DOCUMENT A/

AI will make scam emails look genuine, UK

cybersecurity agency warns
NCSC says generative AI tools will soon allow amateur cybercriminals to launch
sophisticated phishing attacks
Artificial intelligence will make it difficult to spot whether emails are genuine or sent by
scammers and malicious actors, including messages that ask computer users to reset their
passwords, the UK’s cybersecurity agency has warned.

The National Cyber Security Centre (NCSC) said people would struggle to identify phishing
messages – where users are tricked into handing over passwords or personal details – due to
the sophistication of AI tools.

Generative AI, the term for technology that can produce convincing text, voice and images
from simple hand-typed prompts, has become widely available to the public through chatbots
such as ChatGPT and free-to-use versions known as open source models.

The NCSC, part of the GCHQ spy agency, said in its latest assessment of AI’s impact on the
cyber threats facing the UK that AI would “almost certainly” increase the volume of cyber-
attacks and heighten their impact over the next two years.

It said generative AI and large language models – the technology that underpins chatbots – will
complicate efforts to identify different types of attack such as spoof messages and social
engineering, the term for manipulating people to hand over confidential material.

https://www.theguardian.com/technology/2024/01/24

DOCUMENT B/

Cybersecurity vulnerabilities of AI/cognitive figure among top-three concern for all major
countries. But, the foremost area of cybersecurity concern varies between countries.

https://www2.deloitte.com/
DOCUMENT C/
This FREE A.I. Tool Will Change Deepfakes Forever, cinecome.net
https://www.youtube.com/watch?v=qaqRLopz0wA

CONSIGNES

I. Faire la synthèse des document A, B et C

II. SITUATION:

You are an IT consultant working for a multinational corporation that handles sensitive client
data. Your company is concerned about the increasing sophistication of AI-powered cyber
threats, particularly in the realm of phishing attacks. They have tasked you with developing a
comprehensive strategy to address these risks by exploring regulatory and governance
options.
Your goal is to propose a set of measures that can be implemented internally to enhance
security protocols and to advocate for regulatory changes that can help mitigate the impact of
AI-driven cyber threats across the industry.

Questions to guide you

-What are the current security protocols and measures in place within the organization?
-How can the implementation of new technologies, employee training programs, or procedural
adjustments contribute to enhancing security protocols internally?
-In what specific ways do AI-driven cyber threats pose challenges or gaps in the current
regulatory framework?