- Cisco warns AI‑generated incident reports are often inaccurate, inconsistent, and prone to data loss due to LLM limitations
- The company advises granular, single‑task prompts, fixed source documents, and strict formatting rules to improve reliability
- Cross‑contamination between reports remains a challenge, with researchers recommending fresh sessions for each new incident report to avoid errors
Any companies looking to utilize AI tools for their security reporting may want to read a new report from Cisco outlining its experience using AI-generated incident reporting.
The company has warned those using AI to create long-form technical content should expect “significant inaccuracies, unusual conclusions, and inconsistent writing styles,” mostly because of the probability-driven nature of Large Language Models (LLM).
“These models generate output by predicting the next token, typically a word or sub-word, in a sequence, based on model weights and training data,” Cisco says or, as The Register puts it, “they’re essentially a fancy autocomplete system that makes educated guesses.”
What works and what doesn’t
Since AI is basically just predicting the next word, it creates four key issues, according to Cisco:
- LLMs use different data for each new query, making consistency and standardization a challenge
- Even if the same data is shared, the outcome will always be slightly different
- Every new document will have different structure and formatting, which is yet another standardization challenge
- AI often discards valuable data, changing the outcome
- This doesn’t mean AI is unusable for long-form technical reporting – quite the contrary. It can still save enterprises plenty of data, but the tool needs to be properly set up and optimized.
Cisco says a good approach is to give the AI “granular, single-task instructions focusing on a specific, small portion of the report”.
The company also said that the AI should not be free to choose their sources for the report but instead should be given specific documents. Finally, the AI should have clear instructions regarding the formatting and the style.
“A blind test of the sample report in our quality assurance process showed no noticeable drop in overall writing quality,” Cisco said.
“The peer reviewer, professional editor, and management reviewer all made complimentary comments about the report while unaware that it was AI-generated. The peer reviewer commented that the incidence of typos and grammatical errors was far lower than in the average report.”
Cisco further discovered another challenge – when the AI is asked to edit multiple sample reports in a single session, content from one report’s source material gets cross-contaminated with another, “even if the notes used to generate the first report were deleted from the project’s reference documents.”
To work around this issue, the researchers advised starting a new session and re-entering the prompts for each new incident report.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
Click Here For The Original Source.
