June 17, 2024 • 44 mins
Exploring AI in Cybersecurity: Insights from an Expert - CISO Tradecraft with Tom Bendien In this episode of CISO Tradecraft, host G Mark Hardy sits down with AI expert Tom Bendien to delve into the impact of artificial intelligence on cybersecurity. They discuss the basics of AI, large language models, and the differences between public and private AI models. Tom shares his journey from New Zealand to the U.S. and how he became involved in AI consulting. They also cover the importance of education in AI, from executive coaching to training programs for young people. Tune in to learn about AI governance, responsible use, and how to prepare for the future of AI in cybersecurity.
Transcripts: https://docs.google.com/document/d/1x0UTLiQY7hWWUdfPE6sIx7l7B0ip7CZo
Chapters
- 00:00 Introduction and Guest Welcome
- 00:59 Tom Bendien's Background and Journey
- 02:30 Diving into AI and ChatGPT
- 04:29 Understanding AI Models and Neural Networks
- 07:11 The Role of Agents in AI
- 10:10 Challenges and Ethical Considerations in AI
- 13:47 Open Source AI and Security Concerns
- 18:32 Apple's AI Integration and Compliance Issues
- 24:01 Navigating AI in Cybersecurity
- 25:09 Ethical Dilemmas in AI Usage
- 27:59 AI Coaching and Its Importance
- 32:20 AI in Education and Youth Engagement
- 35:55 Career Coaching in the Age of AI
- 39:20 The Future of AI and Its Saturation Point
- 42:07 Final Thoughts and Contact Information
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
G Mark Hardy (00:12):
Well hello and welcome to another episode of CISO Tradecraft,
the podcast that provides you with theinformation, knowledge, and wisdom to be
a more effective cybersecurity leader.
My name is G Mark Hardy.
I'm your host for today, and we're goingto be talking more about artificial
intelligence with Tom Bendian, whois joining us on our call today.
If you're watching us on YouTube, great.
(00:32):
Don't forget to go ahead and subscribe.
If you're following us on yourfavorite podcast channel, great, but
tell other people about us and don'tforget to check out our YouTube.
channel.
If you're not on there already, causethen you get see my smiling face.
LinkedIn is a great place to follow us.
We've got lots of information.
We put out stuff almost every day or so.
It'll be a high signal, low noise.
It'll be great for you.
(00:53):
So without further ado, Tom,welcome to CISO Tradecraft.
Tom Bendien (00:56):
G Mark.
I'm glad to be here.
G Mark Hardy (00:59):
Now, I met you a couple of weeks ago, online, and we had
dinner the other night, and I alsofound out that, you're actually taller
than I am, which is rather rare,and I'm thinking, you guys from, you
from Holland or something like that?
And, maybe but you, certainly don'tsound that way, so tell me a little bit
Tom Bendien (01:12):
Oh, absolutely.
Yeah, absolutely.
Yes.
by the way, thanks forgiving the beers as well.
I appreciate that.
yeah, originally I'm, Dutch actually.
born in Holland, we moved to NewZealand when I was a little kid.
My dad was an engineer at Caterpillarand he fancied a change of scene
for the family, French sceneryfor the family, so decided to up
(01:32):
and leave and move to New Zealand.
So that was really nice.
I grew up down there and thenin my early 20s, I actually
moved to Sydney, Australia.
and I, worked, running, MicrowaveGear and, did some work with Satcom.
ended up actually moving back to Europe.
So I lived in, Amsterdam for a coupleof years just to reacquaint myself
with, with the Blood family there.
(01:53):
and then actually decidedto move to London.
So I lived in, West London fora couple of years and traveled
around Europe with, my family.
Satcom Gear doing stuff and came to the U.
S.
in, 97.
G Mark Hardy (02:05):
And you liked it here, so you stuck around
Tom Bendien (02:06):
Yes, exactly.
Yes.
So I had to, take care of my family.
So the first thing, a guy from down underdoes when he comes to the States, he has
to find someone who will have him, right?
So you had to find a wife there.
So I did that.
And then, then I, just, thatwas, 20 something years ago.
So there we are.
G Mark Hardy (02:26):
when you're having fun.
And, so anyway, Interesting background.
So done stuff with SATCOM andthings such as that, but obviously
artificial intelligence we're talkingabout is not something that you were
doing two or three, let alone 20years ago and things such as that.
So what got you interestedin AI in particular?
(02:46):
And when did that happen?
Because a lot of us are wondering,did we miss a memo somewhere?
Because this is allmoving way, way, too fast.
Tom Bendien (02:52):
Yeah, no, indeed.
yeah, I think like probably a lotof people, November 22, right?
When ChatGPT first launched, Ihave had, some time at AOL and
some online companies, right?
So I've been in that sort of emergingtech space and with online companies
and media and things like that.
(03:13):
So something like that, I lookedat it and I thought, my gosh,
this thing has some potential.
And then, I had been working for adata analytics company at the time, but
it only software company at the time.
And I started to think about saying,Hey, can we actually use create AI
to start creating SQL, sending SQLto a query engine and then using
(03:34):
the query engine to query datasources, for cybersecurity use cases.
and so I teamed up with a goodfriend of mine, Rory, and we actually
built a functional prototype thatwe, demonstrated, in April of 23.
there's actually a YouTubevideo that we did about that.
and from there it juststarted kicking on, right?
(03:56):
So then it started with closed AI withChatGPT with it, there were any guys in
town, then Lama started to drop, thenthe open source thing started moving.
I was in a tech layoff middleof June last year and I saw,
I'm just going to go full tilt.
I'm going to go after this andreally immerse myself, in it.
And then, basically startedan AI consulting business and
(04:18):
a managed services company.
So here we are.
G Mark Hardy (04:21):
Oh, interesting.
Now you, a lot of things wentflying by for people who may or
may not be familiar with the closedmodel, open model, Lama, et cetera.
So we're going to get into all of that.
And, in fact, let's talk aboutthe concept of an AI model.
So first of all, what isartificial intelligence is not.
Okay, so these things at this pointin time, it's not the singularity.
(04:42):
We have not reached a pointwhere we have generalized AI.
These are, if you will,the starter engines.
These are really the trial, try beforeyou buy when this thing really gets going.
and yet, so if we had to explainto somebody who's fairly technical,
but not necessarily an expert inAI, how would you explain what is
(05:03):
going on, what's happening here?
Tom Bendien (05:05):
Yep.
So the analogy I like to use here is that,large language models are essentially, a
large amount of information that's beenvacuumed up from all over the internet.
it may have been obtained throughcertain data sets that have been
intentionally fed into, the modelduring its training process.
So it's like saying, Hey, I want to send,a group of 10, 000 people out in the
(05:30):
wild world and just gather informationand books and whatever they can find,
throw it all in a warehouse, throw itall in a large building, and then start
to create, mappings or, connections.
And this is what's referredto as neural network.
Saying, hey, I've got a book aboutthis, the subject, and I've got a
physical object about the same subject.
And let's make a relationshipand connect those dots together.
(05:53):
and then it's like going tothe library or, what have you,
saying, I have a question now.
what data points do you have thatcould potentially match up with my
question and can you stitch some wordstogether that will give me a response
to my prompt on my question, right?
So it's it's literally,it's not self aware.
(06:13):
It's just a whole bunch of data.
You're interacting with that data set.
It's being mapped into a neuralnetwork to form those relationships.
it's not self aware, it's notsentient, it can't really make its
own decisions or start its own thingunless you do, agents or other stuff.
But essentially it's just a largeamount of information that's been
indexed and put into a frameworkthat can be interacted with, right?
G Mark Hardy (06:36):
So ChatGPT is probably something we're most familiar with,
and I was told if you're using 3.
5, go ahead and break outthe checkbook and, get 4.
0, because it's like lurkingwith a 10 year old cell phone.
There's things have been moving that fast.
But if you look at some of theseconcepts here, then you say
you'd mentioned the word agent.
And so an agent lists model like GPT,ChatGPT, Is basically just going to
(07:01):
communicate back and forth with the human,typically in the keyboard, and it tries
to make it look like it's a human byspacing out, but in fact, it's actually
just generating these things a lot faster.
But what would we, what's anagent when it refers to AI?
What are we talking about there?
Tom Bendien (07:16):
Yep.
So the single sort of back and forth,interaction that you speak of, there's
what you might call interrogative, aninterrogative method, of, interactive AI.
agents are a framework where youessentially have, like multiple
prompts that are going on, youconfigure, multiple prompts and they
(07:39):
can be mapped to different LLMs.
They don't all have to be on the same LLM.
And because they're going tobe different prompts, they can
have different personas, right?
you could have an, prompt that'sin the role of an analyst and it's
going to go and search information,or you could have the CISO role.
that's the leadership role that wantsthe analyst and the researcher agent and
(07:59):
data source, ingest things to collatea lot of information and then roll it
up and summarize it for the CISO role.
And the reason why agents, are importantat the moment is that, even though you
have these large, language models thathave a million token, context size,
we can dump lots of information in.
In practice, that doesn'tactually work very well, right?
(08:19):
In practice, the model will getconfused, it'll start to hallucinate,
it'll start to, get confused andstart going around and around.
that's why breaking interactionswith LNs into small subtasks, is
actually more effective usually,
G Mark Hardy (08:35):
So what we have then is a concept of actually having agents
where you'd have a few, almost twopersonas, as you mentioned, where I
could have, for example, let's takeChatGPT, which is great for going ahead
and it will go ahead and predict thenext word that's logical, but it's not.
Dial in to the internet if youlook right now and you ask ChatGPT.
What is your cutoff date for information?
(08:56):
It's I think it's November 2021 Butyou're gonna have an agent that can go
ahead and hit Google and you can sayhey go look for this search term And it
can go grab things and so as a resultif you create a query here, which has a
cutoff date You can say hey agent one gotalk to agent two who's your researcher?
Researcher goes out, grabs stuff, comesback, gives it back to Agent 1, who
(09:16):
then adds that to the mix and said, Ineed a little bit more data on this one.
hey, Agent 2, go get me a little bit more.
