📡 Cybersecurity Innovation Pulse #15: "LLM Drift"; Google's AI Red Team; API Security Market to Grow to $3B; and Endless Security Product Updates!
Covering July 1st - July 19th
Welcome to Issue 15 of the Cybersecurity Innovation Pulse! I'm Darwin Salazar, your guide to the dynamic world of cybersecurity innovation. Each week, I deliver the latest on product launches, groundbreaking innovations, strategic collaborations, and tons more. If you find value in these updates, consider becoming a paid subscriber for access to our archive and exclusive posts. Subscribing ensures you receive these insights directly, saving time and keeping you ahead of the curve.
TCP Updates
Howdy! I’m finally back from my hiatus and feeling refreshed and rejuvenated. I was lucky enough to take a few months off to focus on myself, my family, and my mental health which is something I’d encourage everyone to do periodically. That said, in maintaining a balanced life, I will no longer be publishing the Cybersecurity Market Pulse and will only maintain the Intel Hub and the Cybersecurity Innovation Pulse. Newsletters like Security, Funded and
already do a great job of covering what’s going on in the market side of our industry so don’t fret!Now let’s jump into this week’s issue!
Top Stories
LLM Drift: Have you noticed a change in the robustness of ChatGPT’s output over the past several months? You’re not alone. Researchers from Stanford and UC Berkeley have observed changes in the behavior of ChatGPT, something they’re calling "LLM drift". Their research found that ChatGPT has gotten worse at some tasks while it’s gotten better at others. This is not good.
OpenAI’s product team has come out and stated that GPT-4 has not been "dumbed down", but rather, they have been continuously making updates to ensure the AI model is safe, useful, and respectful of users' values.
To me, this highlights the fact that we’re still in the early stages of using LLMs and GenAI in production or for mission-critical use cases. We’re already dealing with hallucination and now we have to factor in LLM drift? Most importantly, how will this impact security solutions that rely on OpenAI’s GPT API? [Source 1], [Source 2]
Google's AI Red Team: Google has unveiled its AI Red Team. A team of ethical hackers that simulate a variety of adversaries to test Google's AI systems, ensuring they are secure and reliable. The AI Red Team adapts relevant research to work against real products and features that use AI, helping to identify potential vulnerabilities and weaknesses. [Source]
Apple's AI Chatbot: Apple is developing a ChatGPT-like AI chatbot, internally referred to as “Apple GPT.” The company is reportedly aiming to make a significant AI-related announcement next year. [Source]
Deep Tech in LATAM and Caribbean: The TechCrunch article discusses the rise of deep tech startups in Latin America and the Caribbean. For a while now, these regions have been left behind and often overlooked as it relates to investments and attention from VCs and major corporations. With the Okta acquisition of the Argentinian-founded Auth0, the ongoing build of the Tesla Mexico Gigafactory, and the rise of AI, the article argues that this is about to change. [Source]
China's Internet Security Barrier: Chinese President Xi Jinping has ordered officials to establish a government-controlled "security barrier" around the country’s internet. Considering that the Chinese Communist Party (CCP) has already censored many Western sites from serving Chinese IP addresses; it’ll be interesting to see what this directive will result in and how they will enforce its “security barrier”. [Source]
US National Cybersecurity Strategy: The White House has unveiled a National Cybersecurity Strategy Implementation Plan which includes 65 initiatives across a number of federal agencies. The plan emphasizes shifting responsibility for data security to corporations and developers, as opposed to customers and end users. [Source]
US Cyber Trust Mark: The US government has launched the Cyber Trust Mark, a long-awaited IoT security labeling program. IoT products that meet the program’s requirements will receive a sticker with a shield to signify to consumers that it has met the established cybersecurity criteria. [Source]
API Security Market Growth: MarketsandMarkets has released a report projecting the global Application Programming Interface (API) Security Market to grow from USD 744 Million in 2023 to USD 3.03 Billion by 2028 at a Compound Annual Growth Rate (CAGR) of 32.5%. [Source]
Security Product Innovation
Splunk has unveiled Splunk AI, a suite of AI-driven solutions designed to enhance its unified security and observability platform. The suite includes the new Splunk AI Assistant, which employs generative AI to give users an interactive chat experience using natural language. [Source]
JFrog has launched JFrog Curation, a solution that helps automate the security of open-source packages. The solution analyzes all software components in an organization’s development environment and blocks infected or vulnerable open-source or third-party software packages and their dependencies. [Source]
Dig Security has added Optical Character Recognition (OCR) to its platform. This new feature scans image files for sensitive information, enhancing the platform's ability to protect against data leaks and breaches. [Source]
Laminar has integrated data access governance (DAG) and data detection and response (DDR) solutions into its Data Security Platform. These solutions allow organizations to control user and machine access to sensitive data, alert on data breaches and other security anomalies, and reduce data exposure. [Source]
Rapid7 has launched 'Executive Risk View', a solution that normalizes risk scoring in cloud and on-premises environments. The solution provides comprehensive risk visibility across hybrid environments, eliminating blind spots and allowing scalability as required. [Source]
Cybersecurity insurance company, Corvus Insurance Holdings, has implemented generative AI enhancements into its underwriting platform. These enhancements streamline the underwriting process, improve quoting speed and efficiency, and allow underwriters to focus more on high-value accounts and broker relationships. [Source]
Automox has enlisted ChatGPT to create scripts for endpoint device management. The new Otto AI capabilities enable users to create automation scripts using natural language, making it easier for those who may not be comfortable writing their own scripts. [Source]
Mastercard has unveiled a new AI-powered tool that offers real-time anti-fraud measures. The tool uses machine learning algorithms to analyze transactions and detect fraudulent activities, providing an additional layer of security for customers. [Source]
Honeywell has introduced Digital Prime, a cloud-based digital twin for tracking, managing, and testing process control changes and system modifications. This solution allows users to test frequently for more accurate results while reducing reactive maintenance. [Source]
More Insights
Nokod's Seed Pitch Deck: Nokod, a cybersecurity startup, has shared its seed pitch deck which helped them raise an $8M seed round. The deck highlights the company's unique value proposition, market opportunity, business model, and financial projections. This is a great deck to analyze and learn from for founders looking to raise capital. [Source]
Cybersecurity Spending Priorities: Network, Identity, and Access Management (IAM), and cloud security are the top three cybersecurity spending priorities for 2023. Identity jumped from 8th to 2nd place compared to last year. This makes sense considering that throughout the first half of 2023, we've seen a slew of identity security start-ups come out of stealth. Cisco also just announced its intent to acquire Oort, an identity threat detection and response start-up.[Source]
Cybersecurity Investor Survey: Despite a decline in funding levels, cybersecurity investors remain optimistic. The potential of large language models and generative AI in the cybersecurity space, along with the need to secure the cloud and connected devices, are seen as promising investment areas. The attached TechCrunch article goes through a Q&A style interview with 8 VC investors to get their thoughts on the industry this past year’s turbulence. [Source]
Conclusion
That’s all for this week folks! Now that I’m back in the saddle, I’ll be more engaged with the newsletter and releasing issues on a weekly basis. If you have any feedback on what you liked or didn’t like about this week’s issue, please share! Lastly, if you found value in this week’s issue, consider becoming a paid subscriber for more exclusive insights. Cheers! :)