Stuart O'Brien, Author at Cyber Secure Forum | Forum Events Ltd - Page 3 of 61
Posts By :

Stuart O'Brien

These are the top trends impacting tech providers in 2024

 960 640 Stuart O'Brien
By:
0
0
Generative AI (GenAI) is dominating the technical and product agenda of nearly every tech provider, but ESG and buyer pessimism are also high on the agenda.

Eric Hunter, Managing Vice President at Gartner, said: “[GenAI] technology reshapes a tech provider from its growth and product strategy down to the everyday tools used by its associates. Despite the potential for GenAI to reshape providers, it is not the only influence facing technology leaders. There are new points of friction in growth plans, new points of fusion in marketing and sales, and new relationships opening up to technology and service providers (TSPs).”

The immediate and long-term implications of these issues require product leaders to balance between short-term opportunity and long-term advantage and strategies based on economic recovery or recession. Gartner’s top trends for 2024 reflect these dualities (see Figure 1).

Figure 1: 2024 Gartner Tech Provider Top Trends

Note: The bubble size for each trend conveys the relative magnitude of disruption for a given trend, relative to the other top trends. Source: Gartner (February 2024)

Efficient Growth for High Tech

Significant growth in IT spending over the last decade benefited high-tech companies. Capturing that growth led high-tech firms to pursue growth without a full measure of the costs. This is a “growth at all costs” strategy. High-tech firms anchored their product, organization and employment plans on a hypothesis of continued strong growth.

As macroeconomic conditions create uncertainty among buyers and increasing costs of capital shift investor focus to margin growth, Gartner analysts see a trend toward tech providers focusing on efficient growth. Efficient growth strategies recognize the value in growing in ways that strengthen current margins and future revenue opportunities.

New Enterprise IT-Provider Relationships

Increased business and technical demands require enterprise IT to cover more ground at a deeper level and a faster pace, eroding enterprise IT’s capacity and capabilities. This creates a trend for product leaders at tech providers to create new relationships and revenue opportunities across the enterprise, including expanded provider roles within enterprise IT and the business, outcome-centric provider-enterprise relationships and enterprise-wide tier-1 relationships.

Sustainable Business Grows Up

Sustainability efforts and managing the ESG impact have been unilaterally focused on mitigating internal risk and ensuring compliance. Product leaders must evolve by embracing double materiality and holistic leverage of emerging technologies to meet sustainability objectives.

AI Safety 

Responsible AI and AI safety are not new concepts, but the unprecedented rapid development of GenAI technologies has fueled the discussion around risk management and how to address growing issues such as content provenance and hallucination. Product leaders must build solutions that incorporate safety principles with a focus on model transparency, traceability, interpretability and explainability aspects. Preempting regulatory and compliance issues will be critical to staying competitive in this vibrant GenAI market by creating trust.

Rising Buyer Pessimism 

Over the past three years, tech providers have increasingly observed negative sales pipeline effects due to new buyer behaviors that are colliding with outdated go-to-market (GTM) models. Without adapting sales and marketing approaches to detect and respond to buyer pessimism, technology providers will see their own GTM operations decline in both internal and external perspectives.

Vertical Generative AI Models

While general-purpose models perform well across a broad set of GenAI applications, they can be impractical for many enterprise use cases that require domain-specific data. Tech providers must explore industry-focused models that can be adapted to specific user requirements using available resources more efficiently. Those failing to do so will face increased costs and complexity in the creation and leverage of models.

Personalized Marketplace Experiences  

Specialized, niche, digital marketplaces are emerging to help buyers navigate the complexity of procuring, implementing and integrating solutions. Product leaders who do not offer their services through personalized digital marketplaces limit their findability for their target customers. Gartner predicts that

80% of sales interactions between suppliers and buyers will occur in digital channels by 2025.

Industry Cloud Delivers Growth

Service providers, hyperscalers, ISVs and SaaS providers are turning to vertical solutions to deliver the customer outcomes that will drive provider growth. By 2027, Gartner predicts that more than 50% of tech providers will use industry cloud platforms to deliver business outcomes, up from less than 5% in 2023.

PLG and Value Converge for Hybrid GTM

Product-led-growth (PLG) focuses on showing value to product users, creating intent signals that go-to-market (GTM) teams can use with prospective buyers. But most companies using a PLG GTM have begun to realize that, in most cases, a 100% self-serve GTM motion isn’t tenable. At some point, sellers must be involved to convert deals. Buyer needs for business value and outcome justification — for new or expansion business — will meld PLG tactics with value management and realization initiatives in hybrid GTM strategies.