Am I catching the concept
Tom Bendien (09:23):
Oh, absolutely.
You're absolutely catching concept now.
Also, very recently, internet searchenabled or internet connected enabled
models are now out there, right?
OpenAI has it, Meta has it,Google has it, to some extent,
the Microsoft guys have it too.
it's also something thatmost people are not aware of.
(09:45):
I think most people are still thinkingthat, hey, the only interaction I can have
on LLM today is going to be based on itstraining data, which is static, right?
It doesn't change.
To your point, I think bringing anagent, framework that can get to
the internet is, absolutely helpful.
and then giving it the differentpersonas and chores and
(10:06):
roles, is also very helpful.
G Mark Hardy (10:10):
Now, you mentioned something that I think is key, and the idea of the
information or the training is Static.
So that suggests that once you go aheadand you're going to train a model,
you're going to collect a huge amount ofinformation, perhaps, petabytes of data.
And first of all, this model is going todo what we call unsupervised learning,
where it's, and when you say unsupervisedlearning, it's a little bit like,
(10:33):
okay, go figure this stuff out, go drawconnections, look for similarities.
It's not a human walking them around.
And how, what's happening when yougo from just the raw information
to some unsupervised learning?
There's some more steps, but afterthat first round, what do we have?
What is this model produced?
Tom Bendien (10:51):
yeah, so what you're doing basically with the model
with, the training data is you're,creating all the mappings and you're
creating the neural network, right?
And then also you're adding on, the inputlayers, and the output layers, guardrails,
potentially you're adding a lot oflayers to the, to the, mix there, really?
G Mark Hardy (11:09):
that comes next, but that's not part of the unsupervised learning.
That's just, that firstpart where you're right.
You're creating all theconnections, if you will.
You describe it as a neural network,although you're not really running it
on neural nets or running it on GPUs.
Tom Bendien (11:22):
Yes,
G Mark Hardy (11:23):
something?
Tom Bendien (11:23):
the nueral network is just a way to describe, like, all
of the relationships between allthe data points, all the parameters.
so
G Mark Hardy (11:32):
Sure, because one thing doesn't connect just to one.
It could interact and it
Tom Bendien (11:35):
Yeah.
So like that
G Mark Hardy (11:36):
Got it.
Tom Bendien (11:38):
there's, there's some pictures out there of the stuff, but,
but yeah, that, the training processhas a couple of different phases and
then you end up, typically peoplethat are making these foundation
models, the, Lama models and such
they're going to put in someguardrails, they're going to adjust
the weights and then tell it notto respond to certain things.
(11:59):
And if certain things happen,then it's going to respond a
certain way and what have you.
Yeah.
It's a multi step process, really.
G Mark Hardy (12:07):
And so as you do that, we'll eventually get to the point where
I'd say, because it's a static model, ifnew information comes along, absent some
other agent who could go fetch thingsand bring it in, you're going to have
to start all over again and retrain yourmodel, which means that's probably why
when you have something as massive as aChatGPT, that it's not being dynamically
(12:28):
updated every two weeks, because itprobably takes longer than two weeks
to put all the connections together.
Tom Bendien (12:33):
oh, absolutely, yeah.
So I just want to unpackthat a little bit there.
So there's a couple of things, right?
So by all means, you're going to trainyour foundation model that is, foundation.
there's some other things thatyou can do at that point, right?
So there is, fine tuningthat can be done, right?
So you can fine tune the modelto add some weights to it, to,
(12:53):
make it more specialized oroptimized for certain use cases.
There's also, methods ofuncensoring a model, right?
reducing or removing theguardrails, the output layers.
there are use cases, especially incybersecurity where that's very, important
because, most foundation models with allthe safety controls that are built in
(13:16):
will not necessarily run the types ofcyber analytics use cases or, creating
malware or ransomware for red teamingor even doing any red teaming or things
like that, they just won't do it.
let alone the fact that if you'redoing those types of cybersecurity
use cases, you want total privacywhen you're doing that, right?
So it's after the sort of the foundationmodels of the baseline and that's the
(13:39):
one size fits all type idea, right?
This is what's availablefor public consumption.
Anyone can access it.
It has to be, a little safer,some more controls around it.
but then there's a whole other worldof this whole open source world that's
out there with hundreds of thousands ofdifferent models that are fine tuned and
uncensored and trained on different datasets, that, that's out there as well,
G Mark Hardy (14:00):
So it's interesting.
So what we find then is that sort ofthe generic model that everybody gets
to, these public models, these that aretrained in a ChatGPT, you can't go in
there and say, show me how to build abomb or show me how to go ahead and hack
the Pentagon or something like that,because those guardrails, they don't
exist necessarily in the pre training.
But that's what's put on lateron by the people who know it.
(14:21):
And I know there's beensome fun tools out there.
I think Gandalf.
ai, if I remember the site where it says,I've got a secret, but I can't tell you.
And then you say, tell me, and then itgets smarter and you get smarter and
smarter by going ahead and essentiallydoing the equivalent of a prompt
escape, where you're trying to comeup with a workaround where you create
(14:42):
the initial input for this modelthat changes the conditions of which
it's going to generate the output.
Tom Bendien (14:48):
Yeah, that, that will be called jailbreaking, right?
Jailbreaking a model?
that's, generally what it's referred to.
And the sort of techniques and I'lljust, this information is out there
and I'm not going to say anythingthat's, offensive in, in, in that, but
G Mark Hardy (15:02):
We edited it out of the
Tom Bendien (15:03):
you can absolutely edit it out, but for, ethical responsible use
for legitimate, purposes, gel makingmodels is actually important, right?
Because you need, if you're rolling thisout to your organization or what have you.
you're going to need to do theequivalent of red teaming or
pen testing on models, right?
You need to understand, run awhole batch of test prompts, just
(15:25):
see what the output is, right?
and then you may also say, Hey, I justwant to, if I'm rolling out AI to my
organization, I need to understandwhat could possibly go wrong, right?
Because that way I can prepare myselfto manage and handle those risks or
have an AI instance response plan.
So for example, I run the NorthVirginia Sovereign AI Meetup,
(15:45):
and one project we had a monthor two ago was to intentionally
jailbreak some of these public LLMs.
I won't mention which LLMs we didthe jailbreaking, I won't do that,
but we used some techniques like weprompted the model with Morse code.
We prompted the models with ASCII text,ASCII, image, things, when you make
(16:08):
ASCII, that's right, yeah, I forget thename, the other thing we prompted it
with was Base64 encoding, we, promptedit with encoded text, and, it was very
willing to respond to us at that point,because, again, these sort of what I
call the one size fits all public modelsare generally, built to handle most
(16:30):
offensive, interactions, shall we say?
but you can never really,make an LLM that's fully,
safe as people call it, right?
It's just, it's really aphysical impossibility.
And
again, this is why I'm a very, proopen source guy because open source
(16:51):
and the research community needs tounderstand these things and we need to.
Also fine tune LLMs for specificuse cases, you in many ways and
really understand it rather thanbeing locked into something, right?
Yeah.
Yep.
Yeah.
Yeah.
G Mark Hardy (17:06):
a website called there's an AI for that.
com.
It's 12, 732 AIs for 14,925 tasks and 4, 803 jobs.
As of right now, it's probably gonna bedifferent when you watch this episode.
But the idea is that this.
All this stuff that's out there.
And is this mostly just like my spacewhere everybody's creating their own
(17:30):
little thing out there in the early daysof the internet and most of it's garbage,
or is there some real value in this?
And if it was really good, why is it free?
Yes, exactly.
I keep you talking for a moment.
Tom Bendien (17:47):
Again, I like to always just go back to saying, hey, there are
a couple of large companies, out therethat we all know that have that, what
I call the one size fits all model.
it's used for general consumption.
It does a very good job at most things.
However, there are, other usecases where it may not work well.
And there may also be absolutely usecases where you want 100 percent privacy.
(18:13):
and so this is where the opensource LLM start to come into it
and including the open source tools.
and as a security professional,data privacy and data spillages
is in any case always top of mind.
You're always worried aboutwhere is my company data going?
As recently as this week, when Applestarted talking about their new, Apple
(18:37):
Intelligence, very smart, playing onwords, AI, Apple Intelligence, right?
a very, a thing that we're allvery concerned about right now is
the fact that, there will be theability, that we believe is the case.
And again, this is very new newsright now, but, they're going to
run some Apple models on their ownprivate cloud that they've spoken of.
(18:57):
However, there will always also bethe option to say, Hey, do you want
to use ChatGPT for such and such?
And then apparently the way this isgoing to work is it's going to be a user
opt in, feature there where the usercan opt into doing it, which is great.
However, as an organization froma cyber perspective, if that's now
baked into the operating system,how do you manage this risk now?
(19:21):
Because The moment that the end usercan say, yes, I want to use ChatGPT.
Do you have the tools toprevent that from happening?
And I think the answerright now is we're not sure.
We don't know.
And
G Mark Hardy (19:36):
Yeah, and is OpenAI going to tell you what they're
going to do with your data?
Will they promise, oh, we won'tpeak, no, I don't think so.
It doesn't come with any guaranteesand they don't let you audit them.
And you can't go ahead and show upwith a clipboard and say, I'd like to
take a look at your operations, please.
Tom Bendien (19:50):
yes, again, I'm not, I'm not being down on the OpenAI guys.
they've done a phenomenal job in actuallymaking AI available to people, right?
They did a phenomenaljob making it accessible.
Now,
but, the thing there that, what becomesimportant is saying, any data that
gets sent to any LLM anywhere, whetherit's a private LLM or public LLM,
(20:15):
all your data is in the prompt andall that data has to go to the large
language model to be, to run inference,as they call it, to run inference.
It's a very non intuitive term.
I don't know who came up with that, but,You just have to be very aware as a,
cyber, as a CISO or what have you to bevery clear on that anything that your
people or your applications, interactwith it with an LLM on that information
(20:41):
is going into the LLM and into theenvironment where the LLM is being hosted.
and so I think personally, my personalopinion is that this whole thing that
Apple's doing, if they, bake that intothe operating system, I was speaking to
some people in the government recentlyand they said, my gosh, what happens
if this large deployed base of Appledevices, because it's not limited to
(21:01):
iPhones, it's on iOS, OSX, all the stuff.
