La uhlelo olusizwa ubuhlakani bokwenziwa Akusekho isithembiso sesikhathi esizayo futhi sekuyinto engokoqobo yansuku zonke ezinkulungwaneni zamaqembu okuthuthukisa. Ngemizuzwana embalwa nje, umsizi we-AI angakhiqiza imisebenzi ephelele, izikripthi, ngisho nezinhlelo zokusebenza eziphelele, futhi lokhu kukhulisa umkhiqizo, kodwa futhi kwandisa nezingozi.
Lokho izinhlangano eziningi ezingakuqondi ukuthi I-AI ayithathi umthwalo wemfaneloUma ikhodi yehluleka, yithimba lobuchwepheshe okufanele libhekane nomculo. Futhi inkinga akukhona nje ukuthi ikhodi ingase iklanywe kabi noma kube nzima ukuyigcina; inselele yangempela ukuthi, ezimweni eziningi, ifinyelela ekukhiqizweni ngobuthakathaka obukhulu bokuphepha.
Ikhodi ekhiqizwe yi-AI: ukuqopha umkhiqizo kanye nohlaselo olubalekayo
Esikhathini esifushane kakhulu sesishintshele esimweni lapho Iphesenti eliphezulu kakhulu lekhodi yokukhiqiza selivele livela kumamodeli e-AI.Ucwaningo lubonisa ukuthi ingxenye yesithathu yabathuthukisi iyavuma ukuthi okungaphezu kuka-60% kwalokho abakubhalayo kuvela kubasizi abahlakaniphile, nokuthi izinkampani sezivele zibona ukwanda kokukhiqiza okumangalisayo ngenxa yalokho okubizwa ngokuthi "i-vibe coding," uhlelo olusekelwe ekusheshisweni.
Uhlangothi oluphambene lwalolo hlamvu lwemali yilokho Cishe ingxenye yekhodi ekhiqizwa ngokuzenzakalelayo inobuthakathaka obuthileLokhu kusukela ekufakweni kwe-SQL kuya kumaphutha e-cryptographic kanye nezilawuli zokufinyelela eziklanywe kabi. Kwezinye izilimi, njenge-Java, kutholakale ukuthi ikhodi engaphezu kuka-70% ephakanyiswe yi-AI yayinamaphutha okuphepha.
Lesi simo sibangela Izinhlangano eziningi zithumela isofthiwe ekukhiqizweni ezisola ukuthi ayiphelele kakade.Kunemibiko yokuthi amaqembu angaphezu kuka-80% ayavuma ukuthi asebenzise ikhodi azi ukuthi ayikavuthwa ngokugcwele, futhi cishe wonke abhekane nesigameko sokuphepha kwe-inthanethi esihlobene nobuthakathaka obukuleyo khodi.
Okwenza izinto zibe zimbi kakhulu, isimo se- Isithunzi AIAbasebenzi abasebenzisa amathuluzi e-AI akhiqizayo ngaphandle kokuqondisa inhlangano, bekopisha futhi benamathisela izingcezu zekhodi noma ngisho benamathisela ulwazi olubucayi ezixwayisweni. Lokhu kuvula umnyango wokuvuza kwedatha kanye nokwanda buthule kwezingxenye ezingavikelekile, okungenakwenzeka ukulandelwa ngemva kwalokho.
Eziningi zalezi zingozi zibhebhethekiswa yi- ukuthutheleka okukhulu "kwabathuthukisi bezakhamuzi"Abasebenzi abangenalo ulwazi oluqinile ngobunjiniyela besofthiwe bathembele ku-AI ukudala okuzenzakalelayo, izinhlelo zokusebenza ezincane zangaphakathi, noma ukuhlanganiswa. Ikhodi ikhiqiza imiphumela esebenzayo, kodwa ivame ukungabi neziqinisekiso eziyisisekelo zokuphepha nekhwalithi.
Izingozi ezinkulu zokuphepha kukhodi ekhiqizwe yi-AI
Ukuvela kwe-AI ekuthuthukisweni kwesofthiwe akusungulanga ubuthakathaka obusha, kodwa iphindaphinde isivinini kanye nevolumu lapho ubuthakathaka obudala buvela khonaUkuhlaziywa kwezinkampani eziningana zokuphepha kwe-inthanethi kuyavumelana ngezingozi eziningana ezibucayi lapho iqembu lithembele kakhulu kumathuluzi okukhiqiza.
