That was fast. While the RSA Conference was oozing AI (with or without merit) from every orifice, the luster faded quickly. With a recent spate of AI-infested startups launching against a backdrop of pre-acquisition-as-a-service posturing, and stuffed with caches of freshly minted “AI experts” on pre-sale to Big Tech, AI fluff had to go big. But with cash burns akin to paper-shredders feeding a volcano, the reckoning had to come; and come it has.
Lacking the cash to really go big – by spending the seven or eight digits it costs to slurp up enough data for a saucy LLM of their own – a whole flock of startups are now on sale, cheap. Well, not exactly sale, but something that looks and smells like one.
Skirting increasing federal pressure against consolidation in the space, and the accompanying stricter regulation, the big guys are licensing the startups’ tech (for something that feels like the cost of an acquisition) and hiring its employees to run it. Only they’re not paying much. It’s fast become a buyer’s market.
Meanwhile, we’ve always considered AI and machine learning (ML) to be just a spoke in the wheel of security. It’s an important spoke but, alas, only one. Complicating matters further (for the purveyors of fledgling security AI tech, anyway), CISA doesn’t seem wowed by what emerging AI tools could do for federal cyberoperations, either.
AI-only vendors in the security space basically have only one shot for their secret sauce: Sell it to someone who already has the rest of the pieces.
It’s not just AI security that’s hard. Boring old security reliability issues, like pushing out updates that don’t do more harm than good, are also hard. By definition, security software has access and interaction with low-level operating system resources to watch for “bad things” happening deep beneath the surface.
This also means an over-anxious update can freeze the deep innards of your computer, or many computers that make up the cloud. Speaking of which, while the technology offers tremendous power and agility, bad actors co-opting a global cloud property through some sneaky exploit can haul down a whole raft of companies and run roughshod over security.
Benchmark my AI security
To help the fledgling industry from going off the rails, there are teams of folks doing the hard work of defining benchmarks for LLMs that can be implemented. After all the hand-waving and dry ice smoke on stage, they’re making an attempt to produce a reasonable usable reference, and they agree that “it is challenging to have a clear picture of what currently is and is not possible. To make evidence-based decisions, we need to ground decision-making in empirical measurement.” We agree, and applaud their work.
Then again, they’re not a startup, meaning they have the substantial resources required to keep a bunch of researchers in a huddle long enough to do the hard, boring work that this will require. Their prior version looked at things like “automatic exploit generation, insecure code outputs, content risks in which LLMs agree to assist in cyber-attacks, and susceptibility to prompt injection attacks”. The newest version will also cover “new areas focused on offensive security capabilities, including automated social engineering, scaling manual offensive cyber operations, and autonomous cyber operations”. And they’ve made it publicly available, nice. This is the kind of thing groups like NIST have also helped with in the past, and it’s been a boon to the industry.
The ship has already sailed
It will be difficult for a startup with two engineers in a room to invent the next cool LLM thing and do a sexy IPO reaping eight figures in the near future. But it’s still possible to create some AI security niche product that does something cool – and then sell it to the big guys before your money balloon leaks out all the money, or the economy pops.