Google’s flagship artificial intelligence product, Gemini, holds powerful applications, as evidenced by Gemini’s pivotal role in the newly announced Google Threat Intelligence cybersecurity platform.
The platform is designed to give users a more comprehensive understanding of the threat landscape and more intelligent insights into attacks. It leverages the extensive knowledge base of Mandiant, the cybersecurity company Google acquired in 2022. Google aims to differentiate Google Threat Intelligence through the combination of expertise and AI.
“Generally speaking, I think it’s fantastic that companies are branching out to see how they can best use AI to supplement existing products and improve their efficiency and efficacy,” said Kevin Libby, Fraud and Security Analyst at Javelin Strategy & Research. “I fully expect Google will be able to add value to its cybersecurity toolset using AI. Given the amount of data available to the company, they’re in a good position to root out malicious attacks that could undermine their efforts.”
Diligent Supervision
Google Threat Intelligence uses the Gemini 1.5 Pro large language model which speeds the detection and reversal engineering of malware attacks. The company tested the software’s ability to combat the virus behind the 2017 WannaCry ransomware attacks and Gemini identified and neutralized the virus in 34 seconds.
But a single success might not mean the software is ready for widescale deployment.
“I would caution that exploring new use cases for AI requires diligent supervision and testing before product enhancements can be responsibly released into the wild,” Libby said. “AI systems don’t always fully understand the context of the problem sets to which they’re applied, they sometimes hallucinate, and they’ve been known to make errors uncommon to subject matter experts working alongside the tools.”
A Crowded Field
Gemini can automatically crawl the web and distill decades of threat reports in seconds, according to Google. The tech giant has a massive ecosystem of data to draw from, but it’s still not immediately clear what differentiates Threat Intelligence in a very crowded field. Microsoft, for example, has its own AI-backed cybersecurity platform, Copilot for Security.
By and large, the cybersecurity industry is growing in leaps and bounds—the market is expected to reach roughly $425 billion by 2030. As fraud becomes more frequent and more complex, cybersecurity will continue to be top of mind for companies. The shift to more potent protection is increasingly necessary as bad actors often employ AI as well.
“With proper supervision, assurance management, and auditing of outputs, I’m confident AI will prove itself valuable to the ends Google is after,” Libby said. “Reverse engineering of malicious code and summarizing threat intelligence into easy-to-read natural language are both use cases for which AI has proven itself effective.”