Enye yezinto ezibonakala kakhulu yi- "ikhodi ye-vibe" ngaphandle kwebhethri lokuhlolwa noma ukubuyekezwa okungathi sínaImisebenzi noma izinsizakalo eziphelele zenziwa ngesikhathi sokuhlolwa okusheshayo, zihlolwe ngokungenasisekelo ukuqinisekisa ukuthi "ziyasebenza," bese zihlanganiswa ngaphandle kokuhlolwa kokuphepha, ukubuyekezwa kontanga, noma ukuhlaziywa okuzenzakalelayo. Lokhu kuvumela ubuthakathaka obuyisisekelo ukuthi budlule, ubuthakathaka obungatholwa yinoma yikuphi ukuhlolwa okubucayi okuncane.
Okunye okukhathazayo yilokhu kanye ne-software ye-suministroAmamodeli e-AI avame ukuncoma ukuncika kwabantu besithathu ukuxazulula izinkinga ezivamile. Uma lokhu kuncika kungaqashwa futhi kungahlaziywa ngamathuluzi e-Software Composition Analysis (SCA), kuvula umnyango wokwethula amalabhulali anonya noma izinguqulo ezisengozini ezinkulungwaneni zamaphrojekthi ngesenzo esisodwa.
La Ukuntuleka kokuqapha nokuhlola okuqhubekayo kwamaphakheji angaphandle Ivumela amamojula anekhodi efihliwe noma ukuziphatha okusolisayo ukuthi asebenze ngaphakathi kwezinhlelo ngaphandle kokuphakamisa izexwayiso. Lapho i-AI isikisela futhi ihlanganisa lezi zingxenye kalula kangaka, ingozi yokuthi i-malware ingene ifihliwe njengelabhulali "engenangozi" iyanda.
Esinye isici esibucayi yilesi Ukuhlanganiswa kwamamodeli olimi nezizindalwazi kanye nezinhlelo zangaphakathiUkuxhuma i-LLM nolwazi lwenkampani ngaphandle kokulawula okwanele kuvula umnyango wokuhlasela ngokujova kanye nokuhlasela ngokufaka ubuthi: imiyalelo enonya efihliwe kudatha noma emilayezweni ephoqa imodeli ukuthi yembule izimfihlo, yeqe izinqubomgomo, noma yenze izenzo ezingafanele.
Ngaphezu kwalokho, okulandelayo kutholakale: izinkulungwane zeziqinisekiso ezisebenzayo nezimfihlo kumasethi edatha omphakathi asetshenziselwa ukuqeqesha amamodeli kusuka ku-AI. Okhiye be-API, amaphasiwedi, namathokheni agcina efakwe ezindaweni zokugcina, amaforamu, noma amasampula ekhodi, futhi angavela kabusha ezimpendulweni zemodeli noma asetshenziswe ngabahlaseli abahlaziya lawo masethi edatha.
Akufanele sikhohlwe impande yenkinga: Ukuphepha ngomklamo kusalokhu kungekho kakhuluIningi labathuthukisi liyavuma ukuthi lichitha isikhathi esiningi lilungisa amaphutha kunokufaka izidingo zokuphepha kusukela esigabeni sokuklama. Ezindaweni lapho isivinini sokulethwa sibaluleke kakhulu, ingcindezi yebhizinisi isunduza abathuthukisi ukuba "bakhulule ukusebenza manje" futhi bashiye ukuphepha ukuze bakwenze kamuva... uma leso sikhathi sifika.
Umbono wama-CISO, abakhi bezakhiwo, kanye nochwepheshe: bamukela i-AI, kodwa ngokulawula
Emihlanganweni ehlukahlukene yobungcweti kanye nasemihlanganweni, abaphathi bezokuphepha kwe-inthanethi abavela ebhange, embonini, ekwelulekeni kwezobuchwepheshe kanye nasezinkampanini zezinsizakalo bayavuma ukuthi I-AI ekuthuthukisweni kwekhodi ayisakhethwaIsetshenziswa kakhulu futhi akukho CISO enengqondo engacabanga ukuyivimba ngokuphelele.