Precision Marketing and Sales

Rapidly evolving technology advances, such as GenAI, digital buying and the metaverse, are changing how tech providers market and sell technology. Tech providers failing to adopt new approaches will see the erosion of overall deal quality combined with the loss of relevance and limited growth within established accounts.

Photo by Christina @ wocintechchat.com on Unsplash

ANTI-VIRUS MONTH: Establishing the best protocols for your organisation

 960 640 Stuart O'Brien
By:
0
0

At a time when cyber threats are increasingly sophisticated and pervasive, establishing robust antivirus defences is crucial for IT professionals in the public and private sectors. The right antivirus strategy can protect critical data and systems, ensuring organisational resilience and compliance with regulatory standards. Here are some top tips for IT professionals to fortify their antivirus defences…

  1. Understand Your Threat Landscape: Begin with a thorough analysis of your organisation’s specific threat landscape. Understanding the types of threats you are most likely to encounter, based on your sector and IT infrastructure, is critical for selecting the right antivirus solutions.
  2. Choose a Comprehensive Antivirus Solution: Opt for antivirus software that offers comprehensive protection. This includes not only traditional signature-based detection but also heuristic analysis, behaviour monitoring, and AI-driven threat detection. A multi-layered approach is key to defending against a wide range of threats, including viruses, malware, ransomware, and zero-day attacks.
  3. Regularly Update and Patch Systems: Ensure that all systems and software, including your antivirus solutions, are regularly updated and patched. Cyber attackers often exploit vulnerabilities in outdated software, so keeping everything up-to-date is a crucial line of defence.
  4. Implement Network Segmentation: Segmenting your network can prevent the spread of viruses if they breach your initial defences. By dividing your network into smaller, controlled zones, you can limit access to sensitive information and contain potential infections.
  5. Educate and Train Staff: Human error is a common entry point for viruses and malware. Regular training and awareness programs for staff can significantly reduce the risk of accidental breaches. Teach employees about safe browsing practices, email hygiene, and the importance of reporting suspicious activities.
  6. Regular Backups and Data Recovery Plans: Regularly back up critical data and ensure you have a robust data recovery plan in place. In the event of a virus attack, having up-to-date backups can be the difference between a minor setback and a major crisis.
  7. Use Firewalls and Email Filters: Complement your antivirus solutions with strong firewalls and email filtering systems. These can help block malicious traffic and phishing attempts before they reach your network or inboxes.
  8. Monitor Systems and Networks Continuously: Implement continuous monitoring of your systems and networks. Early detection of unusual activities can allow you to respond to threats before they cause significant damage.
  9. Conduct Regular Security Audits and Testing: Regular security audits and penetration testing can help identify vulnerabilities in your antivirus defences. These exercises can provide valuable insights for strengthening your security posture.
  10. Stay Informed About Latest Threats: The world of cybersecurity is constantly evolving. Stay informed about the latest threats and trends in antivirus defence, and be prepared to adapt your strategies accordingly.

Establishing robust antivirus defences in today’s digital age requires a comprehensive, informed, and proactive approach. By understanding the threat landscape, choosing comprehensive antivirus solutions, keeping systems updated, educating staff, and continuously monitoring and testing their systems, IT professionals in the UK can create a strong defence against a wide range of cyber threats.

Are you on the hunt for Anti-Virus solutions for your organisation? The Cyber Secure Forum can help!

Photo by Sigmund on Unsplash

How businesses can protect their most valuable asset this Data Privacy Day and beyond

 960 640 Stuart O'Brien
By:
0
0

With last weekend marking the 18th Data Privacy Day, we sat down with some of the industry’s experts to find out more about why this event is still so important and how organisations can get one step ahead when it comes to protecting their increasingly precious data. Here’s what they had to say…

Samir Desai, Vice President at GTT  

“This year’s Data Privacy Day provides us with yet another reminder of just how important it is for businesses to protect their most valuable asset. However, this is something that, unfortunately, has also never been more difficult.  

“The rapid adoption of cloud computing, IoT/IIoT, mobile devices and remote work has increased both the size and complexity of the networking landscape and cybercriminals are taking advantage of this. Alongside common threats – such as phishing – businesses today must defend against a whole new host of potential risks, such as how generative AI can potentially super-charge phishing attempts by making it easier and faster for bad actors to craft convincing content.  