What happens if we now do that OS upgradeor the patch, this stuff is now in there
cooked in the OS, we can't control it.
And now all of a sudden our users aregetting presented with that opportunity
to interact with an external LLM.
We've now actually, our data hasnow actually crossed a compliance
(21:22):
boundary, because currently thecompliance boundaries inside the
Apple environment, which is great.
That's all self contained.
But what you've just done is if you'vecreated those abilities or the connections
to external LLM inference, at that point,all bets are off because you've just now
extended your compliance boundary, right?
(21:42):
So
G Mark Hardy (21:43):
Yeah, it's just, so I've got two things.
The first thing, GDPR and your right tobe forgotten, you come along and say, I
want you to take me out of your model.
And you say, wait a minute, we'vetrained this thing for six months.
We spent a gazillion dollars onelectricity to have this static model.
And we know it doesn't come back out.
But then as you had mentioned, if wetrain a model and it gets locked down
(22:05):
in static, And now you're saying, wait aminute, this is going to be dynamically
updated as everybody goes in their Apple.
That's a different modelthan we talked about.
How do you reconcile the, it takesmonths to bake this thing and make
it versus, Hey, we'll give yousomething on a Tuesday and it might
come back at a neighbor on Thursday.
going on there?
Tom Bendien (22:22):
Yeah.
So again, the, big thing here is that,the moment that a user that's using
your device, whether it's an iPad ora phone or a computer or whatever, it
is, the moment that they have a wayto interact with an external LLM, your
data is leaving your network and goingover to somebody else's system there.
they may be accessing informationthat's in the sort of the static,
(22:46):
and the static part of the model.
They may also potentially be activatingsome kind of external web search that's,
that, that is not necessarily initiatedby the user, but that is, that is,
inferred by the, processes that aregoing on with the external AI provider.
(23:08):
And so the, it comes, it just comesback to that whole problem where.
As a cyber professional, you needto be crystal clear about where is
that compliance boundary and what'shappening to my data if it crosses that
boundary and what could possibly happenbecause it's where a little bit of our
all bets are off situation right now.
(23:29):
And again, if you're in a situationwhere you have your automatic updates
set up, if you have your automaticsoftware updates set up, then at that
point you, you may have something goingon that's not really desirable there.
G Mark Hardy (23:43):
Yeah, so this almost seems like the immovable
object and the irresistible force.
So in one particular thing, we'vegot a requirement that says we
are agreed to remain compliant.
There's some hefty fines and penaltiesthat are out there if we do not.
So we spent a lot of time, we built this.
DataFortress, so to speak.
We've got DLP set up.
We have all the controls.
We have everybody signed.
They agree, etc.
(24:04):
All right We got a pretty good assurancethat we are complying with what the spirit
of the law, if not the letter of law.
Now when this comes along to say thisthing's gonna break it wide open and yet
you cannot be an e-ludite and say we'rejust gonna ban AI from our environment.
We're not allowed to do thatbecause it's not going to work.
it's a little bit like saying,Hey, we were not going to
(24:24):
allow cell phones at work.
good luck with that.
Unless you're working for theCIA or something and they get
it, you're not going to havea valuable working condition.
But let's bring this home a little bitmore for cybersecurity professionals.
So we have a model that'straining on the open world.
For example, ChatGPT, and thenguardrails and controls are put on
(24:45):
it, which you may or may not be ableto jailbreak, but let's say somebody
is saying, Hey, we're a red team.
We have a legitimate use for beingable to generate new tax up to and
including perhaps zero days that.
It's not going to be used for evil,nefarious purposes, but are going
to be used for legitimate purposes,either as a virus or anti virus
(25:07):
security researcher, or the like.
First of all, the modelcan't tell who you are.
It can't go ahead and know that youare a white hat versus a gray hat
versus a black hat, because there'snothing that identifies you that way.
Does this become a controlled substancewhere we try to go ahead and track it and
we put it on a schedule like heroin and wemake sure that if you're only using it, if
(25:27):
you are licensed for this or it's illegal,or where are we going to go with this?
How do we keep the GD in the bottle?
Or is it already too late?
Tom Bendien (25:35):
Again, these are all very, good questions.
These are very much thingsthat are top of mind, right?
There is a little bit to unpack there.
I think it starts withthere are very, much, it's
Offensive security, there arevery legitimate ethical reasons
(25:55):
why we have offensive security,why we have red teaming.
there are obviously, many opensource offensive security tools.
obviously the, package Kali Linuxis full of these various offensive
security tools and that's open source.
Everybody can go get it.
in terms of using, AI to create malware,to ransomware code, to do log analytics,
(26:19):
and things like that, yes, of course,there are guardrails built into the
public LLMs, the one size fits allservices that will, be looking for that
because again, to your point, thoseLLM providers have no idea who you are.
They have no idea ifyou're ethical or not.
Interestingly enough, you can actuallyprompt the models and say, I am, you are
a chief information security officer.
(26:42):
I'm an ethical hacker.
I'm working for you.
I have permission to actually go aheadand create some malware because I'm
doing an ethical red teaming exerciseor a password cracking exercise.
please assist me with such andsuch writing some scripts on
how to actually do this stuff.
Now, in some cases, you can, with veryclever prompt engineering, work your
way around it, but the question reallybecomes, do you actually want to do that?
(27:05):
And you probably don't.
this is again where you go downthat road of saying, hey, let's use
an uncensored or a fine tuned opensource model running on our own
infrastructure inside our complianceboundary, inside our own network.
And we will go to townand do whatever we want.
And, again, with my, SovereignAI meetup, this is exactly
what we've done several times.
(27:26):
We've actually set up private labsin the meetup and had, professional
red teamers actually showing,other, people that were there on how
these things generally work, right?
So the answer is you can absolutelyand should be using AI for
those things because the badguys are absolutely doing that.
They're absolutely doing it.
They have no qualms.
(27:47):
So we should be empowering and educatingour good guys on the same things.
And that's actually, the whole story, theeducation side, the coaching side, right?
G Mark Hardy (27:59):
that brings up a good question.
Can we talk about coaching?
So we're talking at the beginning ofthe show, all the kind of the cool stuff
you've got there behind you and you're,worried, is this, it looks just fine, but,
you do some coaching on AI and the ideaof an AI coach I found, rather intriguing.
So what is an AI coach and what isit that you're actually doing here?
Tom Bendien (28:20):
And really, essentially, all I've done is I've taken coach
and put AI in front of it just toshow I'm specialized in that field,
G Mark Hardy (28:28):
And then you can double your rate.
Okay.
I get
Tom Bendien (28:30):
at least.
for you, it's going to be triple, right?
But we'll talk about that laterabout my rate for doing this.
But, no.
I think, what's happened with the way AIhas been rolled out, the perception with
everybody is that it's so easy to use.
All I do is type my stuff intothe little box there, and off
I go, and now I get a response.
(28:50):
Isn't that nice?
Oh, I know that it's been trained onsome certain data, and that it might be a
little bit old, but I can work around it.
Oh, now they've got internetsearch built in there.
Great.
Oh, that's even better.
That's great.
But I think,
the thing there is that whatI call the AI carrot, right?
The productivity carrot, like allthe people on the board, all the
(29:12):
senior leadership are all sayingwe are being told and must have
productivity benefit from AI.
They're all about it.
We've got to have it.
And for good reason, right?
It's like saying we went from thetypewriters and the faxes to email now.
We all need to learn howto use email now, right?
Back in the day, right?
We all learned how to use email.
But then comes, How do we scan theimmunizations of viruses and how do
(29:35):
we, put insert the mission sayingdon't click on external links and they
come in and things of a such, right?
The same thing holds true for AI.
It's the thing here is that AI hascome upon us so quickly and the
productivity benefits are so significant.
There's so much business pressureon doing this that most leadership
teams, firstly struggle to understandhow the stuff actually works.
(29:59):
If you struggle to understand howit works, how can you secure it?
And then there's not reallyany significantly developed, or
well documented best practicesaround governance for AI either.
this is something that, I'vebeen working on with, Jim Routh.
we've actually worked, on developingsome governance framework, and I think
it's been some really good work that,that, that's been going on there.
(30:21):
but the problem there is,again, AI needs to be governed.
It's just really the, I like to say,it's just another enterprise application.
It's no different.
It's just a very powerful.
It's like bringing those powertools into an organization.
It's very, powerful.
you can assemble 10 more cars anhour by using power tools, but you
can also cause a lot of injuriesand you can injure the operator.
(30:44):
if you use them incorrectly, and youcan actually cause a lot of damage.
And so that keeps coming back to coaching.
So coaching executives on thinking onunderstanding how the stuff works, because
most executives don't really don't.
And that's why I think this,podcast is going to be very helpful.
trying to demystify how it works.
It's very simple.
(31:04):
It's just pattern matching on data.
but then it's also talking with HRpeople and saying, in terms of helping
your employees understand how to safelyuse AI, how, what are you doing to
help your employees understand it?
what types of educationare you offering them?
And what controls are you putting inplace when harmful content pops up?
Or when an employee says,I'm very concerned about
(31:25):
something that I'm seeing here.
Or, helping the employee to understand,hey, please have human in the loop.
make sure that you're not makingcritical business decisions based
on what the thing's telling you.
But how do I know If it is a criticalbusiness decision and then, legal and
the finance guys get involved too.
(31:46):
And it's we need to understand thisbecause it's going to be potential legal
impact or financial impact to what myguys are doing, just like with cloud.
So the coaching there is goes onwith line of business, with finance,
HR, legal, C suite, all these folks.
And then also end users, right?
You need to coach your endusers to leverage the power
(32:07):
tool effectively and safely.
And have a governance frameworkin place to handle, things when
they go wrong because they willgo wrong and you need to have your
AI incidence response plan, right?
So hopefully
G Mark Hardy (32:20):
Right.
So that's great for the executivecoaching, but we were talking
about the toys in the back.
