Security News > 2023 > June > Popular generative AI projects pose serious security threat
Many popular generative AI projects are an increased security threat and open-source projects that utilize insecure generative AI and LLMs also have poor security posture, resulting in an environment with substantial risk for organizations, according to Rezilion.
"On top of their inherent security issues, individuals and organizations provide these AI models with excessive access and authorization without proper security guardrails. Through our research, we aimed to convey that the open-source projects that utilize insecure generative AI and LLMs have poor security posture as well. These factors result in an environment with significant risk for organizations."
Rezilion's research team investigated the security posture of the 50 most popular generative AI projects on GitHub.
The research utilizes the Open Source Security Foundation Scorecard to objectively evaluate the LLM open-source ecosystem and highlight the lack of maturity, gaps in basic security best practices, and potential security risks in many LLM-based projects.
The following best practices and guidance is recommended for the secure deployment and operation of generative AI systems: educate teams on the risks associated with adopting any new technologies; evaluate and monitor security risks related to LLMs and open-source ecosystems; implement robust security practices, conduct thorough risk assessments, and foster a culture of security awareness.
While there are significant security challenges concerning the adoption of generative AI models and their ecosystem, AI technologies are exciting, powerful, and here to stay.
News URL
https://www.helpnetsecurity.com/2023/06/29/generative-ai-security-risk/
Related news
- AI security 2024: Key insights for staying ahead of threats (source)
- Unlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024 (source)
- The AI balancing act: Unlocking potential, dealing with security issues, complexity (source)
- AI for application security: Balancing automation with human oversight (source)
- More than 3 in 4 Tech Leaders Worry About SaaS Security Threats, New Survey Reveals (source)
- Cyber Security and IT Leadership: A Growing Threat to Australia’s Renewable Energy Efforts (source)
- Microsoft security tools questioned for treating employees as threats (source)
- Homeland security hopes to scuttle maritime cyber-threats with port infosec testbed (source)
- Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds (source)
- Security leaders consider banning AI coding due to security risks (source)