SPE-KSA’s Information Technology Committee has successfully conducted a session on November 12, 2024 titled Retrofitting GenAl for Secure Energy Applications. Hafiz Farooq from Aramco’s Upstream Information Security Division delivered an insightful talk highlighting the critical aspects of Generative AI, covering key areas including the evolution of GenAI spectrum, which highlights the rapidly changing landscape; the threat landscape with emerging GenAI, where he examined the increasing risks and vulnerabilities associated with GenAI; detection & protection against GenAI threats, outlining effective strategies for mitigating these threats; and finally, recommendations for navigating the complex world of GenAI.
Throughout this journey, Hafiz Farooq, shed light on the evolution of GenAI, starting from being a Data Analytics until it reaches a mature stage to develop GenAI & LLMs. What made this talk particularly captivating was the insightful sharing of 2024 GenAI trends and their profound impact on various industries. This added layer of depth provided valuable context for understanding the significance within the broader landscape of technological advancements. By exploring these emerging trends, participants gained a deeper appreciation for the transformative potential of generative AI in shaping the future of multiple sectors.
Based on F5’s 10th Annual Survey for AI research, “Nearly one-third of decision makers fear AI-powered attacks.” Another interesting statistic based on the cyber-attack statistics from the blog is” Global spending on cybersecurity products and services is predicted to exceed $3 trillion cumulatively over the five-year period from 2019 to 2023.”
Moreover, Farooq examined the increasing risks and vulnerabilities associated with GenAI. Such as Samsung Data Leak, Microsoft Tay matter, and the lawsuit against GM. Additionally, he emphasized on understanding what our consistent privacy policies in Gemini and OpenAI do and how they are using our data to provide, improve, and develop products and services and machine-learning technologies. In the detection & protection against GenAI threats, he outlined the effective strategies for mitigating these threats. One aspect is, Zero-Retention of LLM Chat Histories, where minimize places where sensitive data can be found by turning off any retention of logs for prompts and responses unless in a dedicated and secure system.
Interesting final key takeaways that was concluded by Hafiz talk, were 1. Pay heed to Enterprise Policies and Regulatory Laws, Perform Red Teaming on GenAI based Applications, Adopt RAGto avoid hallucinations, but ensure data security, prefer local LLMs if financially viable and finally, Deploy GenAI gateways before it is too late. The workshop was moderated by Shahad Alkaltham and led by Razan Boodai. It was attended by 35 participants with professionals from different companies and disciplines.