Lokho abakucabangayo ukuthi Indlela yokunciphisa izingozi ngaphandle kokuvimbela ukusungula izinto ezintshaAbaningi bakhuthaza amasu okuthuthukisa aphephile asekelwe endleleni "yokushintsha kwesobunxele": ukuletha ukuhlolwa kokuphepha, ukuhlaziywa kwe-SAST, kanye nokubuyekezwa kokuthembela ezigabeni zokuqala zomjikelezo wokuphila kwesofthiwe, lapho unjiniyela—noma i-AI—ebhala imigqa yokuqala.
Lolu shintsho luthatha lokho Amaqembu ezokuphepha kwe-inthanethi awasafiki ekugcineni, lapho konke sekuthuthukisiwe futhi sekukhiqizwa.Esikhundleni sokumane bathi idinga ukulahlwa futhi yakhiwe kabusha, basekela intuthuko kusukela ekuqaleni, bahlanganisa amathuluzi ahlaziya ikhodi ngesikhathi sangempela futhi anikeze izincomo ezisheshayo.
Ezinhlanganweni lapho intuthuko inikezwa khona ngaphandle noma inani lekhodi yobunikazi lingelikhulu kakhulu, abaphathi bezokuphepha bafuna ukubonakala kwendlela leyo khodi ekhiqizwa ngayoBafuna isiqinisekiso sokuthi abathengisi basebenzisa izindlela eziphephile, abathembeli ngokunganaki kubasizi be-AI, futhi bafaka ikhodi kuma-scanner kanye nokubuyekezwa okusemthethweni ngaphambi kokulethwa.
Amanye ama-CISO aqala ukubona abathuthukisi njenge "abaqinisekisi" balokho okwenziwa yi-AIEsikhundleni sokuba ngababhali bomugqa ngamunye, indima iyashintsha: akuseyona nje indaba yokukhiqiza ikhodi, kodwa mayelana nokuyiqonda, ukuyibuza imibuzo, ukuyibuyekeza, nokuthuthukisa lokho okushiwo yimodeli, ikakhulukazi ezindaweni ezibucayi njengokuqinisekisa, ukugunyazwa, ukubethela, noma ukucutshungulwa kwedatha yomuntu siqu.
Ezinkampanini ezinenqwaba yesofthiwe endala, kugxilwe kakhulu lawula ubuthakathaka obuvela kulabhulali yezinkampani zangaphandle kanye nasezingqimbeni zesikhathi esidlule okungekho muntu onesibindi sokuzithinta. Lapha, amathuluzi okuhlaziya okuzenzakalelayo kanye nama-ejenti e-AI angochwepheshe kwezokuphepha aqala ukusiza ekubekeni izingozi futhi abeke phambili lokho okudingeka kulungiswe kuqala.
I-AI njengomngani wokuzivikela: ukutholwa, ukubekwa phambili, kanye nokusabela
Ubuchwepheshe obufanayo obenza kube lula ukubhala ikhodi engavikelekile bushintsha kakhulu indlela esizivikela ngayo kuyo. Ezikhungweni zokusebenza zokuphepha (ama-SOC), amapulatifomu e-SIEM, kanye namathuluzi okuhlaziya ikhodi, Amamodeli e-AI akhiqizayo kanye nokufunda okujulile sekuba yizingxenye ezibalulekile.
Izinjini zokuthola ezisekelwe ku-AI Abagcini ngokufuna iziginesha noma amaphethini angaguqukiBayakwazi ukuhlaziya ukuziphatha kwekhodi, ukugeleza kokusebenza, kanye nobudlelwano bencazelo phakathi kwemisebenzi. Beqeqeshwe ngama-repository amakhulu kanye nedatha yosongo lwangempela, bahlonza ubuthakathaka kanye ne-logic enonya ngisho nalapho ikhodi ibhalwe ngezitayela ezingavamile noma ixuba izilimi.
