Content creation is just one piece of the puzzle. If you’re using GenAI for security awareness content, you need the adaptive advantage…
GenAI is a major force that’s transforming security awareness and human risk management.
93% of organizations are using, planning to use, or considering using GenAI, according to recent data from Gartner.
Of those organizations, one third of organizations are already using it, and 56% are exploring solutions. AI-focused working groups and AI champions are springing up in organizations of all kinds.
Most of the buzz is around its content creation capabilities. However, the real picture is much broader.
That’s what this blog is about. The full picture of how GenAI can impact cybersecurity content, and what it means for cybersecurity and human risk management.
We’ll look at:
-
- Why so many people have a blinkered view of GenAI’s potential.
- What really matters when considering GenAI’s impact.
- How to avoid getting derailed by risk.
- Real-world examples of GenAI in cybersecurity.
We’re on the cusp of an era-defining shift in cybersecurity and human risk management. Two options: engage with the situation now, or regret it later.
It’s time to take a look at three important yet often-overlooked aspects of generative AI for security.
1. GenAI is about SO much more than content creation
ChatGPT, Gemini, DALL·E…
With so many tools producing content, the hype focuses almost exclusively on GenAI’s content creation capabilities.
It’s totally understandable.
It’s also woefully short-sighted.
Content creation is only a tiny part of the whole GenAI/cybersecurity picture. It’s only part of the content picture too.
It’s not that content generation isn’t helpful. It’s just that at CybSafe we think truly creative, valuable content will always come from people, rather than AI.
We think one of GenAI’s most valuable talents isn’t production, but architecture and adaptation.
What do we mean by that? We’ll explain.
2. Adapted content beats high-quality content. Every. Time.
No, we’re not advocating for terrible content.
Creating a message worth people’s time will always be important.
But we’re getting ahead. Let’s take it back.
Unless you’re instructing or training an AI model, all content is for people.
And people are diverse. (Anyone tasked with assembling an office lunch order will know this.)
What makes a piece of content perfect is probably—in part—the way it can impact on a wide audience.
But imagine if it never had to.
GenAI makes it possible to personalize and adapt a message so it resonates deeply with every single person receiving it.
And that gets better results than any high-quality generic content ever could.
Plus, your people’s appreciation of their security team could reach new heights.
We’ll clarify what we mean.
3. Adapting content boosts global connections
Reading this in your first language? Lucky you. It’s a distinct advantage.
It’s one we want everyone to have.
CybSafe research suggests 70 percent of people prefer reading content in their first language, even if the content isn’t perfect.
GenAI moves security content beyond simple translation. It can localize messages to resonate across languages, cultures, and contexts.
The scope is beyond exciting. Having a global reach and impact is essential for so many organizations today.
GenAI makes it much easier to adapt messages and content to different languages, dialects, cultures and situations.
That means typically excluded groups can access more content. And they can more easily be a part of the conversation.
And that results in better security awareness engagement, and a stronger security posture.
We think that’s a huge reason to be cheerful. (Or animado, if you’re in Brazil.)
Wait, what about the R word?
Okay, let’s talk about risks. We’ll keep it brief. It’ll be clear why in a moment.
When a significant advancement comes along, it’s all too easy to focus heavily on the pitfalls.
But constant worry is not helpful. Especially if it stifles innovation. When it comes to potential GenAI risks, it pays for security practitioners to focus on three things:
- The reality of the situation
- The specific risk impact and probability
- The solutions
Anything else just isn’t productive.
Pro tip: Want to explore risks further? Our GenAI whitepaper gets into the weeds with negative use cases, stumbling blocks, and challenges.
GenAI adaptive content in the wild
GenAI’s already personalizing content pretty much everywhere. For example:
-
- In marketing it’s tailoring ads and messaging to individuals
- In education it shapes learning materials to individual learning styles and needs
- In customer service, AI chatbots offer context-specific support around the clock
- In human risk management, GenAI can target interventions based on specific individuals
Let’s zoom in on human risk management for a moment. This term isn’t confined to cybersecurity. Far from it. Construction workers might receive different safety content compared to office staff. This means both groups only receive information that resonates, resulting in better risk mitigation behaviors.
But you’re not reading this because you’re interested in customer service (well, maybe you are, but that’s not what we do). So let’s illustrate this with two examples of how GenAI’s being used to adapt content in the CybSafe platform.
We’re harnessing GenAI in our customers’ creation of custom phishing simulation emails.
Emails can be personalized to both individual and organization, and they feature baked-in influencing factors like attack type, persuasion tactics, and emotional triggers.
As a key feature in our CybSafe PHISH, it helps to uncover why people click, and email creation takes 70% less time than when done manually.
We’re using GenAI to maximize the possibilities in translated and localized content.
We use an enterprise-grade, human-security-trained large language model (LLM) so that we can deliver localized, translated content to our customers within an hour. This feature (part of CybSafe GUIDE) isn’t just a nice party trick. Because we know around 70% of people prefer content in their own language, it’s no surprise that this results in a 78% increase on average in security awareness engagement.
These are just two examples of the many ways we’re putting GenAI to work. Want more examples? Explore additional examples in our GenAI + behavior prediction blog (coming soon) and GenAI + knowledge articulation blog (coming soon). Or you can always chat with us directly in a demo.
What’s the next step?
GenAI makes it feasible to adapt cybersecurity content to individuals, not the other way around (we’re looking at you, traditional security awareness training).
GenAI has the potential to revolutionize cybersecurity content. It means security teams can give people precisely personalized content that fits people’s individual preferences and learning styles.
That equals better engagement, more positive behavior change, and a stronger security posture.
So, we really do mean it. It’s time to bin the content-creation blinkers.
This blog has looked at key aspects around GenAI and content. But to unlock the full potential of GenAI it’s time to really get under its skin.
Here’s how:
1. Watch this webinar: What (Gen)AI means for security awareness in 2024, with Oz Alashe (CybSafe CEO and Founder), and Jinan Budge (VP, Forrester). (Look out for: an eye-opening conversation about what happens when GenAI meets behavioral science in cybersecurity education.)
2. Download our GenAI whitepaper. (Look out for: Insights into GenAI’s potential for real-time adaptability in cybersecurity.)
3. Check out our blogs on GenAI and behavior prediction (coming soon) and GenAI and knowledge articulation.
There’s much to think about, we know. Stay positive. Stay curious. And remember we’ll be here all the way.