Digital Newsletter
Each week our editor Phil Alsop rounds up the most popular articles, videos and expert opinions. We compile this into a Digital Newsletter and send it straight to your inbox every week.
Digital Magazines
We'll let you know each time a new edition of Data Centre Solutions is released so that you're always kept up-to-date with the latest and greatest news and press releases.
Video Magazines
The Data Centre Solutions Video magazine contains the latest Zoom interviews with experts in the industry.
AI is reshaping the cyber security landscape by influencing both defenders and attackers. On one hand, we have automated threat detection, the real-time analysis of vast amounts of data and quicker response times for analysts. On the other, cybercriminals are using generative AI to enhance phishing emails, create sophisticated malware and enable cybercrime-as-a-service operations. Some criminals are even using AI-powered translation and sentence structure tools to facilitate negotiations with ransomware victims in real-time.
The very same solution that is designed to protect businesses is also enabling malicious actors to exploit it for harmful purposes. Solutions that once required expert technical knowledge are now within reach of anyone with an internet connection and the necessary funds, making the potential risks even more daunting.
With open-source AI advancements accessible to both sides simultaneously, the traditional strategy of staying one step ahead of cyber criminals is rapidly losing effectiveness. To keep up with this changing landscape, businesses must adopt a layered, practical approach to strengthen their resilience against the increasing risks.
Cyber criminals have the tools
For a while now, it’s the staff within businesses that have fallen under the crosshairs of nefarious actors. Unfortunately, employees continue to open files or click links in phishing emails, providing an avenue for actors to steal sensitive information. Among many ransomware incidents, the often most successful method to a breach is a carefully worded malicious email. They are inexpensive and easy to create in large numbers, and it only takes one click in one email to be successful.
Organisations have often initiated training for employees on how to identify whether an email is a phishing attempt, such as suspicious links, poor spelling or unusually urgent language. But AI is now addressing these hallmarks, making it much harder for staff to spot a phishing email.
Advanced language models are now being used to create messages that seem authentic to the reader and can bypass traditional security measures. We’re now seeing AI-powered voice and video cloning become a reality, which has further enhanced the effectiveness of social engineering attacks. Algorithms can recreate the voices and images of people and businesses to a concerning degree, leaving victims more vulnerable.
Tools can even create malware programs easily, removing the need for cyber knowledge, and even if it’s identified by a security solution, it can be refined to bypass it later on. And while criminals can now buy a bespoke platform, it will soon be even easier as they can run tools from home or within a small virtual private server. With tools ready to be deployed for criminal means, businesses need to respond with layered elements to strengthen their defences.
Businesses must innovate
Today, cyber security technologies offer useful AI capabilities from deployment. Whether it’s a modern firewall, anti-malware or an email filtering tool, AI is ubiquitous. Desktop tools are now supporting staff in their day-to-day work by flagging potentially dangerous content in real-time. And while these tools are vital in preventing many incidents from occurring, some mistakes still do happen. It’s vital that leaders foster a working culture where staff feel able to admit to an error, such as clicking on a malicious link, as soon as possible.
These innovative tools, alongside continuous training about identifying phishing emails, should help the fight. But security posture must cover resilience as well. For example, beyond the defences to protect operations from attacks, what provisions are in place to recover data if the worst does happen? Risk management is crucial because it’s not possible to stop every single cyber incident from potentially occurring.
One solution in the reduction of risk is the implementation of containment techniques to prevent criminals from causing further damage once they’ve broken through a company’s defences. Backups also remain important. An offline provision can offer resilience if AI-driven ransomware attacks have negatively impacted online data. The caveat with many backups however is the time they take to be restored, which can be days in the worst case scenarios. Cloud-native redundancy and disaster recovery solutions can speed up the restores and get businesses back to full speed quickly.
Finally, a constant review of data is important to ensure non-critical information is backed up and teams know exactly where critical data is located in the event of needing to get major systems back online during the worst-case scenarios. This should all be part of routine business continuity planning and testing.
A multi-dimensional approach
The battle between attackers and defenders is intensifying as AI is increasingly used by both sides. While AI equips organisations with advanced tools to detect and counter threats, it also empowers cybercriminals to breach conventional security measures with greater ease. Security strategies must adapt by adopting a layered, multi-dimensional approach to meet this new reality.
The key to success is integrating AI-driven detection with effective containment tactics, robust backup systems and rapid recovery capabilities. As AI continues to evolve, being prepared, ensuring continuity and maintaining the agility to respond quickly to unforeseen challenges are now more crucial than ever.