“To ensure data security for cloud-based apps while still providing reliable connectivity for hybrid workplaces and remote workers, the modern enterprise needs to invest in the right solutions. This may require further collaboration with managed security and service partners to identify and implement the right technologies to protect the ever-expanding perimeter. 

“For example, a Zero-trust networking approach which also combines network security and software-defined connectivity  into a single cloud-based service experience, could be transformative. It’s ‘always-on’ security capabilities means that data is protected, regardless of where resources or end-users reside across the enterprise environment.” 

Ajay Bhatia, Global VP & GM of Data Compliance and Governance, Veritas

“Ironically, Data Privacy Day is a reminder that data privacy isn’t something a business can achieve in a single day at all. Far from that, it’s a continual process that requires vigilance 24/7/365. Top of mind this year is the impact artificial intelligence (AI) is having on data privacy. AI-powered data management can help improve data privacy and associated regulatory compliance, yet bad actors are using generative AI (GenAI) to create more sophisticated attacks. GenAI is also making employees more efficient, but it needs guardrails to help prevent accidentally leaking sensitive information. Considering these and other developments, data privacy in 2024 is more important than ever.” 

Martin Hodgson, Director Northern Europe at Paessler AG

“As our reliance on data continues to grow, protecting it and ensuring the only those who we trust have access to it has never been more important.  

 “Many businesses assume their IT infrastructure is sufficiently protected by a reliable firewall and an up-to-date virus scanner. However, cyber criminals are continually developing more sophisticated methods of accessing company systems and getting hold of sensitive data. Some of these methods – such as trojans – will often only be recognised when it’s already too late.  

“In order to get ahead and avoid the financial and reputational losses associated with such attacks, businesses need to invest in comprehensive security approaches which protect the entire infrastructure. Realtime IT Documentation alongside a network monitoring system – which enables a business to keep track of all devices and systems, regardless of location – can help to spot the early warnings signs of an attack and enable business to get on the front foot when it comes to protecting their increasingly valuable data.”   

Mike Loukides, Vice President of Emerging Tech at O’Reilly:

“How do you protect your data from AI? After all, people type all sorts of things into their ChatGPT prompts. What happens after they hit “send”? 

“It’s very hard to say. While criminals haven’t yet taken a significant interest in stealing data through AI, the important word is “yet.” Cybercriminals have certainly noticed that AI is becoming more and more entrenched in our corporate landscapes. AI models have huge vulnerabilities, and those vulnerabilities are very difficult (perhaps impossible) to fix. If you upload your business plan or your company financials to ChatGPT to work on a report, is there a chance that they will “escape” to a hostile attacker? Unfortunately, yes. That chance isn’t large, but it’s not zero. 

“So here are a few quick guidelines to be safe: 

  • Read the fine print of your AI provider’s policies. OpenAI claims that they will not use enterprise customers’ data to train their models. That doesn’t protect you from hostile attacks that might leak your data, but it’s a big step forward. Other providers will eventually be forced to offer similar protections.
  • Don’t say anything to an AI that you wouldn’t want leaked. In the early days of the Internet, we said “don’t say anything online that you wouldn’t say in public.” That rule still applies on the Web, and it definitely applies to AI.
  • Understand that there are alternatives to the big AI-as-a-service providers (OpenAI, Microsoft, Google, and a few others). It’s possible to run several open source models entirely on your laptop; no cloud, no Internet required once you’ve downloaded the software. The performance of these models isn’t quite the equal of the latest GPT, but it’s impressive. Llamafile is the easiest way to run a model locally. Give it a try

“I’m not suggesting that anyone refrain from using AI. So far, the chances of your private data escaping are small. But it is a risk. Understand the risk, and act accordingly.” 

Attila Török, Chief Security Officer at GoTo:

“As new ways of working and engaging with tech continue to expand the vulnerability landscape and create new pathways for hackers, you’d be hard-pressed to find an IT leader whose number one concern wasn’t cybersecurity. 

 “Bolstering cyber hygiene to stave off threats and protect sensitive data is a top agenda item, especially in a working world where hybrid, dispersed and remote-centric teams are commonplace. In “2024 businesses should be firing on all cylinders to scale up employee security, utilise zero trust products, continue to enforce a strong acceptable use policy (AUP), and move toward passwordless authentication. These are simple yet powerful ways we can improve and modernise current practices to ensure that cyber threats can’t breach company systems. 

