Marc Peiser, Principal Consultant at Daemon, explains how the future of cyber security hinges on our ability to embrace innovative AI tools.
Cyber Security Awareness Month has never been more relevant. As of January 2023, one in five UK organisations reported experiencing a data breach accident once a month. A further 29% said they had encountered a data breach event less than once a month in the past 12 months. To provide further context, the most common types of data breaches include unauthorised access, ransomware attacks, and phishing scams, among others.
Cyber attacks can cause serious financial loss, disruption to operations, reputational damage and, in some severe cases, legal liability. With cyber attacks on the rise and cyber criminals becoming more sophisticated, companies need to address online safety as a matter of urgency. A secure cyber security strategy isn’t just a ‘nice to have’ – it’s an absolute priority in running and future-proofing a business today.
The cyber security landscape is in a transitional period and faces a newfound level of threats every day. However, the welcome adoption of AI gives businesses a new arsenal of tools to counter modern cyber threats.
Current state of the cyber nation
For me, the biggest cyber security threat at the moment is ransomware attacks. Not only are they becoming more frequent, but they are also growing more sophisticated. Data from cryptocurrency trading firm Chainalysis suggests that victims have paid ransomware groups $449.1m in the first six months of this year. For all of 2022, that number didn’t even reach $500m.
There are a number of reasons for the rise of these attacks. The biggest factor is that ransomware attacks are highly profitable for the attackers. In extreme circumstances, they can demand millions of dollars in ransomware payments from victims, and given the sensitivity of the data, victims are left with little to no choice but to pay the fee. The monetisation of these attacks through cryptocurrency has also made it easier for attackers to demand and receive payments anonymously.
Ransomware attacks were traditionally focused on large businesses, but now smaller businesses are being targeted too. We’re even seeing attacks on critical infrastructure such as healthcare now as well. To protect against such attacks, companies must take a multi-layered approach to security.
This approach means combining firewalls, intrusion detection systems, endpoint security, and more to create a sort of obstacle course for would-be attackers. The aim is to build an environment where attackers who break through one barrier are immediately stopped in their tracks by another.
Common cyber security pitfalls
In many cases, the business suffering the attack has a limited chance of defending the breach. This is likely down to the highly skilled, technical, and intelligent attacker understanding what area of the business to penetrate. However, why not do everything possible to eradicate that probability and give the business the best chance possible?
A lot of businesses underestimate the role of human error, causing them to provide inadequate cyber security training for their employees. This makes them more susceptible to phishing attacks, as employees have not been trained to recognise the red flags.
They may also give excessive access rights to employees, granting admin status where it isn’t needed. This negligence can be especially dangerous if the company doesn’t have a solid process for revoking access for former employees. A disgruntled former staff member with continuing access to sensitive data is a security risk that businesses must avoid at all costs.
Many businesses fail to update their software at regular intervals. Security systems may have been state of the art when first acquired but they will soon become ineffective if the latest patches are not installed. This neglect is not only an easy fix but also a glaring oversight, as not regularly updating software will leave vulnerabilities open for attackers to exploit.
As the saying goes, knowledge is power. And education is the key to improving this situation. Employees need to recognise the risks and know how to respond in the event of an attack. Training sessions are a good start, but the most effective teaching method is to simulate a cyber attack. Like a fire drill, this allows employees to practise their response to an attack and correct any mistakes. This will enable employees with the experience of enduring an attack and the knowledge on what to do when a real one occurs.
AI to the rescue
The spike in the development and adoption of AI over the past 18 months has gifted companies a unique opportunity to gain the upper hand against cyber criminals. One of the many benefits of using AI in defence against cyber attacks is the ability to detect threats in real time. AI can continuously monitor network traffic and system activity for suspicious activity, even if the threat is new or unknown. This allows humans to focus more of their energy on tasks that require that human touch.
AI’s capability to reduce the average breach lifecycle by 108 days is a game-changer. AI-based security tools can also adapt and learn from the patterns of past attacks, refining their detection and response mechanisms over time. This speed is crucial in mitigating both financial and reputational damage a cyber breach can inflict on a business.
But it’s not just about speed; AI’s role extends to financial savings as well. AI in cyber security was worth over $10bn in 2020 and is forecast to increase to $46.3bn by 2027.
However, it’s worth noting that while AI tools offer immense value, they should be integrated as part of a comprehensive cyber security strategy rather than as standalone solutions.
In the face of mounting cyber risks, it is imperative for organisations to embrace the power of knowledge, innovation, and technology to fortify their defences. The future of cyber security hinges on our ability to adapt, collaborate, and remain one step ahead of the ever-evolving threat landscape.
As we mark another Cyber Security Awareness Month, let us reinforce our commitment to safeguarding the digital realm and ensuring a safer, more secure future for all.
