From hype to reality, leveraging generative AI for tangible benefits in security practices
Generative AI has quickly integrated into marketing narratives across various IT sectors, including infrastructure security. Its capabilities are being announced in areas such as advanced search and summarisation, automation, remediation recommendations, data loss prevention, knowledge retrieval, policy generation, and risk prioritisation. However, while security leaders are eager to explore these technologies, they must be cautious in distinguishing realistic opportunities from overhyped promises when incorporating generative AI into their security programmes.
Prioritising Essential Capabilities
Generative AI is one of many categories within artificial intelligence, each with its own strengths and limitations. Given that many generative AI-powered tools can be expensive, it is crucial to focus on use cases where this technology can provide a tangible advantage. Generative AI shows promise in infrastructure security for tasks such as content generation, conversational interfaces, and knowledge retrieval, where the risks of hallucinations and other complications are relatively low. Generative AI excels at producing content, making it particularly useful for generating security event reports, compliance documentation, and event summarisation, as well as for creating custom training modules. It also enables natural language interactions, removing the need for users to write complex queries. This simplifies data retrieval and policy creation, especially for those with limited technical expertise. Additionally, generative AI can efficiently extract and summarise information from diverse data sources, accelerating research, decision-making, and security knowledge development.
Evaluating Vendor Capabilities
Once the most beneficial use cases for generative AI are identified, the next step is to evaluate and shortlist vendors offering these capabilities. It is essential to ensure that the functionality provided is genuinely based on generative AI technology. Selecting use cases can be easier if an enterprise is leveraging new generative AI features from an existing vendor. However, for new tools or solutions, a more stringent assessment is required. Enterprises must begin by identifying their primary business outcomes for using generative AI and map these to the most relevant use cases. Once these are identified, incumbent vendors offering corresponding capabilities should be shortlisted. Conducting trials to test these capabilities is a crucial step before final selection.
Is It Generative AI Or Rebranded AI?
A key part of the evaluation process is determining whether the technology is truly generative AI or simply a rebranded version of traditional AI. This is especially important when considering premium features. There are several ways to differentiate between the two. Reviewing vendor documentation is one way, particularly looking for mentions of generative models such as GPT-3, GPT-4, or DALL.E. Since generative AI requires large datasets to learn and generate content, details on the data sources used for training should be sought. Examining API documentation can also provide insight into the types of requests and responses supported, helping to confirm the use of generative AI.
Assessing the use case and the output is another effective method. Traditional AI excels at recognising patterns and making predictions. If a product is primarily focused on these tasks, it is likely using traditional AI. In contrast, generative AI has the capability to generate new and creative outputs, signalling true generative capabilities. Vendor demos can also be highly useful for gathering details about the models and data sources used, particularly when comprehensive documentation is unavailable.
Enterprises can further utilise third-party resources, such as independent reports like the Evaluation Criteria for Generative AI Service Providers, to gain unbiased insights into vendor capabilities. These resources are valuable for assessing whether a vendor truly offers generative AI solutions. By carefully evaluating vendors and focusing on realistic use cases, enterprises can effectively harness the potential of generative AI in their infrastructure security programmes, ensuring they are not merely adopting technology for technology’s sake but applying it in ways that deliver genuine benefits.
Author: Esraa ElTahawy, Sr Director Analyst, Gartner
