GPTs are useless, AI and ISO 27001 preparation, Cyber Monday thoughts
Hello there
I hope you had a great week.
Mine was good, but news I confess it feels like everything keeps becoming faster and it’s hard to follow. Don’t you think so as well? That’s why I’m not gonna be long. Just trying to cover what makes a better information security management in the AI age.
Shall we go?
Every week, I’ll send 3 thoughts on managing an information security system in the AI era.
Here’s what I have for you today:
Personal Insight: GPTs are useless
Projects Update: AI and ISO 27001 preparation
Some thoughts: What Cyber Monday is about
1. Personal Insight
Earlier in November, OpenAI released the ability to create “Custom” GPTs, i.e. versions of ChatGPT fed with instructions that make the chatbots more specialized in one thing.
In the following days, many GPTs popped out, and sometimes, the results were not glorious.
Some were helping you to… understand character from the Simpsons you would be.
This raised the question: are GPTs condemned to be useless?
Since I played with them as well, I can tell you: the answer is no.
It depends on the instructions you give to these models.
It turns out results are pretty good when it comes to guiding you on information security matters.
See the results yourself:
I find it pretty sick.
We often blame ChatGPT for providing generic answers that are not tailored for you.
Well, now we’ve literally an ISO 27001 Copilot who’s job is to provide answers that answer your needs based on your context.
So, are GPTs still useless?
2. Projects Update
I’ve been writing information security related policies for 5 years.
All kind of document that is useful to maintaining an information security management system.
When I discovered AI, it was obvious to me that due to the repetitive nature of writing this documentation and the fact that it’s mostly based on templates, something was to be done.
So, I rolled up my sleeves and got to work.
Some months later, I’m happy to introduce… the ISMS Policy Generator!
I’ve put hours and hours of my nights and weekends to create a generator of 20+ policies needed for ISO 27001.
As far as I know, it’s a unique attempt to leverage AI to produce ISMS documents that can be tailored to any company.
You basically reply some questions and receive your policy in a Word document by email a couple of minutes later.
Isn’t it magic?
No, that’s just a good mix of tech and expertise.
Try the demo yourself.
3. Some thoughts on Cyber Monday
Cyber Monday.
It's basically about saving money by buying cheaper.
I propose another definition:
Saving money to businesses by avoiding data leakages.
How? Well, I found a relevant answer shared by Cynomi security services:
For me, the key and most accessible action is….
Teaching employees how to use AI without sharing sensitive information. ❌
And I repeat it: that can literally be done for free.
I created a free ChatGPT security awareness course to distribute to your employees.
I’m spending my weekend making the course even better.
If you're in charge of protecting data against ChatGPT leaks in your company, enjoy not having to do the training yourself!
That’s it!
Thank you for reading today’s edition.
What do you think about this new format?
Reply to this email if you enjoyed it.