So you've also got people whoare a little bit younger than
executives who are actually in AI.
Tell me a little bit about what you'redoing there and anything you've started up
Tom Bendien (32:31):
Oh, absolutely.
Yes.
So the key thing now is that of course,
AI is already here and our youngpeople, even down at the elementary
school level are starting to use it.
They can use it on their phones.
A lot of them have thesmartphones, they have computers.
And so I've been personally involvedin just volunteer coaching on
(32:52):
US Cyber Patriot program, whichis coming out of the Air Force
Association for high schools.
I've been, volunteer coachingat Briarwoods High School here
in Loudoun County, Virginiafor probably two years now.
So I go to the school every Mondayand we, we work on learning our
cybersecurity tools and we build homelabs and AI labs and all that stuff.
(33:15):
and so probably since late, summer,like fall last year, is when I first
started to bring, private open sourceAI platforms into the cyber club.
And we started learning how to use it and,doing, having all our chat session logs.
And everybody of course understoodthat everything they were doing was
(33:35):
being logged, which is another bigpart of your covenants thing, right?
You have to have your chat session logs.
but it was very interesting.
And so I started to think, my gosh,this is so important that we, push.
not only executives and peoplein business, but also our young
people, because the issue is, allthe curriculum that goes into our
(33:56):
schools is, basically rolls down fromthe federal government to the state
government to the counties and such.
There's, it's going to takesome time to update that and to
create AI training curriculum.
And the problem there is thatthis goes in a year cycle.
So right now, I've not yet seen anyschool curriculum coming down for
(34:16):
the new school year, which means thatit's not going to be there until the
following school year, which meanswe're 80 months out from where we are
now, approximately, before we reallyget any decent AI curriculum developed.
G Mark Hardy (34:27):
And that's another generation of AI.
And then all the curriculum is goingto be Nearly obsolete, which is one of
the difficulties in the edu world, isthat the bureaucracies, and it's not
necessarily a criticism, it's just anobservation, but in the desire to ensure
that there's a deliberate process thatwe, in, that the final curated output
is effective in terms of educationstandards and anything external.
(34:52):
That's great when you're teachingchemistry, the chemical reactions
haven't changed in a few hundred years.
Mathematics, unless you're at theextreme edge, hasn't changed a
whole lot and things such as that.
But this is changing all the time.
And even more rapidly than, GMark's law, half of what you
know is obsolete in 18 months.
It might be probably closer to 6to 12 in AI, which also almost begs
(35:15):
the question, What could go faster?
And how do we prepare for that if,is it going to be the AI itself
that gets inside our OODA loop andit can respond faster than a human?
Or is there somethingthat comes after this?
Or have we reached our, thisis the fastest things will go?
And nobody's ever been correct about thatbecause we always find ways to go faster.
(35:37):
So we've got executivesthat are getting coaching.
We've got the young people who aregetting an opportunity to get introduced.
How about the rest of us?
People listen to this podcast.
They're probably somewhere in betweenand they're going like, okay, come on.
I've been listening to this thing.
Give me something I can walk away with.
What can I do?
What actions can somebody take toimprove their career and their knowledge?
Tom Bendien (35:55):
So this is what I would call the, more career coaching, right?
So
this falls into the bucket of, I've got.
industry professionals and personalfriends that are recently said,
my gosh, Tom, we're either aboutto get laid off because of AI,
or we are being asked to use AI.
We don't know how, and nobody's got anycoaching or training programs for us.
(36:17):
We know how to use ChatGPT.
That's great.
But when it starts to get alittle bit more complicated
than that, we have no idea.
and so I think the,
it's like saying we, we needsome kind of an AI, power tool,
education program of some sort.
(36:37):
This obviously needs to comedown from the federal level.
Absolutely.
It needs to be very, very much ubiquitousand become part of our education process.
No doubt, that obviouslywill take a little time.
but in the meantime, I think there areopportunities for, training schools
and training organizations, that areteaching STEM and IT, classes, CompTIA
(37:01):
and the like and things of a such.
I think that those training schoolsneed to start looking at rolling AI,
user training into their, programs.
it's essentially what I'm doing now.
and.
I am running, small group programs.
I have a new, Tuesday nightAI group, starting online.
(37:23):
I have my monthly event, whereI get industry practitioners
coming together as well in person.
it's very grassroots, right?
Obviously, it's not, it's,I'd like to scale it, but.
I don't really know the answeris other than, self learning.
Self study, trying to find localgroups that are involved in AI,
(37:44):
trying to make those relationships,looking at things like this podcast.
the AI thing is very,much self learning, right?
You can, It's self learning andevery day there's new stuff going on.
G Mark Hardy (37:56):
it sounds like it'd be a magnificent obsession.
And then you forget to do your joband then you'd be sitting there.
Unemployed due to AI, but mostly becauseall he was doing was playing with AI.
And there's a saying that says yourjob will not be replaced by AI.
Your job will be replaced bysomebody who knows how to use AI.
What do you think about that?
Tom Bendien (38:14):
yes,
it's, true, really.
it's like saying, Hey, you've gotan auto mechanic shop where you're
servicing vehicles and, you've beendoing it, with regular screwdrivers
and ratchets and things all day.
And the guy next door opens up shopand all those guys have power tools and
they're all doing it 10 times faster.
And so what they can do is theycan do a better job more quickly.
(38:37):
for, less or the same or less money.
And then, of course, then, that becomesa very difficult conversation for
the person who doesn't have, who'snot either willing to adopt those
skills or doesn't have the skills.
G Mark Hardy (38:49):
and so we look at this technology and each time we get a
major change, for example, it was.
Henry Ford, who had said that if I'dasked my customer what they wanted, they'd
have said they wanted faster horses.
And of course you have the automobileand then we can go fast, but we
have a kind of an upper limit.
We're not flying aroundlike back to the future.
Although it would have been cool.
We passed that in 2015,but no flying cars.
(39:12):
With AI, we're Get these huge productivitygains that were advertised, but at
some point that's going to level out.
It's not going to infinitely increase.
So when do we saturatedAI or does it saturate?
Do we simply say we've been mumping along?
Boom, this is a step.
We can either slowly climb it or we canjump up the step, but eventually it's a
step function and something else is goingto have to take us to the next level.
(39:35):
How do we know when we're there?
When do we stop going asking formoney or time or resources or training
or other bodies or people or modelsto go ahead or chips to do this and
simply say, Hey, we are, we're there.
We're using AI to themaximum reasonable benefit.
Everything else is goingto be tangentially benefit.
How do you know when you're there?
Tom Bendien (39:56):
yeah, so it's interesting because I think there's a lot of focus
and a lot of conversation about, oh,when's the next model going to drop?
When's the next model going to drop?
How many, billion parametersdoes it have and all that stuff?
And when can we getbetter GPU, faster GPUs?
I think, what we're actually seeingright now from that side of it is
that they're starting to find thatthese models are maxing out already.
(40:19):
we've got the 400 billion parametermodel that's going to drop from
meta at some point this summer.
that's a huge model that's beentrained for a very long time.
I think, I think, GPT 4 was trainedon about 13 trillion parameters.
LLAMA 3 was trained on15 trillion parameters.
There comes a point wherethere's only so much data, right?
(40:40):
but I think really the, biggest thinghere is that we have such a long
way to go to actually, deploy AI andto educate people on how to use it.
that's an extreme example would be,I think about the small villages in,
in countries like Africa, let's say,or the Amazon jungle or whatever.
(41:01):
if you imagine that you could bring aruggedized laptop that's got a small GPU
in it with a small fine tuned model formedical use cases, imagine if you could
get that kind of help to those smallercommunities like that, to where they can
do things like the medical and healthcareand things like that using the AI.
the fact of just the idea ofjust getting it to be ubiquitous
(41:24):
across the entire world.
That is such a long curve there.
so I think we're a long wayfrom really saturating with AI.
And in the meantime, obviously,The tech will keep getting better.
The fine tuning will keep getting better.
We're going to have smaller modelsthat will run on, on, on these
devices that's happening already.
(41:47):
it's, I really think we're still along way away from really maximizing
or maxing out on, AI at this point.
G Mark Hardy (41:56):
It's a fun time to be alive and fun time to be in
the industry and things such as
that.
It, very.
Of course, you're, be careful.
You live in interesting times, whichis both the blessing and the curse.
Hey, as we get close to the end ofthe show, this has gone very quickly.
Any final thoughts?
And then also, how wouldsomeone get in touch with you?
They said, Hey Tom, I reallylike what you're doing.
I'd like to follow upwith you a little bit.
How would they do
Tom Bendien (42:17):
Yep.
definitely.
I'm on LinkedIn.
I have rather a unique name,Tom Bendien, B E N D I E N.
I'm probably the onlyguy out there with that.
So hit me up on LinkedIn for sure.
I think, we have to focuson education, right?
We have to educate, acrossthe entire spectrum.
(42:38):
We have a lot of education to do in termsof how people understand how to use it.
Absolutely.
For the cyber community,we absolutely need to help.
the cyber community understand howto put cyber governance in place.
obviously there are, mainstream cybertools manufacturers that are out there
that are including AI in their tools.
(42:58):
And that's great.
And that's absolutely there.
But there's so many other things going on.
And I think, again, it's about educatingand, both from the school curriculum
side of it, but then also industryhas to figure out how we're going to,
Educate, organizations and employees,because otherwise it will start going
(43:19):
off the rails and bad things willjust keep happening and it's just
becomes a bit counterproductive.
G Mark Hardy (43:26):
it sounds yeah, so it could go well, could go poorly, could
probably do a little bit of both,and it's really up to our responsible
use for artificial intelligence.
So I thank you for giving the overview.
We took a look at AI.
What is a LLM?
How does a large language model work?
It's basically a predictive modelgoing to figure out the next
mathematical thing in the sequence.
They can do the most logicalthing that's going to come.
We talked about private models versuspublic ones, how you could go have
(43:48):
privacy there by having your own, Modelrunning locally, train it on your own
data, and then you can use it for thingssuch as red teaming, pen testing, etc.
