E R T N
P
X
E INIO
OP
Chatbot and
conversation
marketing
security pitfalls
and best
practices
Organisations are increasingly recognising the
value of chatbots in providing a positive customer
experience. But it is important that security
remains top of mind when deploying such tools.
Here, Morey Haber, CTO and CISO, BeyondTrust,
explores some fundamental security considerations
for organisations looking to deploy chatbots and
conversation marketing.
ccording to
Gartner’s recent
AI and ML
Development
Strategies
study, 40% of
organisations
cite customer experience (CX) as the
number one motivator for use of Artificial
Intelligence (AI) technology.
A
Not surprisingly, across the Middle
East, we are seeing enterprises of all
sizes and even several government
entities, start rapidly deploying
chatbots on their websites, all in an
effort to provide customers with faster
responses to their queries.
www.intelligentciso.com
|
Issue 18
Morey Haber, CTO and
CISO, BeyondTrust
These chat applications are designed
to field plain text requests from humans
that are fed into an AI engine, which
can provide ‘smart’, scripted responses
to inquiries.
As the Machine Learning technology
that powers many of these chat
applications gets smarter, it is going
to get increasingly harder for users to
determine if they are interacting with a
real person or a machine.
As a case in point, some services
classified as ‘conversation marketing’
may actually route you to the appropriate
live person for a more in-depth
conversation. But while we might never
know the difference, with a little social
engineering, a threat actor can easily
determine what is behind the scenes and
exploit any IT security vulnerability.
Understanding the security
implications of chatbots
Irrespective of whether it’s a human
or machine, there are some inherent
security risks in chat-based services.
Ironically, while there is a plethora of
information available on how to deploy
chatbots and the associated benefits,
there isn’t the same level of attention
and guidance around how to keep it
secure for both your organisation and for
the end user.
41