No one knows how generative artificial intelligence (GenAI) will transform our world. Security practitioners warn that by 2025, defending these technologies will be one of the most difficult hurdles ever encountered in web security—similar to the challenges encountered in the early 2000s. Cybercriminals are always developing new tactics. So in order to protect against all threats—both ones we know about and ones we don’t—defenders need to put layered controls into place. Creating the right strategy is looking beyond just hitting the target every time. Rather, it focuses on prevention, rapid detection and response, and hard limits to ensure any damage caused by exploitation is kept to an absolute minimum.
The Creativity of Cyber Threats
Cyber attackers are quickly showcasing their creativity by targeting vulnerabilities, flaws, and errors present in GenAI systems. As seen by the recently changing tactics used by these opponents, it’s crucial for organizations to stay on top and learning. Security professionals must anticipate that as GenAI tools become more integrated into daily operations, the range of threats will expand correspondingly.
This creativity in cyber threats requires defenders to take a multi-layered security strategy. Relying on just this one line of defense won’t get the job done anymore. Organizations need to implement layered controls to defend against the multiple attack vectors. The multi-layered approach means that if one form of protection should fail, multiple additional protections are still activated to minimize risk.
Strategies for Effective Defense
In building an effective GenAI security framework, professionals warn institutions to avoid the temptation of pursuing a perfect pipe dream. Rather, they need to do their jobs and embrace commonsense, attainable security measures. Prevention is unique among the four pillars because it’s by far the most effective strategy. Setting permanent defenses to deter would-be attackers whenever feasible greatly decreases risk.
Security measures need to go beyond just the idea that some threats will always get through initial defenses. Fast detection capabilities are increasingly vital for organizations and federal agencies alike to detect and respond to breaches just-in-time. When attackers are trying to exploit vulnerabilities, fast action is the name of the game. Addressing the downstream impact quickly can greatly improve your longterm security posture.
A third critical pillar to GenAI security is to define tight guardrails. This has the advantage of making sure no single exploit can do much damage. By constraining the potential damage, organizations can better manage risk and maintain operational continuity even in the face of security incidents.
Dual-Model Validation and Community Guidance
One particularly promising approach would be dual-model validation. This method utilizes two distinct models: one that generates content while another independently checks for unsafe instructions. This additional verification layer ensures that potentially risky outputs from GenAI tools are not executed.
In order to shore up their defenses, organizations need to make use of proven resources. One excellent place to start is the OWASP Top 10 for Large Language Models (LLMs). This community-led playbook serves to address those common risks and present real and actionable mitigations specifically designed for GenAI technologies. Furthermore, NIST AI Risk Management Framework provides a systematic approach to assist organizations in managing the challenges associated with GenAI security.
Guardrails around prompt handling will be proactive steps to retain agency and minimize risk in how inputs are conceived, introduced, and iterated through GenAI systems. Making sure that prompts are processed in a secure manner can help mitigate accidental exposures to unsafe outputs. We’ve talked a bit about the importance of adopting a principle of least privilege for agent tools, too. This strategy limits the scope of their work, reducing the risk in the event of an exploit.
Validation of Outputs
Lastly, it should go without saying that organizations always validate any outputs they plan to execute from GenAI systems. We find that this validation step serves as an important final checkpoint. Most importantly, it is invaluable for flagging any dangerous outputs or guidance developed by the models. Through applying this practice, organizations can minimize the risk of harmful outputs being used in their work to a considerable degree.