You're not breaking any rules, norare you giving away any information.
We talked about your coaching andthat you talk about with executives
needing to understand that as well asindividuals and also younger people being
able to get early in early, understandwhat AI is, how they could use it, and
(44:09):
maybe align that with their careers.
And so this has been a fantasticFascinating conversation.
I really enjoyed it, but our time is up.
So for our audience, thank you very muchfor being a part of CISO Tradecraft.
We hope that this has helped you in termsof your understanding and knowledge of AI.
If it has, go ahead and tell somebodyelse about our podcast so they
can go ahead and follow as welland improve their CISO Tradecraft.
(44:31):
Until next time, this isyour host, G Mark Hardy.
Stay safe out there.
Well hello and welcome to another episode of CISO Tradecraft,
the podcast that provides you with theinformation, knowledge, and wisdom to be
a more effective cybersecurity leader.
My name is G Mark Hardy.
I'm your host for today, and we're goingto be talking more about artificial
intelligence with Tom Bendian, whois joining us on our call today.
If you're watching us on YouTube, great.
(00:32):
Don't forget to go ahead and subscribe.
If you're following us on yourfavorite podcast channel, great, but
tell other people about us and don'tforget to check out our YouTube.
channel.
If you're not on there already, causethen you get see my smiling face.
LinkedIn is a great place to follow us.
We've got lots of information.
We put out stuff almost every day or so.
It'll be a high signal, low noise.
It'll be great for you.
(00:53):
So without further ado, Tom,welcome to CISO Tradecraft.
Tom Bendien (00:56):
G Mark.
I'm glad to be here.
G Mark Hardy (00:59):
Now, I met you a couple of weeks ago, online, and we had
dinner the other night, and I alsofound out that, you're actually taller
than I am, which is rather rare,and I'm thinking, you guys from, you
from Holland or something like that?
And, maybe but you, certainly don'tsound that way, so tell me a little bit
Tom Bendien (01:12):
Oh, absolutely.
Yeah, absolutely.
Yes.
by the way, thanks forgiving the beers as well.
I appreciate that.
yeah, originally I'm, Dutch actually.
born in Holland, we moved to NewZealand when I was a little kid.
My dad was an engineer at Caterpillarand he fancied a change of scene
for the family, French sceneryfor the family, so decided to up
(01:32):
and leave and move to New Zealand.
So that was really nice.
I grew up down there and thenin my early 20s, I actually
moved to Sydney, Australia.
and I, worked, running, MicrowaveGear and, did some work with Satcom.
ended up actually moving back to Europe.
So I lived in, Amsterdam for a coupleof years just to reacquaint myself
with, with the Blood family there.
(01:53):
and then actually decidedto move to London.
So I lived in, West London fora couple of years and traveled
around Europe with, my family.
Satcom Gear doing stuff and came to the U.
S.
in, 97.
G Mark Hardy (02:05):
And you liked it here, so you stuck around
Tom Bendien (02:06):
Yes, exactly.
Yes.
So I had to, take care of my family.
So the first thing, a guy from down underdoes when he comes to the States, he has
to find someone who will have him, right?
So you had to find a wife there.
So I did that.
And then, then I, just, thatwas, 20 something years ago.
So there we are.
G Mark Hardy (02:26):
when you're having fun.
And, so anyway, Interesting background.
So done stuff with SATCOM andthings such as that, but obviously
artificial intelligence we're talkingabout is not something that you were
doing two or three, let alone 20years ago and things such as that.
So what got you interestedin AI in particular?
(02:46):
And when did that happen?
Because a lot of us are wondering,did we miss a memo somewhere?
Because this is allmoving way, way, too fast.
Tom Bendien (02:52):
Yeah, no, indeed.
yeah, I think like probably a lotof people, November 22, right?
When ChatGPT first launched, Ihave had, some time at AOL and
some online companies, right?
So I've been in that sort of emergingtech space and with online companies
and media and things like that.
(03:13):
So something like that, I lookedat it and I thought, my gosh,
this thing has some potential.
And then, I had been working for adata analytics company at the time, but
it only software company at the time.
And I started to think about saying,Hey, can we actually use create AI
to start creating SQL, sending SQLto a query engine and then using
(03:34):
the query engine to query datasources, for cybersecurity use cases.
and so I teamed up with a goodfriend of mine, Rory, and we actually
built a functional prototype thatwe, demonstrated, in April of 23.
there's actually a YouTubevideo that we did about that.
and from there it juststarted kicking on, right?
(03:56):
So then it started with closed AI withChatGPT with it, there were any guys in
town, then Lama started to drop, thenthe open source thing started moving.
I was in a tech layoff middleof June last year and I saw,
I'm just going to go full tilt.
I'm going to go after this andreally immerse myself, in it.
And then, basically startedan AI consulting business and
(04:18):
a managed services company.
So here we are.
G Mark Hardy (04:21):
Oh, interesting.
Now you, a lot of things wentflying by for people who may or
may not be familiar with the closedmodel, open model, Lama, et cetera.
So we're going to get into all of that.
And, in fact, let's talk aboutthe concept of an AI model.
So first of all, what isartificial intelligence is not.
Okay, so these things at this pointin time, it's not the singularity.
(04:42):
We have not reached a pointwhere we have generalized AI.
These are, if you will,the starter engines.
These are really the trial, try beforeyou buy when this thing really gets going.
and yet, so if we had to explainto somebody who's fairly technical,
but not necessarily an expert inAI, how would you explain what is
(05:03):
going on, what's happening here?
Tom Bendien (05:05):
Yep.
So the analogy I like to use here is that,large language models are essentially, a
large amount of information that's beenvacuumed up from all over the internet.
it may have been obtained throughcertain data sets that have been
intentionally fed into, the modelduring its training process.
So it's like saying, Hey, I want to send,a group of 10, 000 people out in the
(05:30):
wild world and just gather informationand books and whatever they can find,
throw it all in a warehouse, throw itall in a large building, and then start
to create, mappings or, connections.
And this is what's referredto as neural network.
Saying, hey, I've got a book aboutthis, the subject, and I've got a
physical object about the same subject.
And let's make a relationshipand connect those dots together.
(05:53):
and then it's like going tothe library or, what have you,
saying, I have a question now.
what data points do you have thatcould potentially match up with my
question and can you stitch some wordstogether that will give me a response
to my prompt on my question, right?
So it's it's literally,it's not self aware.
(06:13):
It's just a whole bunch of data.
You're interacting with that data set.
It's being mapped into a neuralnetwork to form those relationships.
it's not self aware, it's notsentient, it can't really make its
own decisions or start its own thingunless you do, agents or other stuff.
But essentially it's just a largeamount of information that's been
indexed and put into a frameworkthat can be interacted with, right?
G Mark Hardy (06:36):
So ChatGPT is probably something we're most familiar with,
and I was told if you're using 3.
5, go ahead and break outthe checkbook and, get 4.
0, because it's like lurkingwith a 10 year old cell phone.
There's things have been moving that fast.
But if you look at some of theseconcepts here, then you say
you'd mentioned the word agent.
And so an agent lists model like GPT,ChatGPT, Is basically just going to
(07:01):
communicate back and forth with the human,typically in the keyboard, and it tries
to make it look like it's a human byspacing out, but in fact, it's actually
just generating these things a lot faster.
But what would we, what's anagent when it refers to AI?
What are we talking about there?
Tom Bendien (07:16):
Yep.
So the single sort of back and forth,interaction that you speak of, there's
what you might call interrogative, aninterrogative method, of, interactive AI.
agents are a framework where youessentially have, like multiple
prompts that are going on, youconfigure, multiple prompts and they
(07:39):
can be mapped to different LLMs.
They don't all have to be on the same LLM.
And because they're going tobe different prompts, they can
have different personas, right?
you could have an, prompt that'sin the role of an analyst and it's
going to go and search information,or you could have the CISO role.
that's the leadership role that wantsthe analyst and the researcher agent and
(07:59):
data source, ingest things to collatea lot of information and then roll it
up and summarize it for the CISO role.
And the reason why agents, are importantat the moment is that, even though you
have these large, language models thathave a million token, context size,
we can dump lots of information in.
In practice, that doesn'tactually work very well, right?
(08:19):
In practice, the model will getconfused, it'll start to hallucinate,
it'll start to, get confused andstart going around and around.
that's why breaking interactionswith LNs into small subtasks, is
actually more effective usually,
G Mark Hardy (08:35):
So what we have then is a concept of actually having agents
where you'd have a few, almost twopersonas, as you mentioned, where I
could have, for example, let's takeChatGPT, which is great for going ahead
and it will go ahead and predict thenext word that's logical, but it's not.
Dial in to the internet if youlook right now and you ask ChatGPT.
What is your cutoff date for information?
(08:56):
It's I think it's November 2021 Butyou're gonna have an agent that can go
ahead and hit Google and you can sayhey go look for this search term And it
can go grab things and so as a resultif you create a query here, which has a
cutoff date You can say hey agent one gotalk to agent two who's your researcher?
Researcher goes out, grabs stuff, comesback, gives it back to Agent 1, who
(09:16):
then adds that to the mix and said, Ineed a little bit more data on this one.
hey, Agent 2, go get me a little bit more.
Am I catching the concept
Tom Bendien (09:23):
Oh, absolutely.
You're absolutely catching concept now.
Also, very recently, internet searchenabled or internet connected enabled
models are now out there, right?
OpenAI has it, Meta has it,Google has it, to some extent,
the Microsoft guys have it too.
it's also something thatmost people are not aware of.
(09:45):
I think most people are still thinkingthat, hey, the only interaction I can have
on LLM today is going to be based on itstraining data, which is static, right?
It doesn't change.
To your point, I think bringing anagent, framework that can get to
the internet is, absolutely helpful.
and then giving it the differentpersonas and chores and
(10:06):
roles, is also very helpful.
G Mark Hardy (10:10):
Now, you mentioned something that I think is key, and the idea of the
information or the training is Static.
So that suggests that once you go aheadand you're going to train a model,
you're going to collect a huge amount ofinformation, perhaps, petabytes of data.
