Cybersecurity Awareness Month: AI Safety for Friends and Family

Table of Contents

Happy October! The leaves are changing and everyone is starting to get ready for the upcoming holidays, but let’s not forget one of the most important holidays of the year—Cybersecurity Awareness Month! Though our audience is almost entirely cybersecurity experts, we wanted to put something together to help the less technical people in our lives learn more about AI and cybersecurity, because Cybersecurity Month is for everyone. 

Fear of AI: A missed opportunity?

A long cultural history of sci-fi movies and books featuring all-powerful artificial intelligences that do not always have the best interests of humans at heart has scared many people away from using real-life AI technology in any form. Many at Mend.io believe this is a bad idea; workers and companies that shy away from utilizing AI miss out on the impressive capabilities AI tools provide and may be left behind. You may have already heard of large language models like ChatGPT, Claude, and Microsoft Copilot, as well as AI text-to-image programs like DALL-E and Stable Diffusion, and we think you should use them, but with a few security points in mind.

Just another tool (but a powerful one)

While AI might be more difficult to understand than other, traditional technologies, Maria Korlotian, Director of Development, points out that AI is merely a new tool and “not some mystical force beyond our control.” 

According to Maria, “Using AI isn’t fundamentally different from using any other everyday technology – it’s just more advanced. Think of it like a supercharged calculator. We don’t fear calculators because we understand their purpose and limitations. AI is similar, just with a broader scope of applications.”

“Right now, we’re in the early stages of widespread AI adoption, and that naturally causes fear and misunderstanding. But this is normal for any revolutionary technology. The key is to approach AI with curiosity, not fear. It’s hard to use a tool efficiently if you don’t know what to expect from it. We need to understand AI’s capabilities and limitations. As we become more familiar with AI, much of the current uncertainty will fade. It’s just another tool in our technological toolkit – incredibly powerful, yes, but still a tool designed to augment human capabilities, not replace them.”

Unpredictable (but worth the effort)

Others at Mend.io backed Maria on the values of AI. Bar-El Tayouri, Head of Mend AI, described AI as “much less predictable than traditional technology. Unlike regular code, which can be read and understood, an AI model consists of complex weights that make it difficult to predict its reactions and behavior. As a result, AI has much greater power and flexibility but requires careful regulation and guardrails to control its outputs.” Again, while AI might seem frightening to new users, the power and capabilities it brings to the table make it worth learning how to use.

Your brilliant (and potentially misunderstood) colleague

Rhys Arkins, VP Product Management, described AI as being similar to “a new, brilliant colleague with unlimited time to help you be successful, while at other times being the colleague most at risk of completely misunderstanding you.”

Yael Barnoy, General Counsel at Mend.io, agreed and called AI “revolutionary” because the uses for it “are unlimited and no prior knowledge is required to produce excellent content. Even children can speak to an AI model and write their own books complete with pictures by using currently available AI programs. Also, many AI programs are free and available to the general public.”

Tips for using AI safely

We asked our expert teammates what advice they would give to friends and family about using AI safely and compiled this list.

  1. Don’t overly rely on AI without understanding its outputs. While AI can provide impressive results, trusting its suggestions without comprehension can lead to errors or misuse. Always strive to understand the reasoning behind AI-generated content or recommendations.
  2. Check, double check, and triple check your results. When you use AI in your areas of expertise you see that the output isn’t always accurate. When you use AI for cases where you don’t have as much prior knowledge, it requires checking the facts with a reliable source. This is just like using a regular search engine – you will find some more reliable sources and less reliable sources. In addition, there are still some areas where many AI tools do not provide the required result but make up (“hallucinate”) results instead. Verify information before using it.
  3. Avoid using AI for critical decisions without human oversight. AI should complement human intelligence, not replace it entirely, especially in high-stakes situations.
  4. If you use AI to look clever internally, don’t hide it from others. You’ll still look clever for knowing how to use this tool effectively.
  5. Don’t assume AI is objective or infallible. AI systems can inherit biases from their training data or design. Be aware of potential biases and critically evaluate AI outputs.
  6. If you use it with any type of work material, use it only with an account your employer set up for you, unless you have explicit permission otherwise.
  7. Never input private customer information into AI unless you have explicit permission internally.

AI is an exciting new tool that will help us all reach new heights. As long as you keep these basic cybersecurity principles in mind, you will be able to achieve great things and maintain your safety while using AI. 

Share this blog with friends and family who you think could use some tips on using AI safely.

Increase visibility and control over AI models used in your applications

Recent resources

Don’t Treat DAST Like Dessert

DAST is an essential part of a nutritious application security diet—not just a once-a-quarter treat.

Read more

The Power of Platform-Native Consolidation in Application Security

Streamline workflows, consolidate data, boost security posture, and empower developers to focus on innovation.

Read more

What is the KEV Catalog?

A quick guide to the Known Exploited Vulnerabilities (KEV) catalog.

Read more