“Cybersecurity is a top priority for all businesses—small and large. CTOs, working with CISOs, are responsible for protecting their business, customers, and employees from cyberattacks and data breaches. In 2024, CTOs must continue implementing robust security measures and invest in new cybersecurity technologies, including zero-trust architectures (ZTAs).”

Keiron Holyome, VP UKI and Emerging markets, BlackBerry Cybersecurity 

“AI continues to be a game-changer in data privacy and protection for businesses as well as individuals. We have entered a phase where AI opens a powerful new armoury for those seeking to defend data. When trained to predict and protect, it is cybersecurity’s most commanding advantage. But it also equips those with malicious intent. Its large scale data collection in generative business and consumer applications raises valid concerns for data and communication privacy and protection that users need to be alert to and mitigate.

“A big question at the moment is how legislation can be pervasive enough to offer peace of mind and protection against the growing generative AI threats against data privacy, while not hindering those with responsibility for keeping data safe. BlackBerry’s research found that 92% of IT professionals believe governments have a responsibility to regulate advanced technologies, such as ChatGPT…though many will acknowledge that even the most watertight legislation can’t change reality. That is, as the maturity of AI technologies and the hackers’ experience of putting it to work progress, it will get more and more difficult for organisations and institutions to raise their defences without using AI in their protective strategies.”

Photo by Jason Dent on Unsplash

Cyber Secure Forum: New name, same great concept

 960 640 Stuart O'Brien
By:
0
0

The Cyber Secure Forum, formerly known as the Security IT Summit, is specifically designed to help you build business relationships directly with pre-qualified, security buyers, via your own bespoke itinerary of 1-2-1 meetings.

All buyers attending will be looking for new suppliers for their upcoming plans and projects.

25th June 2024

Hilton London Canary Wharf

Our Event Partner Packages offer a range of benefits, including:

  • Access to pre-qualified senior delegates with active budgets
  • An itinerary of pre-scheduled 1-2-1 meetings
  • Fully furnished meeting stand (including furniture, lighting and electrics)
  • Networking opportunities throughout the event
  • Food and beverages throughout the event
  • Logo branding at event registration stand
  • Logo branding in the digital Event Guide
  • Social media promotion

Request Full Event Supplier Info

If you have any questions then you can contact Courtney Saggers here.

Access Control

If you specialise in Access Control for IT systems we want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on Cyber Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in February we’re focussing on Access Control solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Access Control solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jenny Lane on j.lane@forumevents.co.uk.

Here’s our full features list:

Feb 2024 – Access Control
Mar 2024 – Intrusion Detection & Prevention
Apr 2024 – Phishing Detection
May 2024 – Advanced Threat Dashboard
Jun 2024 – Browser/Web Security
July 2024 – Authentication
Aug 2024 – Penetration Testing
Sep 2024 – Vulnerability Management
Oct 2024 – Employee Security Awareness
Nov 2024 – Malware
Dec 2024 – Network Security Management
Jan 2025 – Anti Virus

IT Services will be largest recipient of CIO spending in 2024

 960 640 Stuart O'Brien
By:
0
0

Global IT spending is expected to total $5 trillion in 2024, an increase of 6.8% from 2023, down from the previous quarter’s forecast of 8% growth – and while generative AI (GenAI) had significant hype in 2023, it will not significantly change the growth of IT spending in the near-term.

That’s according to new analysis from Gartner, which predicts that IT Services will become largest segment of spending in this year.

“While GenAI will change everything, it won’t impact IT spending significantly, similar to IoT, blockchain and other big trends we have experienced,” said John-David Lovelock, Distinguished VP Analyst at Gartner. “2024 will be the year when organizations actually invest in planning for how to use GenAI, however IT spending will be driven by more traditional forces, such as profitability, labor, and dragged down by a continued wave of change fatigue.”

IT services will continue to see an increase in growth in 2024, becoming the largest segment of IT spending for the first time. Spending on IT services is expected to grow 8.7% in 2024, reaching $1.5 trillion (see Table 1). This is largely due to enterprises investing in organizational efficiency and optimization projects. These investments will be crucial during this period of economic uncertainty.