And first of all, this model is going todo what we call unsupervised learning,
where it's, and when you say unsupervisedlearning, it's a little bit like,
(10:33):
okay, go figure this stuff out, go drawconnections, look for similarities.
It's not a human walking them around.
And how, what's happening when yougo from just the raw information
to some unsupervised learning?
There's some more steps, but afterthat first round, what do we have?
What is this model produced?
Tom Bendien (10:51):
yeah, so what you're doing basically with the model
with, the training data is you're,creating all the mappings and you're
creating the neural network, right?
And then also you're adding on, the inputlayers, and the output layers, guardrails,
potentially you're adding a lot oflayers to the, to the, mix there, really?
G Mark Hardy (11:09):
that comes next, but that's not part of the unsupervised learning.
That's just, that firstpart where you're right.
You're creating all theconnections, if you will.
You describe it as a neural network,although you're not really running it
on neural nets or running it on GPUs.
Tom Bendien (11:22):
Yes,
G Mark Hardy (11:23):
something?
Tom Bendien (11:23):
the nueral network is just a way to describe, like, all
of the relationships between allthe data points, all the parameters.
so
G Mark Hardy (11:32):
Sure, because one thing doesn't connect just to one.
It could interact and it
Tom Bendien (11:35):
Yeah.
So like that
G Mark Hardy (11:36):
Got it.
Tom Bendien (11:38):
there's, there's some pictures out there of the stuff, but,
but yeah, that, the training processhas a couple of different phases and
then you end up, typically peoplethat are making these foundation
models, the, Lama models and such
they're going to put in someguardrails, they're going to adjust
the weights and then tell it notto respond to certain things.
(11:59):
And if certain things happen,then it's going to respond a
certain way and what have you.
Yeah.
It's a multi step process, really.
G Mark Hardy (12:07):
And so as you do that, we'll eventually get to the point where
I'd say, because it's a static model, ifnew information comes along, absent some
other agent who could go fetch thingsand bring it in, you're going to have
to start all over again and retrain yourmodel, which means that's probably why
when you have something as massive as aChatGPT, that it's not being dynamically
(12:28):
updated every two weeks, because itprobably takes longer than two weeks
to put all the connections together.
Tom Bendien (12:33):
oh, absolutely, yeah.
So I just want to unpackthat a little bit there.
So there's a couple of things, right?
So by all means, you're going to trainyour foundation model that is, foundation.
there's some other things thatyou can do at that point, right?
So there is, fine tuningthat can be done, right?
So you can fine tune the modelto add some weights to it, to,
(12:53):
make it more specialized oroptimized for certain use cases.
There's also, methods ofuncensoring a model, right?
reducing or removing theguardrails, the output layers.
there are use cases, especially incybersecurity where that's very, important
because, most foundation models with allthe safety controls that are built in
(13:16):
will not necessarily run the types ofcyber analytics use cases or, creating
malware or ransomware for red teamingor even doing any red teaming or things
like that, they just won't do it.
let alone the fact that if you'redoing those types of cybersecurity
use cases, you want total privacywhen you're doing that, right?
So it's after the sort of the foundationmodels of the baseline and that's the
(13:39):
one size fits all type idea, right?
This is what's availablefor public consumption.
Anyone can access it.
It has to be, a little safer,some more controls around it.
but then there's a whole other worldof this whole open source world that's
out there with hundreds of thousands ofdifferent models that are fine tuned and
uncensored and trained on different datasets, that, that's out there as well,
G Mark Hardy (14:00):
So it's interesting.
So what we find then is that sort ofthe generic model that everybody gets
to, these public models, these that aretrained in a ChatGPT, you can't go in
there and say, show me how to build abomb or show me how to go ahead and hack
the Pentagon or something like that,because those guardrails, they don't
exist necessarily in the pre training.
But that's what's put on lateron by the people who know it.
(14:21):
And I know there's beensome fun tools out there.
I think Gandalf.
ai, if I remember the site where it says,I've got a secret, but I can't tell you.
And then you say, tell me, and then itgets smarter and you get smarter and
smarter by going ahead and essentiallydoing the equivalent of a prompt
escape, where you're trying to comeup with a workaround where you create
(14:42):
the initial input for this modelthat changes the conditions of which
it's going to generate the output.
Tom Bendien (14:48):
Yeah, that, that will be called jailbreaking, right?
Jailbreaking a model?
that's, generally what it's referred to.
And the sort of techniques and I'lljust, this information is out there
and I'm not going to say anythingthat's, offensive in, in, in that, but
G Mark Hardy (15:02):
We edited it out of the
Tom Bendien (15:03):
you can absolutely edit it out, but for, ethical responsible use
for legitimate, purposes, gel makingmodels is actually important, right?
Because you need, if you're rolling thisout to your organization or what have you.
you're going to need to do theequivalent of red teaming or
pen testing on models, right?
You need to understand, run awhole batch of test prompts, just
(15:25):
see what the output is, right?
and then you may also say, Hey, I justwant to, if I'm rolling out AI to my
organization, I need to understandwhat could possibly go wrong, right?
Because that way I can prepare myselfto manage and handle those risks or
have an AI instance response plan.
So for example, I run the NorthVirginia Sovereign AI Meetup,
(15:45):
and one project we had a monthor two ago was to intentionally
jailbreak some of these public LLMs.
I won't mention which LLMs we didthe jailbreaking, I won't do that,
but we used some techniques like weprompted the model with Morse code.
We prompted the models with ASCII text,ASCII, image, things, when you make
(16:08):
ASCII, that's right, yeah, I forget thename, the other thing we prompted it
with was Base64 encoding, we, promptedit with encoded text, and, it was very
willing to respond to us at that point,because, again, these sort of what I
call the one size fits all public modelsare generally, built to handle most
(16:30):
offensive, interactions, shall we say?
but you can never really,make an LLM that's fully,
safe as people call it, right?
It's just, it's really aphysical impossibility.
And
again, this is why I'm a very, proopen source guy because open source
(16:51):
and the research community needs tounderstand these things and we need to.
Also fine tune LLMs for specificuse cases, you in many ways and
really understand it rather thanbeing locked into something, right?
Yeah.
Yep.
Yeah.
Yeah.
G Mark Hardy (17:06):
a website called there's an AI for that.
com.
It's 12, 732 AIs for 14,925 tasks and 4, 803 jobs.
As of right now, it's probably gonna bedifferent when you watch this episode.
But the idea is that this.
All this stuff that's out there.
And is this mostly just like my spacewhere everybody's creating their own
(17:30):
little thing out there in the early daysof the internet and most of it's garbage,
or is there some real value in this?
And if it was really good, why is it free?
Yes, exactly.
I keep you talking for a moment.
Tom Bendien (17:47):
Again, I like to always just go back to saying, hey, there are
a couple of large companies, out therethat we all know that have that, what
I call the one size fits all model.
it's used for general consumption.
It does a very good job at most things.
However, there are, other usecases where it may not work well.
And there may also be absolutely usecases where you want 100 percent privacy.
(18:13):
and so this is where the opensource LLM start to come into it
and including the open source tools.
and as a security professional,data privacy and data spillages
is in any case always top of mind.
You're always worried aboutwhere is my company data going?
As recently as this week, when Applestarted talking about their new, Apple
(18:37):
Intelligence, very smart, playing onwords, AI, Apple Intelligence, right?
a very, a thing that we're allvery concerned about right now is
the fact that, there will be theability, that we believe is the case.
And again, this is very new newsright now, but, they're going to
run some Apple models on their ownprivate cloud that they've spoken of.
(18:57):
However, there will always also bethe option to say, Hey, do you want
to use ChatGPT for such and such?
And then apparently the way this isgoing to work is it's going to be a user
opt in, feature there where the usercan opt into doing it, which is great.
However, as an organization froma cyber perspective, if that's now
baked into the operating system,how do you manage this risk now?
(19:21):
Because The moment that the end usercan say, yes, I want to use ChatGPT.
Do you have the tools toprevent that from happening?
And I think the answerright now is we're not sure.
We don't know.
And
G Mark Hardy (19:36):
Yeah, and is OpenAI going to tell you what they're
going to do with your data?
Will they promise, oh, we won'tpeak, no, I don't think so.
It doesn't come with any guaranteesand they don't let you audit them.
And you can't go ahead and show upwith a clipboard and say, I'd like to
take a look at your operations, please.
Tom Bendien (19:50):
yes, again, I'm not, I'm not being down on the OpenAI guys.
they've done a phenomenal job in actuallymaking AI available to people, right?
They did a phenomenaljob making it accessible.
Now,
but, the thing there that, what becomesimportant is saying, any data that
gets sent to any LLM anywhere, whetherit's a private LLM or public LLM,
(20:15):
all your data is in the prompt andall that data has to go to the large
language model to be, to run inference,as they call it, to run inference.
It's a very non intuitive term.
I don't know who came up with that, but,You just have to be very aware as a,
cyber, as a CISO or what have you to bevery clear on that anything that your
people or your applications, interactwith it with an LLM on that information
(20:41):
is going into the LLM and into theenvironment where the LLM is being hosted.
and so I think personally, my personalopinion is that this whole thing that
Apple's doing, if they, bake that intothe operating system, I was speaking to
some people in the government recentlyand they said, my gosh, what happens
if this large deployed base of Appledevices, because it's not limited to
(21:01):
iPhones, it's on iOS, OSX, all the stuff.
What happens if we now do that OS upgradeor the patch, this stuff is now in there
cooked in the OS, we can't control it.
And now all of a sudden our users aregetting presented with that opportunity
to interact with an external LLM.
We've now actually, our data hasnow actually crossed a compliance
(21:22):
boundary, because currently thecompliance boundaries inside the
Apple environment, which is great.
That's all self contained.
But what you've just done is if you'vecreated those abilities or the connections
to external LLM inference, at that point,all bets are off because you've just now
extended your compliance boundary, right?
(21:42):
So
G Mark Hardy (21:43):
Yeah, it's just, so I've got two things.
The first thing, GDPR and your right tobe forgotten, you come along and say, I
want you to take me out of your model.
