPT could bring may increase that frequency. AI chatbots could decrease workloads for hackers, allowing them to do more damage in less time. Its communications capabilities could also improve botnet connectivity. 

With more assistants like ChatGPT to delegate responsibilities, it’s difficult to know how cyberattacks could advance. At the same time, ChatGPT has equal capabilities to help analysts improve defenses, automate solutions, and free up time for more research and training. 

How AI Influences Cybersecurity

Tangible benefits and repercussions of ChatGPT in cybersecurity are becoming more visible. While researchers haven’t analyzed the side effects enough to determine their degree of influence, it’s clear that ChatGPT will only grow in competence. It will simultaneously reinforce cybersecurity walls and bolster cybercriminal efforts beyond humanity’s conception of the digital world. With ChatGPT’s massive dataset, its potential is nearly endless. Only time will tell how these connections will help or hurt cybersecurity as each side utilizes ChatGPT for their motivations.

Zac Amos
Zac Amos
Zac Amos is the features editor at ReHack, where he covers trending tech news in cybersecurity and artificial intelligence. For more of his work, follow him on Twitter or LinkedIn.

Related Posts

What Does the Future of Zero Trust in OT Look Like?

Zero trust principles have established themselves in the mindshare of cybersecurity practitioners worldwi...
Jacob Chapman Dec 20, 2024 7:00:00 AM

North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) and ISA/IEC 62443 Comparative Analysis

The Utilities Technology Council and Cumulys recently prepared a report in partnership with the ISA Globa...
Kara Phelps Dec 13, 2024 7:00:00 AM

Securing PLCs Through the Backplane: Balancing Performance and Simplicity

With the increasing convergence of operational technology (OT) and information technology (IT), the need ...
Ashraf Sainudeen Dec 6, 2024 7:00:00 AM