Cyber Threats & AI, Congress Passes Privacy for Jet Owners, PwC Becomes First Reseller of ChatGPT

[00:00:02] It's Thursday, May 30th, 2024, and I'm Dave Sobel. Three things to know today.

[00:00:07] Cyber criminals use of AI for sophisticated tax and frauds.

[00:00:12] Congress passes a privacy law, just not the one you think. And the first reseller of Chakchupiti Enterprise.

[00:00:19] This is the Business of Tech.

[00:00:24] Huntress has released its 2024 cyber threat report highlighting increased targeting of healthcare and other vital industries.

[00:00:31] The report reveals that hackers hide in plain sight with cloud storage misuse incidents involving Microsoft OneDrive, Google Drive, and Dropbox.

[00:00:41] Ransomware threats are surging, with Darkgate, Akira, and LockBit being prominent variants.

[00:00:47] The report also emphasizes that no healthcare target is sacred as healthcare organizations face various cyber threats, including Trojans, rats, and ransomware.

[00:00:57] And from some new Rapid7 research, the number of new ransomware strains has decreased by more than half in the past year, indicating that existing tools used by top gangs are successful.

[00:01:08] Ransomware attacks now focus more on business-critical systems and data exfiltration before deploying ransomware.

[00:01:16] Common initial access vectors are exploiting vulnerabilities in public-facing applications and obtaining valid accounts.

[00:01:23] Deploying multi-factor authentication and patching vulnerabilities quickly are effective defenses against ransomware and other attacks.

[00:01:30] Zero-day exploits are rising, particularly in network and security appliances, and attackers are increasingly targeting network-edge devices.

[00:01:39] MIT Technology Review looked at how criminals leverage artificial intelligence.

[00:01:44] Phishing is a major use case, with generative AI like Chakchupiti being integrated into spam-generating services.

[00:01:51] Deepfake audio scams are rising, allowing scammers to imitate someone's voice very convincingly.

[00:01:58] Criminals are also using deepfakes to bypass identity checks and offering jailbreak as a service to manipulate AI systems.

[00:02:06] Additionally, AI language models are used for doxing and surveillance, as they can infer personal information from online conversations.

[00:02:15] Why do we care?

[00:02:17] Just as ransomware was systemized, it's logical to think that targeted identity attacks are next to be fully systemized.

[00:02:24] Huntress says ransomware is up.

[00:02:26] Rapid7 says more targeted with less of them.

[00:02:29] Either way, the bigger opportunity is in people and education rather than tools.

[00:02:37] Are you and your clients tired of the time-consuming ticket tennis of coordinating meetings and help desk calls?

[00:02:45] Wouldn't it be better to automate this process with a tool that connects directly to ConnectWise Manage or Autotask?

[00:02:53] TimeZest offers scheduling automation that gives you complete control of your schedule and eliminates the hassle of calendar ping-pong.

[00:03:03] As the only service designed specifically for MSPs, it integrates into your workflow and makes scheduling appointments easy on you and your clients.

[00:03:13] Plus, you can try TimeZest for free.

[00:03:16] Visit timezest.com slash MSB radio and use the code MSBRadio to get 10% off your first year of TimeZest.

[00:03:29] A task force formed by the European Union's data protection enforcers has released preliminary conclusions on how the EU's data protection rules apply to OpenAI's chatbot, ChatGPT.

[00:03:40] The task force remains undecided on critical legal issues, such as the lawfulness and fairness of OpenAI's data processing.

[00:03:47] This lack of clarity leaves OpenAI facing regulatory risks and potential penalties under the GDPR.

[00:03:54] Despite complaints about violations of the GDPR, OpenAI may continue business as usual without clear guidance from EU data protection enforcers.

[00:04:04] Colorado has enacted new right-to-repair laws requiring device manufacturers to make it easier for consumers and independent businesses to repair electronic devices.

[00:04:13] The law covers a wide range of consumer electronic devices and prohibits manufacturers from using parts pairing.

[00:04:20] Compliance is required by January 1, 2026, for devices manufactured on or after July 1, 2021.

[00:04:29] And think Congress can't pass privacy laws?

[00:04:32] The US government has passed a new privacy law specifically designed to protect the privacy of affluent jet owners,

[00:04:39] but it has failed to pass an Internet-era privacy law or regulate data brokers.

[00:04:44] The new law passed in the FAA reauthorization bill allowing private jet owners to censor travel details and claim confidentiality for safety or security reasons.