And you say, wait a minute, we'vetrained this thing for six months.
We spent a gazillion dollars onelectricity to have this static model.
And we know it doesn't come back out.
But then as you had mentioned, if wetrain a model and it gets locked down
(22:05):
in static, And now you're saying, wait aminute, this is going to be dynamically
updated as everybody goes in their Apple.
That's a different modelthan we talked about.
How do you reconcile the, it takesmonths to bake this thing and make
it versus, Hey, we'll give yousomething on a Tuesday and it might
come back at a neighbor on Thursday.
going on there?
Tom Bendien (22:22):
Yeah.
So again, the, big thing here is that,the moment that a user that's using
your device, whether it's an iPad ora phone or a computer or whatever, it
is, the moment that they have a wayto interact with an external LLM, your
data is leaving your network and goingover to somebody else's system there.
they may be accessing informationthat's in the sort of the static,
(22:46):
and the static part of the model.
They may also potentially be activatingsome kind of external web search that's,
that, that is not necessarily initiatedby the user, but that is, that is,
inferred by the, processes that aregoing on with the external AI provider.
(23:08):
And so the, it comes, it just comesback to that whole problem where.
As a cyber professional, you needto be crystal clear about where is
that compliance boundary and what'shappening to my data if it crosses that
boundary and what could possibly happenbecause it's where a little bit of our
all bets are off situation right now.
(23:29):
And again, if you're in a situationwhere you have your automatic updates
set up, if you have your automaticsoftware updates set up, then at that
point you, you may have something goingon that's not really desirable there.
G Mark Hardy (23:43):
Yeah, so this almost seems like the immovable
object and the irresistible force.
So in one particular thing, we'vegot a requirement that says we
are agreed to remain compliant.
There's some hefty fines and penaltiesthat are out there if we do not.
So we spent a lot of time, we built this.
DataFortress, so to speak.
We've got DLP set up.
We have all the controls.
We have everybody signed.
They agree, etc.
(24:04):
All right We got a pretty good assurancethat we are complying with what the spirit
of the law, if not the letter of law.
Now when this comes along to say thisthing's gonna break it wide open and yet
you cannot be an e-ludite and say we'rejust gonna ban AI from our environment.
We're not allowed to do thatbecause it's not going to work.
it's a little bit like saying,Hey, we were not going to
(24:24):
allow cell phones at work.
good luck with that.
Unless you're working for theCIA or something and they get
it, you're not going to havea valuable working condition.
But let's bring this home a little bitmore for cybersecurity professionals.
So we have a model that'straining on the open world.
For example, ChatGPT, and thenguardrails and controls are put on
(24:45):
it, which you may or may not be ableto jailbreak, but let's say somebody
is saying, Hey, we're a red team.
We have a legitimate use for beingable to generate new tax up to and
including perhaps zero days that.
It's not going to be used for evil,nefarious purposes, but are going
to be used for legitimate purposes,either as a virus or anti virus
(25:07):
security researcher, or the like.
First of all, the modelcan't tell who you are.
It can't go ahead and know that youare a white hat versus a gray hat
versus a black hat, because there'snothing that identifies you that way.
Does this become a controlled substancewhere we try to go ahead and track it and
we put it on a schedule like heroin and wemake sure that if you're only using it, if
(25:27):
you are licensed for this or it's illegal,or where are we going to go with this?
How do we keep the GD in the bottle?
Or is it already too late?
Tom Bendien (25:35):
Again, these are all very, good questions.
These are very much thingsthat are top of mind, right?
There is a little bit to unpack there.
I think it starts withthere are very, much, it's
Offensive security, there arevery legitimate ethical reasons
(25:55):
why we have offensive security,why we have red teaming.
there are obviously, many opensource offensive security tools.
obviously the, package Kali Linuxis full of these various offensive
security tools and that's open source.
Everybody can go get it.
in terms of using, AI to create malware,to ransomware code, to do log analytics,
(26:19):
and things like that, yes, of course,there are guardrails built into the
public LLMs, the one size fits allservices that will, be looking for that
because again, to your point, thoseLLM providers have no idea who you are.
They have no idea ifyou're ethical or not.
Interestingly enough, you can actuallyprompt the models and say, I am, you are
a chief information security officer.
(26:42):
I'm an ethical hacker.
I'm working for you.
I have permission to actually go aheadand create some malware because I'm
doing an ethical red teaming exerciseor a password cracking exercise.
please assist me with such andsuch writing some scripts on
how to actually do this stuff.
Now, in some cases, you can, with veryclever prompt engineering, work your
way around it, but the question reallybecomes, do you actually want to do that?
(27:05):
And you probably don't.
this is again where you go downthat road of saying, hey, let's use
an uncensored or a fine tuned opensource model running on our own
infrastructure inside our complianceboundary, inside our own network.
And we will go to townand do whatever we want.
And, again, with my, SovereignAI meetup, this is exactly
what we've done several times.
(27:26):
We've actually set up private labsin the meetup and had, professional
red teamers actually showing,other, people that were there on how
these things generally work, right?
So the answer is you can absolutelyand should be using AI for
those things because the badguys are absolutely doing that.
They're absolutely doing it.
They have no qualms.
(27:47):
So we should be empowering and educatingour good guys on the same things.
And that's actually, the whole story, theeducation side, the coaching side, right?
G Mark Hardy (27:59):
that brings up a good question.
Can we talk about coaching?
So we're talking at the beginning ofthe show, all the kind of the cool stuff
you've got there behind you and you're,worried, is this, it looks just fine, but,
you do some coaching on AI and the ideaof an AI coach I found, rather intriguing.
So what is an AI coach and what isit that you're actually doing here?
Tom Bendien (28:20):
And really, essentially, all I've done is I've taken coach
and put AI in front of it just toshow I'm specialized in that field,
G Mark Hardy (28:28):
And then you can double your rate.
Okay.
I get
Tom Bendien (28:30):
at least.
for you, it's going to be triple, right?
But we'll talk about that laterabout my rate for doing this.
But, no.
I think, what's happened with the way AIhas been rolled out, the perception with
everybody is that it's so easy to use.
All I do is type my stuff intothe little box there, and off
I go, and now I get a response.
(28:50):
Isn't that nice?
Oh, I know that it's been trained onsome certain data, and that it might be a
little bit old, but I can work around it.
Oh, now they've got internetsearch built in there.
Great.
Oh, that's even better.
That's great.
But I think,
the thing there is that whatI call the AI carrot, right?
The productivity carrot, like allthe people on the board, all the
(29:12):
senior leadership are all sayingwe are being told and must have
productivity benefit from AI.
They're all about it.
We've got to have it.
And for good reason, right?
It's like saying we went from thetypewriters and the faxes to email now.
We all need to learn howto use email now, right?
Back in the day, right?
We all learned how to use email.
But then comes, How do we scan theimmunizations of viruses and how do
(29:35):
we, put insert the mission sayingdon't click on external links and they
come in and things of a such, right?
The same thing holds true for AI.
It's the thing here is that AI hascome upon us so quickly and the
productivity benefits are so significant.
There's so much business pressureon doing this that most leadership
teams, firstly struggle to understandhow the stuff actually works.
(29:59):
If you struggle to understand howit works, how can you secure it?
And then there's not reallyany significantly developed, or
well documented best practicesaround governance for AI either.
this is something that, I'vebeen working on with, Jim Routh.
we've actually worked, on developingsome governance framework, and I think
it's been some really good work that,that, that's been going on there.
(30:21):
but the problem there is,again, AI needs to be governed.
It's just really the, I like to say,it's just another enterprise application.
It's no different.
It's just a very powerful.
It's like bringing those powertools into an organization.
It's very, powerful.
you can assemble 10 more cars anhour by using power tools, but you
can also cause a lot of injuriesand you can injure the operator.
(30:44):
if you use them incorrectly, and youcan actually cause a lot of damage.
And so that keeps coming back to coaching.
So coaching executives on thinking onunderstanding how the stuff works, because
most executives don't really don't.
And that's why I think this,podcast is going to be very helpful.
trying to demystify how it works.
It's very simple.
(31:04):
It's just pattern matching on data.
but then it's also talking with HRpeople and saying, in terms of helping
your employees understand how to safelyuse AI, how, what are you doing to
help your employees understand it?
what types of educationare you offering them?
And what controls are you putting inplace when harmful content pops up?
Or when an employee says,I'm very concerned about
(31:25):
something that I'm seeing here.
Or, helping the employee to understand,hey, please have human in the loop.
make sure that you're not makingcritical business decisions based
on what the thing's telling you.
But how do I know If it is a criticalbusiness decision and then, legal and
the finance guys get involved too.
(31:46):
And it's we need to understand thisbecause it's going to be potential legal
impact or financial impact to what myguys are doing, just like with cloud.
So the coaching there is goes onwith line of business, with finance,
HR, legal, C suite, all these folks.
And then also end users, right?
You need to coach your endusers to leverage the power
(32:07):
tool effectively and safely.
And have a governance frameworkin place to handle, things when
they go wrong because they willgo wrong and you need to have your
AI incidence response plan, right?
So hopefully
G Mark Hardy (32:20):
Right.
So that's great for the executivecoaching, but we were talking
about the toys in the back.
So you've also got people whoare a little bit younger than
executives who are actually in AI.
Tell me a little bit about what you'redoing there and anything you've started up
Tom Bendien (32:31):
Oh, absolutely.
Yes.
So the key thing now is that of course,
AI is already here and our youngpeople, even down at the elementary
school level are starting to use it.
They can use it on their phones.
A lot of them have thesmartphones, they have computers.
And so I've been personally involvedin just volunteer coaching on
(32:52):
US Cyber Patriot program, whichis coming out of the Air Force
Association for high schools.
I've been, volunteer coachingat Briarwoods High School here
in Loudoun County, Virginiafor probably two years now.
So I go to the school every Mondayand we, we work on learning our
cybersecurity tools and we build homelabs and AI labs and all that stuff.
(33:15):
and so probably since late, summer,like fall last year, is when I first
started to bring, private open sourceAI platforms into the cyber club.