Ngaphezu kwalokho, lawa mamodeli anikeza umongo wesongo kanye nokubeka phambili okuhlakaniphileAkuwona wonke amaphutha adinga umzamo ofanayo: iphutha elisebenzisekayo kusevisi ebalulekile evezwe ku-inthanethi linesisindo esikhulu kakhulu kunephutha elisethuluzini langaphakathi. I-AI ingakwazi ukubhekisela ulwazi lokudalulwa, ukubaluleka kwempahla, umlando wokuxhashazwa, kanye nokucushwa kwangempela ukuze kubekwe phambili izexwayiso futhi kugxilwe eqenjini kulokho okuyingozi ngempela.
Elinye iphuzu elinamandla yi amakhono okufunda okuqhubekayo kanye nokuzivumelanisa nezimoNjengoba amasu abahlaseli ethuthuka futhi izitayela zokubhala ikhodi zishintsha, amamodeli ayalungiswa, kufaka phakathi ama-vector amasha okuhlasela kanye nemithetho etholwe ezigamekweni zangempela. Lokhu kwenza ukuzivikela kube yinto ephilayo ekhula eceleni kwendawo yesofthiwe uqobo.
Emkhakheni wokuphendula ezigamekweni, i-AI ekhiqizayo ivumela yenza ingxenye enkulu yezenzo zokuqala ibe ngokuzenzakalelayoUkuhlukaniswa kwemicimbi ngezigaba, ukukhiqizwa kwesikripthi sempendulo, ukuhlukaniswa kwezinhlelo ezithintekile, izincomo zokunciphisa izingozi, kanye nokudalwa kwemibiko ecacile yamaqembu obuchwepheshe nabaphathi. Konke lokhu kunciphisa izikhathi zokuphendula, kuvimbela amaphutha, futhi kukhulula abahlaziyi emisebenzini ephindaphindwayo.
Amamodeli akhiqizayo nawo asetshenziswa linganisa ukuhlaselwa kwe-inthanethi futhi uqeqeshe amaqembu ngezimo ezingokoqobo. I-AI ikhiqiza imikhankaso yobugebengu bokweba imininingwane ebucayi, ukulandelana kokuhlasela okuyinkimbinkimbi, noma amaphethini okuziphatha angajwayelekile aphoqa abahlaziyi ukuthi basabele futhi bathuthukise amakhono abo okwenza izinqumo ngaphansi kwengcindezi.
I-Malware kanye ne-AI: i-hype, imikhawulo yamanje kanye nokuvela okungenzeka
Kanye nokukhula kwe-AI yokuzivikela, kuye kwavela obunye ubuchwepheshe ama-prototype e-malware ahlanganisa amamodeli olimi noma ezisebenzisa izinsizakalo ze-AI ukuze zishintshe ngokuguquguqukayo. Ukuhlolwa okufana ne-BlackMamba, i-EyeSpy, noma i-Morris II worm kubonise ukuthi kungenzeka ngobuchwepheshe ukusebenzisa i-LLM ukukhiqiza ikhodi enonya ngesikhathi sokusebenza, ukuhlola ama-target, noma ukusabalalisa ukuhlaselwa ngemiyalelo efakiwe.
Kodwa-ke, ochwepheshe abaningana kubunjiniyela obuphambene kanye neqembu elibomvu bakhomba ukuthi, Okwamanje, lezi zibonelo ziyizinto ezimangalisayo kakhulu kwezobuchwepheshe kunezinsongo ezingenakwehlulwa.Amakhono abawabonisayo—i-polymorphism, ukusebenza kwememori, i-obfuscation, noma ukukhetha okuqondiwe—asevele ekhona ku-malware ethuthukisiwe futhi asatholakala ngokuzivikela kwamanje.
Esinye sezizathu ukuthi Ikhodi ekhiqizwe amamodeli aqeqeshwe kudatha yomphakathi ivame ukuba yinkimbinkimbi kakhulu kunekhodi ebhalwe ngokwezifiso ngumhlaseli onguchwepheshe.Ama-LLM athembele kumaphethini afundiwe; avame ukusungula izakhiwo ezintsha ze-malware kusukela ekuqaleni, futhi avame ukukhiqiza izingcezu ezivamile, ezingasasebenzi, noma ezisayinwe kalula.
