Cisco highlights the limitations of AI-generated long-form technical content and offers techniques to minimize mistakes.
You’ll need a lot of detailed prompts to get solid output - and even then it may have errors and typos Cisco tested AI’s ability to write an accurate report on a tabletop security incident response exercise, and found that while the tech can save time, many risks remain.
The networking giant revealed its results in a Thursday blog post https://blogs.cisco.com/security/ai-generated-reporting-lessons-learned-from-talos-incident-response by Nate Pors, a senior incident commander in the Cisco Talos Incident Response team. Pors opened by observing that when to used generate long-form technical content, large language models can deliver “significant inaccuracies, unusual conclusions, and inconsistent writing styles. ”LLMs make those mistakes because they’re essentially a fancy autocomplete system that makes educated guesses.
Pors wrote that the nature of LLMs therefore sees them mess up in four ways:Using different data for each query, which means it’s “difficult to rely on an LLM for repeatable, standardized research outcomes. ” Reaching different conclusions from the same data.
“In a data breach scenario, a model might suggest a full organization-wide password reset in one instance and a targeted reset in another,” Pors wrote and AI then “often defaults to whichever recommendation it generates first” – and may therefore give bad advice. Because LLMs generate content token-by-token, they can create documents with different structure and formatting on each new run.
“This unpredictability is problematic for professional environments where standardized layouts, such as consistent executive summaries or recommendation sections, are essential for quality control,” the Talos man observed. Talos developed several techniques to stop this sort of thing happening. One involves giving an LLM “granular, single-task instructions” that focus on “a specific, small portion of the report. ” Doing so means “risk of hallucination or cross-contamination between sections is significantly reduced.
” Telling an LLM which sources to use also helps. So does setting rules about the style and format of output. Cisco to fire 4,000 staff and generously give them free training – on CiscoUsing those techniques, Cisco says the time required to draft an incident report based on a tabletop exercise fell by 50 percent.
"A blind test of the sample report in our quality assurance process showed no noticeable drop in overall writing quality," Pors wrote. "The peer reviewer, professional editor, and management reviewer all made complimentary comments about the report while unaware that it was AI-generated. The peer reviewer commented that the incidence of typos and grammatical errors was far lower than in the average report.
" But the Talos team also found “editing multiple sample reports within a single session resulted in cross-contamination of content from one report’s source material to another, even if the notes used to generate the first report were deleted from the project’s reference documents. ” The researchers therefore recommend starting a new session, and re-entering prompts, for each new incident report.
They also developed a spelling-and-grammar-checking prompt that “hallucinated numerous grammar issues … failed to identify actual issues,” had a success rate below 50 percent and “would behave inconsistently, sometimes catching issues and sometimes overlooking them. Pors said Cisco concluded that its approach “could be adapted to any cybersecurity reporting use case with standardized inputs and predictable outputs," but also warned authors must"take ownership of every word of the final report.
" "While testing, we found that the LLMs generated recommendations that were duplicative, irrelevant, or not actionable. If this were used in a production environment without manual checks, it could result in poor-quality recommendations in a final report.
" Those problems arose when considering a tabletop exercise, a far simpler affair than analysis of an incident that involves analyzing log files from multiple systems. ®You’ll need a lot of detailed prompts to get solid output - and even then it may have errors and typosZTE releases Sustainability Report 2025: driving a new chapter in sustainable development through AI Through its"All in AI, AI for All" vision, ZTE surpasses climate targets, bridges the global digital divide, and strengthens governance resilienceDems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'DevOpsSecurityInfrastructure teams are facing a perfect storm: extended hardware lead times, rising costs driven by AI demand, and accelerated platform timelines.
From Prompt to Exploit: How LLMs Are Changing API AttacksCatch the Advanced Attacks Microsoft 365 Misses with Behavioral AI SecurityAI Found the Problem. Now What? Step into the chaos of a live ransomware breach, test your response skills, and team up with other IT and security pros to outsmart cybercriminalsRansomware attacks aren’t slowing down, and neither are we. Druva’s hit event, Escape Ransomware, is now fully virtual.
Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'Npm registry sets stage for more secure package publishingDems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'Npm registry sets stage for more secure package publishingDems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund'Threat hunters find Google API keys still usable 23 minutes after deletionCritical flaw payouts slashed by more than 75%Europe built sovereign clouds to escape US control. Then forgot about the processorsThe Linux mid-life crisis that's an opportunity for Tux-led transformation
AI LLM Long-Form Technical Content Cisco Talos Incident Response Lessons Learned Granular Single-Task Instructions Inconsistency In Writing Styles Errors And Typos Tabletop Security Incident Response Exercise
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Katie Price's brutal 5 words as she issues stark update on 'missing' Lee AndrewsKatie Price shared a fresh update on her “missing” husband Lee Andrews as speculation continues to mount over his whereabouts after he failed to arrive in the UK
Read more »
Cisco serves up yet another perfect 10 bug with Secure Workload admin flawSwitchzilla says attackers could access sensitive data and make configuration changes across tenant boundaries through vulnerable internal APIs
Read more »
Met Office issues safety warning ahead of scorching bank holiday weekendThe long weekend is looking like a cracker - but the good weather brings risks of its own.
Read more »
Food Standards Agency Issues Urgent Recall of Organic Baby Fromage Frais Products due to Mould ContaminationThe Food Standards Agency (FSA) has recalled a selection of Organic Baby Fromage Frais products from Glenisk due to the potential presence of mould, which renders them unfit for human consumption. Affected items include Organic Baby Fromage Frais mango with apple, banana and oats, Organic Baby Fromage Frais strawberry with banana, vanilla and oats, and Organic Baby Fromage Frais apple, pear, carrot with oats.
Read more »