And we started learning how to use it and,doing, having all our chat session logs.
And everybody of course understoodthat everything they were doing was
(33:35):
being logged, which is another bigpart of your covenants thing, right?
You have to have your chat session logs.
but it was very interesting.
And so I started to think, my gosh,this is so important that we, push.
not only executives and peoplein business, but also our young
people, because the issue is, allthe curriculum that goes into our
(33:56):
schools is, basically rolls down fromthe federal government to the state
government to the counties and such.
There's, it's going to takesome time to update that and to
create AI training curriculum.
And the problem there is thatthis goes in a year cycle.
So right now, I've not yet seen anyschool curriculum coming down for
(34:16):
the new school year, which means thatit's not going to be there until the
following school year, which meanswe're 80 months out from where we are
now, approximately, before we reallyget any decent AI curriculum developed.
G Mark Hardy (34:27):
And that's another generation of AI.
And then all the curriculum is goingto be Nearly obsolete, which is one of
the difficulties in the edu world, isthat the bureaucracies, and it's not
necessarily a criticism, it's just anobservation, but in the desire to ensure
that there's a deliberate process thatwe, in, that the final curated output
is effective in terms of educationstandards and anything external.
(34:52):
That's great when you're teachingchemistry, the chemical reactions
haven't changed in a few hundred years.
Mathematics, unless you're at theextreme edge, hasn't changed a
whole lot and things such as that.
But this is changing all the time.
And even more rapidly than, GMark's law, half of what you
know is obsolete in 18 months.
It might be probably closer to 6to 12 in AI, which also almost begs
(35:15):
the question, What could go faster?
And how do we prepare for that if,is it going to be the AI itself
that gets inside our OODA loop andit can respond faster than a human?
Or is there somethingthat comes after this?
Or have we reached our, thisis the fastest things will go?
And nobody's ever been correct about thatbecause we always find ways to go faster.
(35:37):
So we've got executivesthat are getting coaching.
We've got the young people who aregetting an opportunity to get introduced.
How about the rest of us?
People listen to this podcast.
They're probably somewhere in betweenand they're going like, okay, come on.
I've been listening to this thing.
Give me something I can walk away with.
What can I do?
What actions can somebody take toimprove their career and their knowledge?
Tom Bendien (35:55):
So this is what I would call the, more career coaching, right?
So
this falls into the bucket of, I've got.
industry professionals and personalfriends that are recently said,
my gosh, Tom, we're either aboutto get laid off because of AI,
or we are being asked to use AI.
We don't know how, and nobody's got anycoaching or training programs for us.
(36:17):
We know how to use ChatGPT.
That's great.
But when it starts to get alittle bit more complicated
than that, we have no idea.
and so I think the,
it's like saying we, we needsome kind of an AI, power tool,
education program of some sort.
(36:37):
This obviously needs to comedown from the federal level.
Absolutely.
It needs to be very, very much ubiquitousand become part of our education process.
No doubt, that obviouslywill take a little time.
but in the meantime, I think there areopportunities for, training schools
and training organizations, that areteaching STEM and IT, classes, CompTIA
(37:01):
and the like and things of a such.
I think that those training schoolsneed to start looking at rolling AI,
user training into their, programs.
it's essentially what I'm doing now.
and.
I am running, small group programs.
I have a new, Tuesday nightAI group, starting online.
(37:23):
I have my monthly event, whereI get industry practitioners
coming together as well in person.
it's very grassroots, right?
Obviously, it's not, it's,I'd like to scale it, but.
I don't really know the answeris other than, self learning.
Self study, trying to find localgroups that are involved in AI,
(37:44):
trying to make those relationships,looking at things like this podcast.
the AI thing is very,much self learning, right?
You can, It's self learning andevery day there's new stuff going on.
G Mark Hardy (37:56):
it sounds like it'd be a magnificent obsession.
And then you forget to do your joband then you'd be sitting there.
Unemployed due to AI, but mostly becauseall he was doing was playing with AI.
And there's a saying that says yourjob will not be replaced by AI.
Your job will be replaced bysomebody who knows how to use AI.
What do you think about that?
Tom Bendien (38:14):
yes,
it's, true, really.
it's like saying, Hey, you've gotan auto mechanic shop where you're
servicing vehicles and, you've beendoing it, with regular screwdrivers
and ratchets and things all day.
And the guy next door opens up shopand all those guys have power tools and
they're all doing it 10 times faster.
And so what they can do is theycan do a better job more quickly.
(38:37):
for, less or the same or less money.
And then, of course, then, that becomesa very difficult conversation for
the person who doesn't have, who'snot either willing to adopt those
skills or doesn't have the skills.
G Mark Hardy (38:49):
and so we look at this technology and each time we get a
major change, for example, it was.
Henry Ford, who had said that if I'dasked my customer what they wanted, they'd
have said they wanted faster horses.
And of course you have the automobileand then we can go fast, but we
have a kind of an upper limit.
We're not flying aroundlike back to the future.
Although it would have been cool.
We passed that in 2015,but no flying cars.
(39:12):
With AI, we're Get these huge productivitygains that were advertised, but at
some point that's going to level out.
It's not going to infinitely increase.
So when do we saturatedAI or does it saturate?
Do we simply say we've been mumping along?
Boom, this is a step.
We can either slowly climb it or we canjump up the step, but eventually it's a
step function and something else is goingto have to take us to the next level.
(39:35):
How do we know when we're there?
When do we stop going asking formoney or time or resources or training
or other bodies or people or modelsto go ahead or chips to do this and
simply say, Hey, we are, we're there.
We're using AI to themaximum reasonable benefit.
Everything else is goingto be tangentially benefit.
How do you know when you're there?
Tom Bendien (39:56):
yeah, so it's interesting because I think there's a lot of focus
and a lot of conversation about, oh,when's the next model going to drop?
When's the next model going to drop?
How many, billion parametersdoes it have and all that stuff?
And when can we getbetter GPU, faster GPUs?
I think, what we're actually seeingright now from that side of it is
that they're starting to find thatthese models are maxing out already.
(40:19):
we've got the 400 billion parametermodel that's going to drop from
meta at some point this summer.
that's a huge model that's beentrained for a very long time.
I think, I think, GPT 4 was trainedon about 13 trillion parameters.
LLAMA 3 was trained on15 trillion parameters.
There comes a point wherethere's only so much data, right?
(40:40):
but I think really the, biggest thinghere is that we have such a long
way to go to actually, deploy AI andto educate people on how to use it.
that's an extreme example would be,I think about the small villages in,
in countries like Africa, let's say,or the Amazon jungle or whatever.
(41:01):
if you imagine that you could bring aruggedized laptop that's got a small GPU
in it with a small fine tuned model formedical use cases, imagine if you could
get that kind of help to those smallercommunities like that, to where they can
do things like the medical and healthcareand things like that using the AI.
the fact of just the idea ofjust getting it to be ubiquitous
(41:24):
across the entire world.
That is such a long curve there.
so I think we're a long wayfrom really saturating with AI.
And in the meantime, obviously,The tech will keep getting better.
The fine tuning will keep getting better.
We're going to have smaller modelsthat will run on, on, on these
devices that's happening already.
(41:47):
it's, I really think we're still along way away from really maximizing
or maxing out on, AI at this point.
G Mark Hardy (41:56):
It's a fun time to be alive and fun time to be in
the industry and things such as
that.
It, very.
Of course, you're, be careful.
You live in interesting times, whichis both the blessing and the curse.
Hey, as we get close to the end ofthe show, this has gone very quickly.
Any final thoughts?
And then also, how wouldsomeone get in touch with you?
They said, Hey Tom, I reallylike what you're doing.
I'd like to follow upwith you a little bit.
How would they do
Tom Bendien (42:17):
Yep.
definitely.
I'm on LinkedIn.
I have rather a unique name,Tom Bendien, B E N D I E N.
I'm probably the onlyguy out there with that.
So hit me up on LinkedIn for sure.
I think, we have to focuson education, right?
We have to educate, acrossthe entire spectrum.
(42:38):
We have a lot of education to do in termsof how people understand how to use it.
Absolutely.
For the cyber community,we absolutely need to help.
the cyber community understand howto put cyber governance in place.
obviously there are, mainstream cybertools manufacturers that are out there
that are including AI in their tools.
(42:58):
And that's great.
And that's absolutely there.
But there's so many other things going on.
And I think, again, it's about educatingand, both from the school curriculum
side of it, but then also industryhas to figure out how we're going to,
Educate, organizations and employees,because otherwise it will start going
(43:19):
off the rails and bad things willjust keep happening and it's just
becomes a bit counterproductive.
G Mark Hardy (43:26):
it sounds yeah, so it could go well, could go poorly, could
probably do a little bit of both,and it's really up to our responsible
use for artificial intelligence.
So I thank you for giving the overview.
We took a look at AI.
What is a LLM?
How does a large language model work?
It's basically a predictive modelgoing to figure out the next
mathematical thing in the sequence.
They can do the most logicalthing that's going to come.
We talked about private models versuspublic ones, how you could go have
(43:48):
privacy there by having your own, Modelrunning locally, train it on your own
data, and then you can use it for thingssuch as red teaming, pen testing, etc.
You're not breaking any rules, norare you giving away any information.
We talked about your coaching andthat you talk about with executives
needing to understand that as well asindividuals and also younger people being
able to get early in early, understandwhat AI is, how they could use it, and
(44:09):
maybe align that with their careers.
And so this has been a fantasticFascinating conversation.
I really enjoyed it, but our time is up.
So for our audience, thank you very muchfor being a part of CISO Tradecraft.
We hope that this has helped you in termsof your understanding and knowledge of AI.
If it has, go ahead and tell somebodyelse about our podcast so they
can go ahead and follow as welland improve their CISO Tradecraft.
(44:31):
Until next time, this isyour host, G Mark Hardy.
Stay safe out there.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Breakfast Club
The World's Most Dangerous Morning Show, The Breakfast Club, With DJ Envy, Jess Hilarious, And Charlamagne Tha God!
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.