AI Security

ByStefan Karg 20.02.202325.08.2025

What is the role of us security professionals when it comes to AI powered systems?

The image presents a scenario titled "Scenario 1" with a focus on the use of artificial intelligence (AI) in attacking traditional systems. The visual features two hands, one human and one robotic, reaching towards each other against a dark background, symbolizing the interaction between humans and AI.

The text in the image highlights the concern that AI is being used to attack traditional systems. It emphasizes the role of security management in ensuring that this new risk is accounted for and mitigated. The image poses a critical question to the viewer: "⚠️ Have you updated your risk analysis?" This suggests the importance of regularly updating risk assessments to address emerging threats posed by AI.

In the bottom right corner, the image is credited to "thecyberstefan," indicating the source or creator of the content. The overall message of the image underscores the evolving landscape of cybersecurity threats and the necessity for proactive risk management in the face of advancements in AI technology.

The image provides examples of different types of attacks on AI systems, highlighting the vulnerabilities and potential risks associated with each type of attack. Here is a detailed summary of the attacks mentioned:

Prompt Injection Attack:

Description: This type of attack involves injecting malicious input into an AI system.
Question: How stable is your model against malicious input?
Explanation: In AI systems, malicious input modifications can be very subtle and might be difficult for humans to recognize. However, these modifications can lead to completely unintended results, potentially causing the AI to behave in unexpected or harmful ways.
Data Poisoning Attack:

Description: This attack involves inserting malicious data into the training dataset of an AI model.
Question: How do you ensure that no malicious data is inserted into your training data?
Explanation: Changes in the training data might be hard to identify by humans due to the large amount of data involved. Malicious data can skew the learning process, leading to incorrect or biased model outputs.
Model Stealing:

Description: This attack involves an attacker gaining knowledge by stealing the AI model itself.
Question: Which knowledge could an attacker gain when being able to steal the model?
Explanation: If an attacker can steal the model, they can gain insights into the model's structure, training data, and decision-making processes. This knowledge can be used to prepare further attacks or exploit the model's vulnerabilities.
The image is credited to "thecyberstefan," indicating the source or creator of the content. The overall message emphasizes the importance of securing AI systems against various types of attacks to ensure their integrity and reliability.

Political

Open AI Sora Text-to-video
ByStefan Karg 19.02.202425.08.2025

The advances in text-to-video models are staggering. With several elections coming up this year and next, it gives a glimpse of the implications for media and social media and how easy it could be to produce very real looking fake news to influence political discussions.

Read More Open AI Sora Text-to-video
Political | Security | Standardization

BSI & TÜV: Worrying Survey on Cybersecurity Among German Companies
ByStefan Karg 12.06.202512.06.2025

The German BSI (Federal Office for Information Security) and TÜV-Verband conducted a survey among German companies to assess the status of cybersecurity in the private sector. Some worrying results from my point of view are: 🌐 Link to the study: BSI – Presse – TÜV-Studie zur Cybersicherheit der deutschen Wirtschaft: Bedrohungslage steigt, Unternehmen wiegen sich…

Read More BSI & TÜV: Worrying Survey on Cybersecurity Among German Companies
Conferences / Events

VDEI Security Conference
ByStefan Karg 23.11.202225.08.2025

Getting ready for my talk at Verband Deutscher Eisenbahn-Ingenieure e.V. (VDEI) Fachtagung Cybersecurity 2022. I’ll be speaking about Security for Safety and will be sharing a couple of lessons learned and best practices from real world projects at ICS – Informatik Consulting Systems.

Read More VDEI Security Conference
Security

Are Bluetooth Headsets Secure in the Era of Remote Work?
ByStefan Karg 26.02.202425.08.2025

Since the onset of the COVID-19 pandemic, the world has seen a significant shift towards remote working. This shift has led to an increase in virtual meetings and, as a result, the use of Bluetooth headsets for convenience. But one question arises – are these Bluetooth headsets secure? To understand the security of a typical…

Read More Are Bluetooth Headsets Secure in the Era of Remote Work?
Security

Password security
ByStefan Karg 10.03.202225.08.2025

What’s the state of your password security? Do you consider the length and complexity and don’t use the same password for multiple services? Post | LinkedIn

Read More Password security
Conferences / Events

Security for Safety pitch at it-sa 2021
ByStefan Karg 19.10.202125.08.2025

A short excerpt from my pitch on ‘Security for Safety’ as part of the BW-International Session at it-sa 2021 is available here: Post | LinkedIn

Read More Security for Safety pitch at it-sa 2021

Similar Posts