Cybercriminals are increasingly utilising generative artificial intelligence (GenAI) for malicious activities, ranging from sophisticated scams to automated attacks. However, GenAI can also be an effective tool against cyberattacks. In October, traditionally celebrated as European Union Cybersecurity Month, we are seeking new ways to ensure the security of society and infrastructure in cyberspace. One of the latest initiatives by researchers at the Kaunas Faculty of Vilnius University in this field is the GAISO project, which aims to use generative artificial intelligence solutions to help protect critical infrastructure and society from cyber threats.
GAISO is a scientific project entitled "Research on Cyber Resilience Through Application of Generative Artificial Intelligence in Chief Information Security Officer Operations," funded by the Research Council of Lithuania (LMTLT) under contract No. S-ITP-24-13. The project is being implemented by a team of researchers from the Institute of Social Sciences and Applied Informatics at the Kaunas Faculty of Vilnius University, in collaboration with partners.
Research on the most advanced artificial intelligence and natural language processing tools for cybersecurity purposes
“The activities of the GAISO project cover several closely related areas. The first is the application of GenAI in the activities of information security managers. The project utilises the latest advances in generative artificial intelligence and natural language processing (NLP) to automate some of the cybersecurity processes,” says the project researcher, Associate Professor at the Kaunas Faculty of Vilnius University, Kęstutis Driaunys.
The daily tasks of information security managers — from routine reporting to risk monitoring — aim to integrate AI algorithms. This would allow security specialists to focus more on strategic decisions and entrust repetitive or time-consuming tasks to artificial intelligence. For instance, GenAI could process massive security data flows in real-time, helping to identify patterns of malicious activity on computer networks and/or suspicious behaviour by infrastructure users more quickly, and provide early warnings of potential cyber incidents. “The project's research focuses on the application of cutting-edge generative artificial intelligence and natural language technologies. We want them to help automate daily processes, strengthen risk management, identify potential threats faster, and enhance the culture of cyber security,” says Assoc. Prof. Kęstutis Driaunys.
Assessment of the effectiveness, reliability, and suitability of GenAI models
The GAISO team conducted a comprehensive study of generative AI models available on the market to determine which ones are best suited for various information security manager functions.
Different GenAI models were tested to assess their ability to answer specialised cybersecurity questions covering technical, operational, physical, and human factor security aspects. The study revealed that not all currently existing AI models are capable of performing such tasks — some of them provided inconsistent or overly general responses, especially when faced with ambiguous queries.
“This shows that the novelty of generative artificial intelligence alone does not guarantee practical benefits — it is necessary to carefully select and adapt models to meet cybersecurity needs. After the initial analysis, the weaker models were rejected, and further research focused on the most promising ones,” explains the scientist. “This leads to an important conclusion: to implement AI solutions for cyber defence, their reliability and limitations must be assessed.”
A GenAI-based cybersecurity model prototype will accelerate threat detection
GAISO researchers will utilise these results to enhance the GenAI-based security model they are developing, ensuring it is as reliable as possible in real-world conditions.
This prototype will feature an integrated advanced generative artificial intelligence model and a specially adapted natural language processing (NLP) subsystem. It is expected to perform various tasks of information security managers, from initial incident detection and risk assessment to assisting in decision-making, taking into account the context of cyberattacks. Scientists will test the developed system by simulating realistic cyber incident scenarios, allowing them to assess the extent to which the new tool increases an organisation's resilience to cyber threats.
The initial test results are encouraging: the AI assistant can recognise some typical cyber incident scenarios and suggest possible solutions. In the near future, it is planned to test the prototype in cooperation with several business organisations, which will allow assessing the effectiveness of the developed technology in real conditions and collecting feedback for further improvement. Experimental prototype testing will reveal its strengths and weaknesses, and the insights gained at the end of the project will be summarised in a monograph. If the prototype proves successful, this solution will ultimately form the basis for adaptive cybersecurity systems that continuously learn from new data and adapt more effectively to evolving threats in the long term. This will be a significant step forward in the development of cybersecurity technologies, both in Lithuania and throughout the European Union.
For information security advice, ask GAISO's virtual assistant on Instagram
Understanding that technological solutions will only be effective if people accept them and learn how to behave appropriately in the digital space, the initiators of GAISO are devoting considerable attention to education. During the project, the idea was conceived to create a virtual advisor — a friendly GenAI assistant character that would disseminate knowledge about cybersecurity on social networks (https://www.instagram.com/gaiso_project/). This is how GAISO's virtual friend, which represents the project, came into being, communicating with the audience in an appealing manner.
“This virtual assistant shares practical advice on how to recognise online threats, how to behave safely on social networks, and how to protect your data. The information is presented in a language that young people understand, using the style of contemporary social media content — short videos, infographics, and playful explanations,” says the project team member, Master’s degree student Ieva Šilingaitė, who is participating in the creation of this communication. “It is important to emphasise that the content created by GAISO's virtual assistant is strictly based on the principles of responsible AI use, avoiding unethical or misleading content. Unlike some controversial foreign examples, this Instagram friend does not engage in sarcastic or ambiguous communication — her messages are focused on respect for the user, privacy, and critical thinking.”
It is hoped that the project will contribute to improving cyber hygiene in society, enabling people to gain knowledge while also developing awareness and responsibility in the online space.
Benefits of the GAISO prototype — more effective incident prevention and lower losses
Although the project is still ongoing, the GAISO team has already achieved its first tangible results. In the article "Navigating the CISO’s Mind by Integrating GenAI for Strategic Cyber Resilience", published in the international scientific journal Electronics, information security managers can learn more about the GAISO generative AI model prototype, how it helps strengthen strategic cyber resilience, and how to perform digital security situation analysis more effectively.
The GAISO project demonstrates how close cooperation between science and practice can bring tangible benefits in addressing cybersecurity challenges. “The results of this project are important not only for the academic community and IT professionals, but also for society as a whole.
Stronger resilience of critical infrastructure means more reliable energy, transport, and financial systems, which are the foundation of our daily lives. At the same time, Lithuania and Europe's cyber resilience is increasing — the ability to withstand unexpected attacks, protect citizens' data, and ensure the continuity of business and government operations even in threatening circumstances. This assistance means lower financial consequences after cyberattacks, shorter operational disruptions, and greater customer confidence,” Dr Paulius Astromskis, the Associate Professor at VU Kaunas Faculty and the project researcher, reveals the benefits of this prototype.
October — Cybersecurity Month — will soon be over, but cyber threats remain a constant concern throughout the year. The GAISO project will continue, and we hope that the knowledge and tools it has developed will help us all feel safer. We invite you to follow the GAISO project's virtual advisor posts on Instagram at https://www.instagram.com/gaiso_project/ and continue to deepen your knowledge of cybersecurity. After all, an informed and vigilant user is the first line of defence in the digital world.