Futhi, Ukuze i-malware esekelwe ku-AI ibe nenzuzo, kufanele inikeze imbuyiselo ecacile ekutshalweni kwemali. kulabo abayithuthukisayo. Njengoba nje kwenzekile nge-ransomware noma i-cryptojacking, ngeke sibone ukusetshenziswa kabanzi kwamasu athile kuze kube yilapho ehlanganiswa kalula kwisofthiwe esemthethweni futhi kukhona ingqalasizinda evuthiwe yokuwasekela.
Nokho, ochwepheshe bayavuma ukuthi, uma amamodeli eqhubeka nokuthuthuka ngesivinini samanjeKuzofika isikhathi lapho zingasiza khona ngempela ekudaleni izinsongo eziyinkimbinkimbi neziguquguqukayo. Kuleso simo, kuzodingeka ukuqinisa kakhulu ukuqapha kwabantu, ukuvikela amamodeli ekusetshenzisweni kabi, nokuqinisekisa ukuphepha kwephayiphi yonke ye-AI.
Ukuqinisekisa umjikelezo wokuphila we-AI ophelele: idatha, amamodeli, kanye nepayipi
Uma uxoxa ngokuphepha kwe-cyber kukhodi ekhiqizwe yi-AI, ukubheka nje indawo yokugcina akwanele: Lonke ipayipi le-AI kumele livikelwe kusukela ekugcineni kuya ekugcineni.kusukela ekuqoqweni kwedatha kuya ekusetshenzisweni nasekugcinweni kwamamodeli.
Insika yokuqala yi ukuvikelwa kwedatha yokuqeqeshwa kanye nezincomokanye nokukhethwa kwamapulatifomu aphephile afana nalawa izinhlelo zokusebenza zamahhalaUma amasethi edatha equkethe ulwazi olubucayi, olungadalulwanga, noma uma abasebenzisi benamathisela izimfihlo kanye nedatha yomuntu siqu emibuzweni, kunengozi yokuvuza kolwazi, iziqinisekiso ziphinde zivele ezimpendulweni, noma ngisho nokwephulwa kwedatha okukhulu uma umhlinzeki we-AI esengozini.
Insika yesibili yi ubuqotho bamamodeli nama-algorithmsUkuhlaselwa okufana nokufaka ubuthi kungcolisa idatha yokuqeqesha ukuze kuphambukiswe imiphumela; amanye ama-vector afuna ukusebenzisa ubuthakathaka kuma-API okuphetha ukuze akhiphe imodeli noma ashintshe ukuziphatha kwayo. Ukugcina izilawuli zokufinyelela eziqinile, ukubethela, ukuqapha, kanye nokuhlola okuqhubekayo kubalulekile.
Ingxenye yesithathu yi- ukubusa kanye nokwengamela lonke ipayipiLokhu kuhlanganisa ukulandelela ukuthi ubani osebenzisa i-AI, ngaziphi izinjongo, yiziphi izinhlobo zekhodi ekhiqizayo, yiziphi izibuyekezo ezenzayo, nokuthi imiphumela yayo ifakwa kanjani ezinhlelweni zokukhiqiza. Ngaphandle kwalokhu kubonakala, i-Shadow AI iyanda, futhi ukuphathwa kwezingozi kuba yinto engenakwenzeka.
Imikhuba emihle kule ndawo ihlanganisa izinqubomgomo zedatha eziqinile, ukubethela okuqinile, ukuqinisekiswa kwezinto eziningi, izimiso zamalungelo aphansi ukufinyelela amamodeli, izivikelo eziqondisweni, ukubuyekezwa okuphoqelekile ngesandla kanye nokuqapha njalo okufakwayo, imiphumela kanye nemiphumela yangempela emvelweni.
Uhlaka lwe-SHIELD: Ukubeka Imikhawulo Ecacile Kuhlelo Olusizwa yi-AI
Ukuze kuhunyushwe konke okungenhla kube yizilawuli ezisebenzayo, abanye abeluleki bezokuphepha baphakamise izinhlaka ezithile ze ukunciphisa ingozi "yokubhala ikhodi ye-vibe"Enye yezinto ezibanzi kakhulu uhlaka lwe-SHIELD, olufingqa ngezinhlamvu eziyisithupha izimiso eziyisisekelo zokusebenzisa i-AI ngokuzibophezela ekuthuthukisweni.
