Getting started with the NIST Cybersecurity Framework :

Mahn, Amy; Topper, Daniel; Quinn, Stephen; Marron, Jeffrey

doi:10.6028/nist.sp.1271

Cited by 6 publications

(8 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…-Classifying the investigated defensive operations based on the widely recognized National Institute of Standards and Technology (NIST) Cybersecurity Framework [9]. These activities are divided into five essential functions: identify, protect, detect, respond and recover.…”

Section: Paper Contributions and Structurementioning

confidence: 99%

“…The examined defensive operations are classified using the National Institute of Standards and Technology (NIST) Cybersecurity Framework, which is a widely acknowledged collection of guidelines and best practices for increasing cybersecurity within businesses [9]. The framework is split into five essential steps or functions, which are: identify, protect, detect, respond, and recover.…”

Section: The Defensive Use Of Chatgptmentioning

confidence: 99%

“…Inquiring about the domain name system (DNS) server [41] falls under the "Identify" function because it aids in comprehending the organization's domain name system (DNS) infrastructure [9]. It is about identifying a critical asset, the authoritative DNS server, which is responsible for resolving domain names to IP addresses.…”

Section: ) Inquiring About the Authoritative Dns Servermentioning

confidence: 99%

“…The distinction between "Identify" and "Protect" functions is based on determining when the switch from identification to protection happens [9]. The "Identify" step outlines risks to set the stage for the "Protect" step, but it does not describe the particular controls or safeguards to be implemented.…”

Section: B Protect Stepmentioning

confidence: 99%

“…Because policies serve as the framework for how an organization will safeguard its assets, developing security policies is a vital aspect of the "Protect" function [9]. Security policies [42] define the rules, standards, and recommendations that must be followed to ensure the organization's security.…”

Section: ) Developing Security Policiesmentioning

confidence: 99%

See 4 more Smart Citations

ChatGPT’s Security Risks and Benefits: Offensive and Defensive Use-Cases, Mitigation Measures, and Future Implications

Charfeddine,

Kammoun,

Hamdaoui

et al. 2024

IEEE Access

View full text Add to dashboard Cite

ChatGPT has been acknowledged as a powerful tool that can radically boost productivity across a wide range of industries. It reveals potential in cybersecurity-related tasks such as social engineering. Nevertheless, this possibility raises important concerns regarding the thin line separating moral use of this technology from its harmful usage. It is imperative to address the challenges of distinguishing between legitimate and malevolent use of ChatGPT. This research paper investigates the many concerns of ChatGPT in cybersecurity, privacy and enterprise settings. It covers harmful attacker uses such as injecting malicious prompts, testing brute force attacks, preparing and developing ransomware attacks, etc. Defenders' proactive activities are also addressed, highlighting ChatGPT's significance in security operations and threat intelligence. These defensive operations are classified based on the National Institute of Standards and Technology cybersecurity framework. They involve analyzing configuration files, inquiring about authoritative server, improving security in various systems, etc. Moreover, secure enterprise practices and mitigations spread through five classes are proposed, with an emphasis on clear usage standards and guidelines establishment, personally identifiable information protection, adversarial attack prevention, watermarking generated content, etc. An integrated discussion digs into the interaction of offensive and defensive applications, covering ethical and practical concerns. Future attacks are also discussed, along with potential solutions such as content filtering and collaboration. Finally, a comparative analysis with recent research on ChatGPT security concerns is directed. The paper provides a thorough framework to comprehend the range of implications associated with ChatGPT, enabling the navigation of cybersecurity and privacy challenges.

show abstract

Section: Paper Contributions and Structurementioning

confidence: 99%

Section: The Defensive Use Of Chatgptmentioning

confidence: 99%