How not to respond to incidents | Sec-Gemini - security specific AI model
#181 - The Oracle saga continues | This will start a trend of purpose built AI models
There’s nothing to worry, but change your password
How Oracle communicated their breach
If you want lessons in how NOT To handle an information security incident, here it is.
I wrote about the Oracle cloud data breach and the subsequent saga that played out last week.
Finally, Oracle, in a hush-hush message to its customers accepted that there was a data breach. Oracle followed a classic response of denial first and then a rather sly acknowledgment.
A simple “We are looking into it and will keep you posted” would have been a good way to handle this.
Breaches happen. The way you deal with them will either give confidence to your customer or make them jittery. It will determine if your brand retains its value or suffers an impact.
If this is not an incident that will convince anyone to have a well documented and tested CCMP (Cyber Crisis Management Plan), then nothing will!!
Building an AI model for cybersecurity
How Google might be starting a trend for cybersecurity focused AI models
Google released a cybersecurity focused version of their Gemini AI that claimed to work better than other models on cybersecurity benchmarks. The blog is not very detailed about the model, however it speaks of two benchmarks that it was tested against:
CTI-MCQ (Cyber Threat Intelligence - Multiple Choice Questions) - This is a benchmark that tests a given model against a pre-defined set of multiple choice questions specific to cyber threat intelligence
CTI - RCM (Cyber Threat Intelligence - Root Cause Mapping) - This benchmark focuses on doing the root cause analysis for identified threats in a given scenario.
Prima facie, the benchmarks seem basic, but this is definitely the start of a trend for cyber security focused AI models, which we definitely need!