• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
chatgpt's data protection blind spots and how security teams can

ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them

You are here: Home / General Cyber Security News / ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them
April 20, 2023

In the small time given that their inception, ChatGPT and other generative AI platforms have rightfully received the status of supreme productivity boosters. Even so, the pretty same technology that permits rapid production of higher-top quality text on demand, can at the same time expose delicate corporate information. A current incident, in which Samsung program engineers pasted proprietary code into ChatGPT, plainly demonstrates that this tool can simply become a likely facts leakage channel. This vulnerability introduces a demanding challenge for security stakeholders, given that none of the current info protection instruments can ensure no sensitive facts is uncovered to ChatGPT. In this article we will investigate this security problem in element and exhibit how browser security options can deliver a resolution. All whilst enabling corporations to fully comprehend ChatGPT’s efficiency prospective and without having acquiring to compromise on knowledge security.

The ChatGPT knowledge security blind location: How can you govern text insertion in the browser?

Whenever an staff pastes or varieties text into ChatGPT, the textual content is no more time controlled by the corporate’s details defense instruments and policies. It does not make any difference if the textual content was copied from a regular data file, an on the internet doc, or a further supply. That, in actuality, is the difficulty. Information Leak Avoidance (DLP) methods – from on-prem brokers to CASB – are all file-oriented. They implement procedures on documents based on their material, when avoiding actions such as modifying, downloading, sharing, and extra. On the other hand, this ability is of little use for ChatGPT information security. There are no documents associated in ChatGPT. Alternatively, usage requires pasting copied textual content snippets or typing directly into a web web page, which is further than the governance and management of any present DLP product.

How browser security options protect against insecure data use in ChatGPT

LayerX launched its browser security platform for constant checking, risk examination, and true-time defense of browser sessions. Delivered as a browser extension, LayerX has granular visibility into every occasion that normally takes spot inside the session. This permits LayerX to detect risky habits and configure procedures to avoid pre-defined actions from using place.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


In the context of safeguarding delicate knowledge from becoming uploaded to ChatGPT, LayerX leverages this visibility to one out tried textual content insertion gatherings, such as ‘paste’ and ‘type’, inside the ChatGPT tab. If the text’s content material in the ‘paste’ celebration violates the corporate facts defense guidelines, LayerX will avoid the motion altogether.

To permit this ability, security teams using LayerX ought to define the phrases or common expressions they want to safeguard from exposure. Then, they require to create a LayerX coverage that is activated anytime you can find a match with these strings.

See what it seems like in motion:

LayerX DashboardEnvironment the coverage in the LayerX Dashboard ChatGPTA consumer that tries to duplicate sensitive information and facts into ChatGPT receives blocked by LayerX

In addition, businesses that want to protect against their staff from employing ChatGPT altogether, can use LayerX to block obtain to the ChatGPT web page or to any other online AI-dependent text turbines, like ChatGPT-like browser extensions.

Discover far more about LayerX ChatGPT data protection listed here.

Utilizing LayerX’s browser security system to achieve complete SaaS security

The change that will make LayerX the only answer that can successfully deal with the ChatGPT data protection hole is its placement in the browser itself, with real-time visibility and plan enforcement on the genuine browser session. This method also makes it an excellent answer for guarding from any cyber menace that targets data or consumer action in the browser, as is the circumstance with SaaS apps.

Customers interact with SaaS applications via their browsers. This would make it effortless for LayerX to guard each the facts within these applications as nicely as the applications on their own. This is obtained by implementing the pursuing types of policies on users’ things to do throughout the web periods:

Data defense procedures: On top rated of conventional file-oriented defense (prevention of copy/share/obtain/and so on.), LayerX provides the similar granular security it does for ChatGPT. In reality, as soon as the group has described which inputs it bans pasting, the exact procedures can be expanded to stop exposing this facts to any web or SaaS location.

Account compromise mitigation: LayerX displays every single user’s activities on the organization’s SaaS apps. The platform will detect any anomalous behavior or information interaction that suggests that the user’s account is compromised. LayerX insurance policies will then cause either the termination of the session or disable any details conversation capabilities for the person in the app.

Discover more about LayerX ChatGPT knowledge defense below.

Located this report attention-grabbing? Observe us on Twitter  and LinkedIn to study far more distinctive articles we publish.


Some areas of this article are sourced from:
thehackernews.com

Previous Post: «daggerfly cyberattack campaign hits african telecom services providers Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Next Post: Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks fortra sheds light on goanywhere mft zero day exploit used in»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New HTTPBot Botnet Launches 200+ Precision DDoS Attacks on Gaming and Tech Sectors
  • Top 10 Best Practices for Effective Data Protection
  • Researchers Expose New Intel CPU Flaws Enabling Memory Leaks and Spectre v2 Attacks
  • Fileless Remcos RAT Delivered via LNK Files and MSHTA in PowerShell-Based Attacks
  • [Webinar] From Code to Cloud to SOC: Learn a Smarter Way to Defend Modern Applications
  • Meta to Train AI on E.U. User Data From May 27 Without Consent; Noyb Threatens Lawsuit
  • Coinbase Agents Bribed, Data of ~1% Users Leaked; $20M Extortion Attempt Fails
  • Pen Testing for Compliance Only? It’s Time to Change Your Approach
  • 5 BCDR Essentials for Effective Ransomware Defense
  • Russia-Linked APT28 Exploited MDaemon Zero-Day to Hack Government Webmail Servers

Copyright © TheCyberSecurity.News, All Rights Reserved.