1.  Record and understand your threats, manage risks and seize the opportunities presented by AI to improve your cyber posture.
2. Adopt a hacker mindset by conducting penetration testing and red teaming against AI systems, presuming attackers are leveraging AI to improve the efficacy of their attacks.
3. Ensure that privacy, information security and ethics, as well as evolving regulatory requirements, are considered when developing or using AI within business applications, and that AI systems and applications are developed in line with relevant regulatory requirements.

NCC Group has been researching and incorporating elements of AI and machine learning for years, but we understand 2023 has been a catalyst year for widespread adoption of new tools and systems.

The world has witnessed a transformative shift in the utilisation of AI, spurred by the introduction of advanced Large Language Models (LLMs) like OpenAI’s ChatGPT, Google's Bard, and Microsoft's Bing Creator. These deep learning algorithms, which can recognise, translate, predict, or generate content are already incredibly powerful commercial models, yet they’re still in relatively nascent stages.

The widespread adoption of AI in businesses this year has opened new avenues for innovation but also unveiled novel cyber security challenges. AI systems magnify risks relating to data privacy, integrity, and potential biases. Moreover, they can be susceptible to adversarial attacks, where subtly altered inputs can deceive a system into making incorrect predictions or classifications.

For cyber security advisors like NCC Group, these developments have highlighted the pressing need to consult with businesses on the secure design and implementation of robust AI systems that can withstand malicious attacks, to establish ethical guidelines for AI implementations, and to remain constantly vigilant to emerging threats in the rapidly evolving landscape of AI and cyber security.

Businesses need to ensure the integrity of input data, and that AI model responses are constantly monitored for unintended information leakage.

 Of course, AI is a much broader topic, spanning application domains such as autonomous vehicles, autonomous and intelligent stock trading, facial recognition, surveillance, and cyber security detection and response – to name but a few. The pervasiveness of AI presents many opportunities to improve society in a myriad of ways. But these new capabilities also introduce new risks and challenges in their safe, secure and ethical use.

NCC Group has published a new research paper to support organisations of all shapes and sizes better understand how AI applies to cybersecurity.

The paper provides high-level summaries of how AI can be used by both cyber professionals and adversaries, the risks AI systems are exposed to, safety, privacy and ethics concerns and how the regulatory landscape is evolving to meet these challenges.

The trajectory of AI development has been nothing short of meteoric in recent years. Ensuring the safety and security of people, process and technology in an AI-augmented world demands vigilance, and a commitment to forward-thinking strategies that will require continuous adaptation.

NCC Group’s report - Cyber Resilience in the Age of Artificial Intelligence (AI)

If you’re in the manufacturing sector or its supply chain and interested in this topic, why not join our webinar to hear more about the important role robotics and automation will play in helping UK industry to thrive in the future. Please register here.