[00:04:56] And in a follow-up, Steve Kramer, that political consultant who admitted to deep-baking Joe Biden's voice in a robocall during the New Hampshire Democratic primary,

[00:05:05] has been indicted in New Hampshire and fined $6 million by the Federal Communications Commission.

[00:05:11] The charges include voter suppression and impersonation of a candidate.

[00:05:16] The FCC also fined a telecom company allegedly involved in the call an additional $2 million.

[00:05:22] Why do we care?

[00:05:25] Let's be patient. The Europeans do eventually get there.

[00:05:28] That said, I want to focus a moment back on Congress.

[00:05:31] It's easy to fall into the trap of assuming there will be no action of any kind.

[00:05:35] That isn't the case. It's just about their priorities.

[00:05:41] PwC has become the first reseller of ChatGPT Enterprise through a partnership with OpenAI.

[00:05:47] This allowed businesses to purchase the generative AI service through PwC instead of directly from OpenAI.

[00:05:54] PwC aims to upsell its services to clients interested in using ChatGPT to optimize their workloads.

[00:06:00] The firm already uses custom GPTs for various tasks and sees AI as a way to drive increased impact and productivity.

[00:06:09] According to research from the University of Chicago, GPT-4 has demonstrated the ability to conduct financial statement analysis with accuracy surpassing that of professional analysts.

[00:06:21] Through using chain-of-thought prompts to guide its reasoning, ChatGPT achieved a 60% accuracy in predicting future earnings, outperforming human analysts.

[00:06:32] The researchers suggest that large language models may play a central role in decision making despite challenges in numerical analysis.

[00:06:40] However, a study from Purdue University reveals that 52% of programming answers generated by ChatGPT are incorrect.

[00:06:48] The research analyzed 517 programming questions in Stack Overflow and showed that 77% of the answers were also verbose.

[00:06:56] Despite the inaccuracies, users still preferred ChatGPT answers 35% of the time due to their comprehensive and well-articulated language style.

[00:07:07] Why do we care?

[00:07:09] We care about PwC's goals, upsell services. That's the opportunity they have identified.

[00:07:15] I see it too. And note that on one hand, you have improved earnings reports and on the other, incorrect answers to programming questions.

[00:07:23] And yesterday, I reported on Google recommending Blue and Pizza.

[00:07:27] If I had the simple answer, I'd build the business there.

[00:07:30] It's just not that simple.

[00:07:34] Struggling with data sprawl? Skycake is here to help.

[00:07:38] Managing and securing data across multiple platforms can be a challenge.

[00:07:42] But you don't have to face it alone.

[00:07:43] Skycake emphasizes that shared responsibility with your customers ensures Microsoft 365 data remains safe and secure.

[00:07:52] Here are three quick tips to help get you started.

[00:07:55] First, educate your customers on effective data management practices.

[00:08:00] Second, raise employee awareness to prevent breaches.

[00:08:04] Third, guide customers on future tech investments to minimize risks.

[00:08:07] By emphasizing these principles and leveraging a comprehensive solution like Skycake Cloud Backup,

[00:08:13] you can effectively confront data sprawl and protect your customers' data across modern workloads like Planner and Teams.

[00:08:21] Don't let data sprawl hold you back. Trust Skycake to keep your data secure and manageable.

[00:08:27] Visit skycake.com slash MSB radio to learn more.

[00:08:37] And from me, do love my e-bike.

[00:08:39] If you have a question you want answered, send it in at question at MSB radio dot com,

[00:08:44] which we'll answer next week on Wednesday live show.

[00:08:47] If you got a comment or a thought on a story today, put it in the comments if you're on YouTube

[00:08:51] or reach out to me on LinkedIn if you're listening to the podcast.

[00:08:54] And we'll talk to you again tomorrow.

[00:08:57] The Business of Tech is written and produced by me, Dave Sobel,

[00:09:01] under ethics guidelines posted at businessof.tech

[00:09:04] If you like the content, please make sure to hit that like button, follow or subscribe.

[00:09:10] It's free and easy and the best way to support the show and help us grow.

[00:09:15] You can also check out our Patreon where you can join the Business of Tech community

[00:09:20] at patreon.com slash MSB radio or buy our Why Do We Care merch at businessof.tech

[00:09:28] Finally, if you're interested in advertising on the show, visit MSB radio dot com slash engage.

[00:09:34] Once again, thanks for listening to me and I will talk to you again on our next episode of the Business of Tech.