RSAC 2024: Maintaining LLM Safety, Accelerating SOC Workflows

Mike Nichols, vice president, product for security, and Jake King, head of threat and security Intelligence, both of Elastic Security, join Dark Reading's Terry Sweeney at News Desk during RSA Conference to discuss the datasets that fuel generative AI tools — large language models — and ways that security professionals can work with them safely. And with the increase in automated processes that comes with generative AI, they offer ways to mitigate the risks and ensure the reliability of automated decision-making in the SOC. Nichols and King also examine ways to keep LLM data from being exploited by attackers and how to minimize false positives.

A decorated product strategist and cybersecurity veteran, Mike Nichols is one of a select few who knows what’s more exhilarating: thwarting a major cyber threat or jumping from a C-130 Hercules at 800 feet. His 20-plus year career was born on the battlefield as a military intelligence sergeant and paratrooper in the U.S. Army, where his analysis kept troops safe during complex combat operations in Iraq and Afghanistan. Now, his mission is customer success. Mike’s product leadership has inspired cutting-edge security solutions that protect the world’s critical enterprises, industries, and infrastructure – from Artemis, an archetype of today’s generative AI chatbots, to Elastic Security, a leading SIEM globally. With a goal to democratize security, Mike now trains his sights on how generative AI and other advanced technologies can revolutionize security workflows and solve perpetual security challenges like alert fatigue and talent shortages. As a product pioneer and experienced military-civilian analyst, including with the Department of Homeland Security SOC, Mike frequently speaks at RSA and other premier events. A former cybersecurity strategy instructor at Georgetown University, he remains a passionate advocate of arming the next wave of security professionals with frontline skills, knowledge, and tools through ongoing mentorship and educational opportunities.

While many kids of the 80s and 90s grew up dreaming to ‘Be Like Mike,’ Jake King was more interested in being like Clifford Stoll. Inspired by legendary cyber mavericks and pop culture heroes like WarGames’ David Lightman, he’s embraced a hacker mindset throughout his 15-year career where he now sits at the shadowy intersection of threat actors and defenders as the head of threat and security intelligence at Elastic. With a background in cyber forensics, Jake is fascinated with digital anatomy, dissecting software to understand how it works and how malicious actors may try to exploit it – from similarities in malware payloads through binary hashes to threat patterns in LLMs digital exhaust. With this surgical approach to security intelligence, he and his team absorb the background radiation of the Internet to keep a pulse at the very edge of the threat ecosystem and publish open, cutting-edge research, rules and signatures that empower security teams and protect consumers. Jake is a former co-founder and CSO at Cmd, a Linux endpoint solution that was leveraged by some of the most influential brands before its acquisition by Elastic. A fixture in the Vancouver cybersecurity community, he’s a frequent speaker on cloud security and Linux-based threats and attacks at conferences such as BSides, Black Hat, MITRE, and DEF CON.