OpenAI's First Cybersecurity Investment: A New Direction

The Expanding Threat Landscape with Generative AI

The proliferation of generative AI has significantly broadened the range of tools available to malicious actors and those engaged in illicit activities. It is now feasible to execute actions ranging from creating convincing deepfakes of company leaders to fabricating fraudulent documentation.

OpenAI's Proactive Investment in Cybersecurity

OpenAI, a leading generative AI company, recognizes these escalating risks acutely. Demonstrating this awareness, they have recently made a strategic investment in a startup focused on bolstering defenses against such attacks.

Adaptive Security Secures Series A Funding

Adaptive Security, a New York-based firm, has successfully raised $43 million in a Series A funding round. This round was co-led by OpenAI’s startup fund and Andreessen Horowitz, as announced on Wednesday. This investment represents OpenAI’s inaugural venture into the cybersecurity sector, as confirmed to TechCrunch.

Simulating Attacks for Enhanced Employee Training

Adaptive Security employs a unique approach by simulating AI-generated attacks to educate and train employees in identifying these emerging threats. For example, an employee might receive a phone call seemingly from their Chief Technology Officer requesting a verification code.

However, this would not be a genuine communication, but rather a sophisticated spoof created by Adaptive Security’s platform.

Comprehensive Threat Coverage

The platform’s capabilities extend beyond voice calls, encompassing simulations via text messages and emails. Furthermore, it assesses organizational vulnerabilities and provides targeted training to enhance staff awareness of potential risks.

Addressing Social Engineering Vulnerabilities

The startup concentrates on attacks that rely on manipulating human employees into performing unauthorized actions, such as clicking on malicious links. These social engineering tactics, while conceptually simple, have resulted in substantial financial losses.

A notable example is the Axie Infinity breach in 2022, where over $600 million was lost due to a fraudulent job offer targeting a developer.

The Rise of AI-Powered Social Engineering

According to co-founder and CEO Brian Long, AI tools have dramatically simplified the execution of social engineering attacks. Launched in 2023, Adaptive Security currently serves over 100 customers, and positive feedback from these clients contributed to attracting OpenAI’s investment.

Experienced Leadership at the Helm

Brian Long brings a wealth of entrepreneurial experience to Adaptive Security, having previously founded and successfully exited two companies: TapCommerce, acquired by Twitter in 2014 (reportedly for over $100 million), and Attentive, valued at over $10 billion in 2021.

Funding Allocation and Future Development

Long stated to TechCrunch that the newly acquired funding will be primarily allocated to expanding the engineering team. This expansion will facilitate product development and ensure Adaptive Security remains at the forefront of the ongoing “arms race” against malicious actors leveraging AI.

A Growing Cybersecurity Landscape

Adaptive Security is joining a rapidly expanding ecosystem of cybersecurity startups focused on mitigating AI-related threats. Cyberhaven recently secured $100 million in funding to prevent sensitive data from being entered into tools like ChatGPT, as reported by Forbes.

Snyk attributes its revenue growth, exceeding $300 million, partly to the increase in insecure code generated by AI. Additionally, deepfake detection startup GetReal raised $17.5 million last month.

Simple Advice for Protecting Your Voice

As AI-driven threats become increasingly sophisticated, Long offers a straightforward recommendation for employees concerned about voice cloning: “Delete your voicemail.”