“Adoption rates among consumers for devices and communications services plateaued over a decade ago. Consumer spending levels are primarily driven by price changes and replacement cycles, leaving room for only incremental growths, so being surpassed by software and services was inevitable,” said Lovelock. “Enterprises continue to find more uses for technology – IT has moved out of the back office, through the front office and is now revenue producing, until there is a plateau for how and where technology can be used in an enterprise, there cannot be a plateau in enterprise IT spending.”

Table 1. Worldwide IT Spending Forecast (Millions of U.S. Dollars) 

  2023 Spending 2023 Growth (%) 2024 Spending 2024 Growth (%)
Data Center Systems 243,063 7.1 261,332 7.5
Software 699,791 -8.7 732,287 4.6
Devices 913,334 12.4 1,029,421 12.7
IT Services 1,381,832 5.8 1,501,365 8.7
Communications Services 1,440,827 1.5 1,473,314 2.3
Overall IT 4,678,847 3.3 4,997,718 6.8

Source: Gartner (January 2024)

The overall IT spending growth rate for 2023 was 3.3%, only a 0.3% increase from 2022. This was largely due to change fatigue among CIOs. Momentum will regain in 2024, with overall IT spending increasing 6.8%.

Even with the expected regained momentum in 2024, the broader IT spending environment remains slightly constrained by change fatigue. Change fatigue could manifest as change resistance — with CIOs hesitating to sign new contracts, commit to long-term initiatives or take on new technology partners. For the new initiatives that do get launched, CIOs require higher levels of risk mitigation and greater certainty of outcomes.

ANTI-VIRUS MONTH: Moving from reactive to proactive measures

 960 640 Stuart O'Brien
By:
0
0

In the UK as with anywhere in the world, the commercial and public sectors are constantly under the threat of cyber-attacks, making robust cybersecurity measures, including anti-virus solutions, essential. Over the years, approaches to anti-virus measures have evolved significantly among cybersecurity professionals. This evolution is driven by the changing nature of cyber threats, technological advancements, and the need for more comprehensive security strategies.

Traditionally, anti-virus measures in the UK’s commercial and public sectors were largely reactive. Organisations would deploy standard anti-virus software that primarily relied on signature-based detection to identify and remove known malware. This method was effective against common viruses but struggled to keep pace with the rapidly evolving landscape of cyber threats, particularly those not yet known or identified.

The rise of sophisticated cyber threats, including zero-day exploits, ransomware, and advanced persistent threats (APTs), has necessitated a more proactive and multi-layered approach to anti-virus measures. Cybersecurity professionals now recognise that a single line of defence is insufficient. As a result, there is an increased focus on deploying a combination of traditional anti-virus software with more advanced tools like behavioural analytics, machine learning algorithms, and heuristic-based detection.

Behavioural analytics has become a cornerstone in modern anti-virus strategies. Unlike traditional methods, it does not rely solely on known virus signatures. Instead, it monitors the behaviour of applications and files, flagging any activity that deviates from the norm. This approach enables the detection of malware that might otherwise evade signature-based detection systems.

Machine learning and AI have also been game-changers in anti-virus measures. These technologies allow cybersecurity systems to learn and evolve, improving their ability to detect new and sophisticated threats. By analysing vast datasets, machine learning algorithms can identify patterns and anomalies indicative of cyber threats, enhancing the overall effectiveness of anti-virus measures.

Another key development is the integration of anti-virus measures with wider cybersecurity frameworks. Cybersecurity professionals now emphasise the importance of a holistic security posture that includes network security, endpoint protection, employee training, and robust incident response plans. This integrated approach ensures that anti-virus measures are part of a comprehensive defence strategy, rather than a standalone solution.

Furthermore, the increasing adoption of cloud-based anti-virus solutions reflects a shift towards more flexible and scalable security models. Cloud-based solutions offer the advantages of real-time updates, global threat intelligence, and reduced reliance on local system resources. They also enable more efficient management of anti-virus measures across distributed organisational networks.

In conclusion, the approach to anti-virus measures among the UK’s commercial and public sector cybersecurity professionals has evolved from a reactive, signature-based model to a more proactive, layered, and intelligent strategy. By leveraging advanced technologies and integrating anti-virus measures into broader cybersecurity frameworks, these professionals are better equipped to protect their organisations against an ever-changing landscape of cyber threats.

Are you on the hunt for Anti-Virus solutions for your organisation? The Cyber Secure Forum can help!

