
Cybersecurity is one of the most important early applications of GenAI: 72% of pioneering organizations have already implemented or are experimenting with GenAI for this purpose (Omdia's Early Adopters survey). This figure is reconfirmed by industry sources for 2024-2025.
.png)
These are the early and fast-tracked use cases being deployed by businesses, as aggregated by Canalys.
Reliability & output bias: depend on training data and usage context; a standardized AI risk governance framework is needed to "design for trust" from the start.
New threats to the model itself: prompt injection, insecure output handling, training data poisoning, DoS against the model, supply chain, etc.
Warning of real-world attack trends: the UK's National Cyber Security Centre (NCSC) forecasts that AI will make phishing/scams more sophisticated, increasing the volume and impact of attacks in the next 1-2 years.
General threat landscape: ransomware, attacks on availability, and supply chain attacks remain the top threats according to the ENISA Threat Landscape 2023-2024, forming the foundation for integrating GenAI into a multilayered defense strategy.
Identify use cases with impact & sufficiently clean data: Start with SOC assistant, incident summarization, IOC enrichment.
Protect data & privacy: Data partitioning, encryption, access control based on the Principle of Least Privilege (PoLP); do not send sensitive data externally without a Data Processing Agreement (DPA).
Continuous monitoring & auditing: Observe drift/output quality, log prompt/tool usage, periodically assess bias/accuracy.
Train the SOC workforce: Skills in prompt read-back, output triage, AI-enhanced attack simulation; update Incident Response (IR) playbooks.
Prepare for AI-upgraded attack scenarios: Multi-channel phishing, deepfake voice/video, social engineering at scale.
Measure ROI & scale in phases: Use metrics like MTTR (Mean Time To Respond), investigation time, volume of alerts processed, classification accuracy, etc., as criteria for deciding budget expansion.
GenAI is not just a supporting technology, but a strategic leverage point for the SOC and enterprise defense capabilities over the next 5-10 years. However, to overcome the "POC to production gap", organizations need a systematic risk governance framework, technical controls, continuous operation, parallel, targeted investment and human training.
.png)
CyberTech đồng hành cùng doanh nghiệp trên hành trình chuyển đổi số thông qua các giải pháp AI, phát triển phần mềm và công nghệ thông minh, góp phần nâng cao năng lực cạnh tranh trong kỷ nguyên số.