A warning about using AI tools
This article started as a follow up to a post written a few weeks ago about the CIA Triad, and it has evolved into a warning about using AI tools.
The goal of the post was to identify the shortcomings of the CIA Triad and then explore how DIE Model was created to address the limitations of the CIA Triad.
I use AI tools for research and composition. Using ChapGPT I asked:
explain the die security model as defined by sounil yu
This is the answer I received:
Sounil Yu, a well-known cybersecurity expert, developed the D.I.E. security model as a response to the limitations of the traditional CIA triad. The D.I.E. model stands for Detection, Investigation, and Eradication, and it provides a more comprehensive framework for thinking about information security. Here is an overview of each component as defined by Sounil Yu:
Detection: This component involves the ability to detect security incidents as they happen or even before they happen. This may include monitoring system logs and network traffic, as well as using threat intelligence and machine learning algorithms to identify potential threats. The goal of detection is to identify and respond to security incidents in real-time.
Investigation: This component involves the ability to investigate security incidents after they occur, in order to understand what happened, what data was affected, and how to prevent similar incidents in the future. This may involve forensic analysis of compromised systems, as well as interviews with affected users and review of security policies and procedures.
Eradication: This component involves the ability to remove any malicious software or other threats from the system, and to repair any damage caused by the incident. This may involve cleaning infected systems, restoring data from backups, and patching vulnerabilities to prevent future attacks.
Overall, the D.I.E. model emphasizes the importance of incident response and remediation, as well as proactive measures to prevent security incidents from occurring in the first place. By focusing on detection, investigation, and eradication, the D.I.E. model provides a more comprehensive framework for thinking about information security than the traditional CIA triad.
This is a great answer.
It is also a wrong answer.
The DIE in DIE Model stands for:
- Distributed
- Immutable
- Ephemeral
What I can't get over is how good the wrong answer feels. It sounds reasonable. It is more accessible; detect, investigate, and eradicate are easier concepts for most people than distributed, immutable and ephemeral.
When I first encountered the DIE model I ran similar queries to one above on various AI engines. At that time I got correct responses, yet now I do not.
I still find AI tools are invaluable for research and learning about new things and today I am more wary.
The old adage "Don't trust anything you read on the Internet" is still true today and differentiating between the real/factual vs. fabricated/fake is much more difficult.
Just thought this was interesting and worth sharing.