Photo by Michael Geiger on Unsplash

Access online courses to boost your cybersecurity skills

 960 640 Stuart O'Brien
By:
0
0

We have a wide selection of online courses tailored specifically for the IT security sector, enabling you to both amass new skills and improve existing ones in 2024 and beyond – start learning today!

The IT and Personal Development online learning bundle provides you with over 50 courses, which cover all areas of both professional and personal development:

  • CSS Certification Level 1
  • HTML 5 Certification Level 2
  • Introduction to Cloud Computing Certification
  • IT Security Certification
  • Website Development Foundations Certification
  • WordPress Certification
  • How to Handle Criticism at Work Certification
  • How to Improve Your Mental Health Certification
  • Building Your Confidence and Self-Esteem Certification
  • Managing Teams Certification
  • Master Planning Certification

And many more! Find out more and purchase your online bundle here For just £99 +vat (usually £149), you can share the courses with your colleagues over a 12-month period. Additionally, there are a variety of bundles available on all spectrums;

  • Personal & Professional Development
  • Healthcare
  • Sports & Personal Development
  • Human Resources
  • Customer Services
  • Health & Safety
  • Education & Social Care Skills
  • Sales & Marketing
  • IT & Personal Development

Book your courses today and come out of this stronger and more skilled!

Is generative AI the next big cyber threat for businesses?

 960 640 Stuart O'Brien
By:
0
0

By Robert Smith, Product Manager, Cyber Security at M247

Unless you’ve been living under a rock over the past twelve months, you will have heard all about ChatGPT by now.

A shorthand for ‘Chat Generative Pre-Trained Transformer’, the smart chatbot exploded onto the tech scene in November last year, amassing 100 million users in its first two months to become the fastest growing consumer application in history. Since then, it has piqued the curiosity of almost every sector – from artists and musicians to marketers and IT managers.

ChatGPT is, in many ways, the poster child for the new wave of generative AI tools taking these sectors by storm – Bing, Google’s Vertex AI and Bard, to name a few. These tools’ user-friendly interfaces, and ability to take even the most niche, specific prompts, and convert them into everything from artwork to detailed essays, have left most of us wondering: what is next for us, and more specifically, what is next for our jobs? So much so that a report released last year found that nearly two thirds of UK workers think AI will take over more jobs than it creates.

However, while the question around AI and what it means for the future of work is certainly an important one, something that is too often overlooked in these discussions is the impact this technology is currently having on our security and safety.

The threat of ‘FraudGPT’

According to Check Point Research, the arrival of advanced AI technology had already contributed to an 8% rise in weekly cyber-attacks in the second quarter of 2023. We even asked ChatGPT if its technology is being used by cyber-criminals to target businesses. “It’s certainly possible they could attempt to use advanced language models or similar technology to assist in their activities…”, said ChatGPT.

And it was right. Just as businesses are constantly looking for new solutions to adopt, or more sophisticated tools to develop that will enhance their objectives, bad actors and cyber-criminals are doing the same. The only difference between the two is that cyber-criminals are using tools such as AI to steal your data and intercept your devices. And now we’re witnessing this in plain sight with the likes of ‘FraudGPT’ flooding the dark web.

FraudGPT is an AI-powered chatbot marketed to cyber-criminals as a tool to support the creation of malware, malicious code, phishing e-mails, and many other fraudulent outputs. Using the same user-friendly prompts as its predecessor, ChatGPT, FraudGPT and other tools are allowing hackers to take similar shortcuts and produce useful content in order to steal data and create havoc for businesses.

As with any sophisticated language model, one of FraudGPT’s biggest strengths (or threats) is its ability to produce convincing e-mails, documents and even replicate human conversations in order to steal data or gain access to a business’ systems. Very soon, it’s highly likely that those blatantly obvious phishing e-mails in your inbox may not be so easy to spot.

And it doesn’t stop there. More and more hackers are likely to start using these AI-powered tools across every stage of the cyber ‘kill chain’, leveraging this technology to develop malware, identifying vulnerabilities, and even operate their malicious attacks. There are already bots out there that can scan the entire internet within 24 hours for potential vulnerabilities to exploit, and these are constantly being updated. So, if AI is going to become a hacker’s best friend, businesses will need to evolve and adopt the latest technology too, in order to keep pace with them.

What can businesses do?

To start with, IT managers (or whoever is responsible for cyber-security within your organisation) must make it their priority to stay on top of the latest hacking methods and constantly scan for new solutions that can safeguard data.

