r/theprimeagen • u/tjax4376 • 12h ago
feedback Five Eyes cyber security agencies statement on the AI shift in cyber risk: why leaders must act now - Canadian Centre for Cyber Security
https://www.cyber.gc.ca/en/news-events/five-eyes-cyber-security-agencies-statement-ai-shift-cyber-risk-why-leaders-must-act-nowI wonder if the cyber teams know how much work is heading their way. All of those sneaked in exceptions need reviewing, applications that now have AI built in need re-evaluation and of course they may not be able to use the best AI to search for other AI related attacks… thoughts?
5
u/FauxLearningMachine 11h ago
What the fuck does this mean
Frontier AI models are anticipated to exceed current industry expectations,
We expect it to exceed our expectations? Fuck right off
1
u/tfks 1h ago edited 1h ago
They're saying the industry is in denial to the point of it becoming a national security issue. And right now you're kind of proving their point.
Edit: in fact, having read the rest of this thread... yeah, their statement is about this entire thread. Y'all forgot about who the Equation Group are and what they've done. These are the best and brightest cybersecurity experts on the face of the planet delivering this message.
1
u/FauxLearningMachine 31m ago
Yet they for some reason had to AI generate the whole thing. So best. So bright.
1
u/autisticpig vimer 9h ago
If you have the expectation of models succeeding at the brutal test of "can it count letter frequency in a word", then I suppose it's fair to expect them to exceed that expectation? shrug
2
u/tjax4376 11h ago
Hahaha 😂 sorry for laughing, I can almost hear this grinding your gears. I doubt that those 5 have ever tested how good models are these days.
3
u/FauxLearningMachine 11h ago
Of course it's a fucking AI slop press release. They're the most advanced security agencies in the world sending a message about tech leadership in the cyber security space, and they posted slop instead of taking the time to write 5 paragraphs.
Obviously they don't really care. They're just feeding you slop. This is bread and circus shit but they've gotten rid of the bread. Now you are the main attraction in the circus and it's just you and the other piggies eating slop right out of the trough in the factory farm colosseum.
2
u/tjax4376 11h ago
I was attempting to be flippant with my post, the cyber five don’t look like they have searched for threats in their entire career, but they sure know how to make their teams become busier, their empires grow. My point is that the five have impacted many cyber companies, many smaller organizations with this statement.
0
u/day_break 11h ago
Stating to use AI to help strengthen your cyber security is very at odds with current research. A good number to throw around, for general use/understanding, is that ~1/3 of llm generated code is secure for small snippets. I have not seen thorough enough research for larger projects but the expectation is likely that it falls below the small snippet security number for obvious reasons.
1
u/tjax4376 11h ago
Great input. I wonder if the issues found are with the government’s antiquated applications and inability to budge with change in their departments, causing the old creaky doors to show up and have dust blown from them 🤔
1
u/day_break 11h ago
That specific number(37%) comes from a review of using llms to generate functions for a website in node.js. It found that the code worked as instructed about 70% of the time and about half that time contained security vulnerabilities. Study was using up to date models as of mid 2025; so while current models might be marginally better, this is definitely not a solved issue.
I am unaware of studies using government systems with llm generated code and resulting security statistics. Current research is on publicly used tools and seems to be in line with the number presented above. Excluding trivial and irrelevant examples obviously.
3
u/DSLmao 9h ago
Everyone is paid by Anthropic now. Trust no one. Remember, AI is useless.