As I write this blog there are currently hundreds of millions and potentially billions of cyber-attacks happening every single day. The current estimation for global cost from cyber-attacks is set to be around twenty-three trillion by 2027. These are unprecedented numbers, and we can probably expect to see those numbers rise as time goes on.
A World Under Constant Attack
There are many different types or ways for a cybersecurity attack to occur. Some common threat vectors would be Ransomware or Malware, Social Engineering, Phishing, Denial of Service, Zero Day exploits and more. Zero-day attacks will occur, and companies must be prepared to handle the situation accordingly and in a timely manner. Ransomware is likely still the biggest risk of all in terms of damage, attack, and threat. While things like social engineering and phishing could still be as risky, these types of attacks could potentially occur more regularly than a ransomware attack. Whether this comes through as an email or text message or phone call, everyone must continue to be alert and aware and trained in how to deal with these potential threats. All these threat vectors are further enhanced using AI.
The Rise of AI in Cybersecurity
With the advancement of AI, we can expect that both attackers and defenders have been using AI to help their cause, good or bad. A hot topic in the cybersecurity world is Generative AI, or GenAI. GenAI is artificial intelligence (AI) that can create original data such as text, image, video/audio, and even software code in response to what a user would prompt or request. GenAI is heavily dependent on sophisticated machine learning algorithms. These algorithms or models simulate the decision-making process and learning process similar to how a human brain would. GenAI must be built and maintained, it must be trained and tuned and continually improved upon based on new data. With GenAI it is possible that cyberattacks will become more aggressive or potent. Companies will face a wider attack surface because of these advancements. But this also means the defenders gain access to more enhanced tools.
As defenders, it is possible to use GenAI to do things like predict threats and vulnerabilities ahead of time, increase the scale of security patching, create more efficient incident response plans, threat simulation, automating security information and event management systems (SIEM), and much more.
Attackers can also create or access this type of AI and are using it in all types of nefarious ways. Criminal actors are exploiting GenAI to automate and scale social engineering efforts, producing more realistic convincing phishing attacks along with deepfake audio and video as well as completely falsified documentation. These methods are becoming more resilient to typical detection systems and the human eye. This will be a constant back and forth arms race between attackers and defenders for the foreseeable future.
The advancement in AI also could lead to the increased likelihood of false positives and false negatives. It also speeds up the spread of misinformation which works to complicate the jobs of defenders or companies who are trying to uphold Confidentiality, Integrity and Availability.
Companies must continue to be aggressive in their defenses used to safeguard the operation, business, organization. Even doing the small things to secure a business can go a long way in the constant fight against cybercrime. Ensure all business systems are hardened and safe guarded, operate on the principle of least privilege and audit all systems to ensure users, devices, and data is secure. Multi-factor authentication and password protection should be a key foundation in all security practices. Every device, endpoint, system, user, employee could potentially be the subject of an attack.
Our Approach at EDX Wireless
At EDX Wireless, cybersecurity is a core operational priority and principle. We have implemented disciplined controls across our systems, data, and infrastructure, including access management, system hardening, and continuous monitoring aligned with industry best practices. We are also advancing toward ISO-aligned security frameworks and achieving the ISO 27001 certification. The ISO 27001 is an industry recognized security framework that companies can work towards to show their level of cyber security/resiliency. Along with strengthening governance, processes, and risk management to ensure a resilient and trusted platform for our customers. At EDX Wireless we will continue to strive towards improving our cyber security posture and maintaining and updating our security management systems.
Cybercriminals do not discriminate against targets or methods used. Something as small as a personal cellphone with company access could become compromised. If the compromised device is left undetected, the criminal may choose to wait and exfiltrate information or find the optimal time to strike. Maybe the compromised phone is used to elevate privileges for different users or even delete users entirely. There could be many different ways a criminal could take a compromised phone or device or employee and use or exploit them to the criminal’s advantage. There has been a change in the cybercriminal atmosphere as an increasingly large number of younger actors are actively pursuing disruption for companies along with status gained from within the criminal ecosystem. They gain status by making their attacks public or leaking stolen data or even sharing screenshots/records of the activity on social media platforms.
The 7 Pillars of Cyber Resilience
Companies should do all they can to try and improve their cyber resiliency. Cyber resiliency can be defined as the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attack, or compromises on systems that use or are enabled by cyber resources. Cyber resiliency is intended to enable mission or business objectives that depend on cyber resources to be achieved in a contested cyber environment. Cyber resilience can be broken down into 7 fundamental pillars to manage. Those pillars being: leadership, governance, risk, and compliance, people and culture, business processes, technical systems, crisis management, and Ecosystem management. A cyber resilient company will understand how important these pillars are and actively work to improve security, training, and posture for each.
This topic not only applies to companies and organizations, but also on an individual or personal level. If an individual wants to increase their cyber security posture they should work to harden systems, maintain and update good cybersecurity practices, and continue learning. A company should do all they can to have proper cybersecurity, but an individual person whether in said company or not should still try to have proper cybersecurity as well. This is an ongoing battle for everyone and all we can do is continue to work together for the betterment of cybersecurity
This makes it more important now than ever, to secure your Business, Data, and possibly your entire cyber world.