Endpoint Threat Detection and Response (EDR) is one great example of a robust defence businesses can put in place today. EDR uses smart behavioural analysis to monitor your data and the things you usually do on your devices, and can therefore detect when there are even minor abnormalities in your daily activities. If an EDR system detects that an AI has launched an attack on your business, it can give your IT team a heads up so they can form a response and resolve the issue. In fact, most cyber insurers today insist that businesses adopt EDR as a key risk control before offering cover.

Cyber-security providers, such as Fortinet and Microsoft, have already begun incorporating AI into their solutions, too, but making sure you have the latest machine learning and AI (not just simple, predictive AI) operating in the background to detect threats will give your business the upper hand when it comes to hackers.

And finally, educate your workforce. Although many are worried that AI will overtake us in the workplace and steal our jobs, it’s unlikely the power of human intuition will be replaced anytime soon. So, by arming your team with the latest training on AI and cyber-threats – and what to do when they suspect an AI-powered threat is happening – you can outsmart this new technology and keep the hackers at bay.

NETWORK SECURITY MONTH: A decade of evolution to combat networking threats

 960 640 Stuart O'Brien
By:
0
0

In an era marked by sophisticated cyber threats, corporate cybersecurity professionals have had to evolve their strategies and technologies to protect organisational assets effectively. Here we delve into the key developments that have shaped IT network security management for cybersecurity professionals over the last decade, informed be attendees at the Security IT Summit…

1. From Perimeter Defence to Layered Security

Traditionally, network security focused on perimeter defence, akin to a fortress with strong walls. However, this approach has shifted due to the rise of cloud computing, mobile computing, and the Internet of Things (IoT), which have expanded the corporate network beyond traditional boundaries. The modern approach is layered security, also known as defence in depth, where multiple layers of security controls are deployed throughout the IT network. This method ensures that even if one layer is breached, others are in place to protect the network.

2. The Adoption of Advanced Threat Detection Technologies

The last decade has seen a surge in the adoption of advanced threat detection technologies. Tools such as Intrusion Prevention Systems (IPS), advanced malware protection, and anomaly detection systems have become standard. These technologies employ artificial intelligence (AI) and machine learning algorithms to detect and respond to threats in real-time, a significant leap from the traditional, signature-based antivirus and anti-malware software.

3. Emphasis on Network Segmentation

Network segmentation, the practice of splitting a network into subnetworks, has become increasingly popular. This approach limits the spread of cyber-attacks within networks. By segmenting networks, cybersecurity professionals can apply more stringent security controls to sensitive areas, thus reducing the attack surface.

4. Rise of Zero Trust Security Models

The concept of ‘Zero Trust’ has gained traction, fundamentally altering how network access is managed. Under a Zero Trust model, trust is never assumed, regardless of whether the user is inside or outside the network perimeter. This necessitates rigorous identity and access management (IAM) strategies, including multi-factor authentication (MFA) and least privilege access controls.

5. Increased Focus on Compliance and Regulatory Requirements

There has been an increased emphasis on compliance with legal and regulatory standards, particularly with the introduction of the General Data Protection Regulation (GDPR) in the EU. UK businesses have had to ensure that their network security practices comply with GDPR and other regulations, mandating a more rigorous approach to data security and privacy.

6. Integration of Security Information and Event Management (SIEM) Systems

SIEM systems have become a cornerstone of network security, providing a holistic view of an organisation’s security posture. These systems aggregate and analyse data from various sources within the network, enabling cybersecurity professionals to detect patterns and signs of malicious activity more effectively.

7. The Importance of Employee Training and Awareness

Finally, there is a growing recognition of the role of human error in network security breaches. As a result, there has been a concerted effort to enhance employee cybersecurity awareness and training. Regular training sessions, simulations, and awareness campaigns are now common, reducing the likelihood of breaches caused by employee negligence or error.

In conclusion, the evolution of IT network security management in the UK has been marked by a transition from traditional perimeter-based defence to more sophisticated, multi-layered approaches. Today’s cybersecurity professionals must navigate a complex landscape of advanced threats, regulatory requirements, and rapidly changing technologies. By adopting a more holistic, proactive, and adaptive approach to network security, they can better protect their organisations in an increasingly interconnected world.

Are you on the hunt for network security solutions? The Security IT Summit can help!

Photo by JJ Ying on Unsplash