U-"S" ku-SHIELD ubhekisela ku- Ukuhlukaniswa kwemisebenziUmgomo ukuvimbela ama-ejenti e-AI ekubeni nezimvume ezixubile ezifinyelela ezindaweni zokukhiqiza. Indlela enengqondo iwukukhawulela ububanzi bawo ekuthuthukisweni nasekuhlolweni, ngaphandle kweziqinisekiso ezinamandla noma ukufinyelela ngqo kudathabheyisi yangempela.
U-“H” uhambelana no Umuntu oseseketheLokhu kusho ukuthi ikhodi ekhiqizwe yi-AI kumele ihlale ibuyekezwa futhi ivunyelwe ngabasebenzi abafanelekayo, ikakhulukazi uma isetshenziswa onjiniyela abangebona ochwepheshe. Azikho izinguquko ezibalulekile okufanele zihlanganiswe ngaphandle kwesicelo sokudonsa esiqondisiwe.
I-“Mina” ikhomba ku- Ukuqinisekiswa kokufakwayo nokukhishwayoKuyadingeka ukuhlukanisa ngokucacile imiyalelo ethembekile kudatha engathembekile, ukuhlanza izixwayiso, ukulawula lokho okucelwayo kumodeli, nokuthumela umphumela kumathuluzi afana ne-SAST ngaphambi kokuwuhlanganisa ku-codebase.
I-“E” igxile ku Amamodeli asizayo agxile ekuphepheniEsikhundleni sokuthembela kumsizi oyedwa osebenza kuzo zonke izinto, kuyalulekwa ukuthi ugcwalise ngamathuluzi athile okuskena ngasese, ukuqinisekiswa kokulawula, i-SCA, ukutholwa kokuxhomekeka kwe-phantom, kanye nokuqinisekiswa kokucushwa kwengqalasizinda njengekhodi.
I-“L” ibhekisela ku- umgomo "we-Least Agency" noma i-minimum agencyAma-ejenti e-AI kufanele asebenze ngezimvume ezincane kakhulu: akukho ukufinyelela kumafayela abucayi, imikhawulo eqinile emiyalweni ebhubhisayo, kanye nekhono lokwenza izinguquko ngokuzenzakalelayo ezindaweni ezibucayi.
Ekugcineni, u-“D” ubhekisela ku- Izilawuli zobuchwepheshe zokuzivikelaNgaphambi kokusebenzisa, kubalulekile ukusebenzisa i-SCA, ukukhubaza noma yiziphi izindlela zokusebenzisa ngokuzenzakalela ezivimbela ukungenelela kwabantu, ukuphoqa amapayipi anezigaba zokuphepha, nokurekhoda ngokuphelele yonke into ephuma esiphakamisweni se-AI.
Lezi zinhlobo zamafreyimu zihlose into elula kakhulu: Sebenzisa ukusheshisa okunikezwa yi-AI ngaphandle kokulahla ukulawulaNoma, uma sikubeka ngqo, umsizi kufanele abhale imigqa eyengeziwe ngomzuzu, kodwa umthwalo wemfanelo, izindlela zokukhetha, kanye nezinqumo kufanele kuhlale ezandleni zeqembu labantu.
Lonke lolu hlelo olusha lwe-ecosystem—olunekhodi yokukhiqiza i-AI ngesivinini esikhulu, izivikelo eziqhutshwa yimodeli, izinhlaka ezifana ne-SHIELD, kanye nesiko elihlukaniswe phakathi kokushesha nokuhlakanipha—luphoqa izinhlangano ukuba zikhule. Labo abaphumelelayo ukuhlanganisa imikhuba yobunjiniyela ezwakalayo, ukuqeqeshwa okuqhubekayo kokuphepha kwe-cyber, ukuqapha okuqinile kwabantu, kanye nokusetshenziswa kobuhlakani bokwenziwa ngobuhlakani yibo abazokwenza ikhodi yabo... ukukhiqiza okusheshayo, okuqinile, okuphephile futhi okuhambisana nezinhloso zebhizinisingaphandle kokuwela ogibeni lokuba ngabasebenzi abasheshayo noma ukucima imililo yezokuphepha njalo.
