乐鱼(Leyu)体育官网

Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

乐鱼(Leyu)体育官网's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

乐鱼(Leyu)体育官网 has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That鈥檚 why 乐鱼(Leyu)体育官网 LLP established its industry-driven structure. In fact, 乐鱼(Leyu)体育官网 LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

Attacking generative AI

Managing risks in large language models

Large language models (LLMs) such as GPT-3 and Copilot have become increasingly popular for efficieint translation, chatbots and content generation. However, as with any technology, this type of artificial intelligence can open up new attack surfaces.

Consider the following potential vulnerabilities in both the training phase and production phase.

1

Training phase

An LLM can only perform as well as it is trained to do, based on select datasets provided by AI engineers. These datasets create risk for:

  • Data leakage or poisoning. LLM training data can be unintentionally exposed to tampering that leads to vulnerabilities or biases, which can compromise the security, effectiveness or ethics of the model.

  • Model theft. While an LLM is in development, many people are typically given access to complete the model, which increases its susceptibility to theft by an insider threat actor. The development phase also increases the risk of other identity-related vulnerabilities.

  • Insecure plug-in design. Without proper testing, third-party plug-ins for LLMs can introduce risks such as insecure authentication and authorization configurations. They can also allow for insecure inputs.

2

Production phase

Once an LLM has been deployed, users throughout an organization can typically access it for a wide array of purposes. Look out for risks such as:

  • Prompt injection. Similar to SQL injections or cross-site scripting (XSS), an attacker could input payloads into an active LLM, causing it to perform unintended actions.

  • Sensitive information disclosure. If an LLM isn鈥檛 properly trained and configured, an attacker could craft a prompt that causes the model to reveal sensitive information.

  • Excessive agency. Often, LLMs are granted far more permissions than are required for them to accomplish their functions. Attackers can recognize and leverage these permissions to elevate their own privileges, causing harm to back-end systems.

3


A need for ongoing testing

To mitigate risks throughout the LLM lifecycle, consider the following high-level approach for security testing:

This kind of testing is an important part of cybersecurity, as threats to LLMs can result in additional attack vectors against related application programming interfaces (APIs) and networks. Conducting a thorough penetration test for LLM applications at each phase of the lifecycle can help you identify vulnerabilities, improve your security posture, and mitigate risks.聽

How 乐鱼(Leyu)体育官网 can help

乐鱼(Leyu)体育官网 offers end-to-end security testing as an outcome-based managed service, helping you consistently validate controls while minimizing remediation efforts. That鈥檚 because business transformation is not a fixed destination; it鈥檚 an ongoing journey. With managed services, we help you continually evolve your business functions to keep up with ever-changing targets, while driving outcomes like cost reduction, resilience, and stakeholder trust.

Learn more about 乐鱼(Leyu)体育官网 AI Security Services.

Explore more

Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Social engineering

A fatal flaw in cybersecurity

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Preventing broken trust

Managed services can help fill critical role of application security

Read more
Insight
Webcast Replay Webcast Upcoming Listen Now From The Web

Application security as a culture

How to counter agile adversaries

Read more

Meet our team

Image of Evan Rowell
Evan Rowell
Managing Director, Advisory, 乐鱼(Leyu)体育官网 US
Read bio
Image of Evan Rowell
Evan Rowell
Managing Director, Advisory, 乐鱼(Leyu)体育官网 US
Read bio

乐鱼(Leyu)体育官网. Make the Difference.


Some or all of the services described herein may not be permissible for 乐鱼(Leyu)体育官网 audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. 乐鱼(Leyu)体育官网 LLP does not provide legal services.

The information contained herein is not intended to be 鈥渨ritten advice concerning one or more Federal tax matters鈥� subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

漏聽2025 乐鱼(Leyu)体育官网 LLP, a Delaware limited liability partnership and a member firm of the 乐鱼(Leyu)体育官网 global organization of independent member firms affiliated with 乐鱼(Leyu)体育官网 International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the 乐鱼(Leyu)体育官网 global organization please visit聽.

Thank you!

Thank you for contacting 乐鱼(Leyu)体育官网.聽We will respond to you as soon as possible.

Contact 乐鱼(Leyu)体育官网

Use this form to submit general inquiries to 乐鱼(Leyu)体育官网. We will respond to you as soon as possible.

By submitting, you agree that 乐鱼(Leyu)体育官网 LLP may process any personal information you provide pursuant to 乐鱼(Leyu)体育官网 LLP\'s .聽

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services 乐鱼(Leyu)体育官网 can help assist you with.

Office locations

View locations

International hotline

You can confidentially report concerns to the 乐鱼(Leyu)体育官网 International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Headline