EDITOR ’ S question he field of Artificial Intelligence ( AI )
T is growing exponentially and , while it ’ s an exciting time for this new and evolving technology – with many cutting-edge and positive use cases – it ’ s also important to remember that threat actors are harnessing AI for more nefarious reasons . Because of AI ’ s ability to collect , analyse and interpret large amounts of data , threat actors are able to scale their operations to hunt for and exploit vulnerabilities in code , applications and infrastructure .
As a result , organisations in the technology , media and telecommunications ( TMT ) sectors are grappling with many of the same challenges as other markets in the face of AI , and they need to be quicker than ever at remediating those vulnerabilities . Organisations have to embrace AI and match the vigour with which adversaries are investing and utilising it .
Here are a few tips for TMT ’ s to enhance their cyber-resilience :
Address supply chain risk
Companies need to enhance their vulnerability management programmes . Additionally , they need to be better at addressing supply chain risk and must get better at classifying and categorising what data their vendors and partners have access to and how they access that data .
Invest in people
Though it may seem counterintuitive , the AI problem can and must be solved by humans . TMT organisations need to better prepare their employees to meet the growing tide of challenges presented by this technology . There ’ s a real skills gap when it comes to AI , and organisations in the TMT sector must improve their recruiting practices and hire experts in this field .
Additionally , employees need to be on the lookout for social engineering attacks perpetrated with the help of AI . Threat actors are now leveraging AI to make it more difficult to detect social engineering attacks . One such attack is called SIM-swapping , where threat actors bribe telecom company employees to change SIM numbers on a phone . Once this happens , the threat actor will receive all SMS and calls intended for the victim .
Protect critical infrastructure
The TMT sector encompasses large portions of critical infrastructure . As individual threat actors and nation-state attackers continue to operationalise AI , critical infrastructure will be in their crosshairs . The TMT sector must improve its detection and response tools and processes so that , as these attacks become more and more ‘ AI-powered ’, our nation ’ s critical assets are better protected .
Though it may seem counterintuitive , the AI problem can and must be solved by humans .
STEVE COBB , CHIEF INFORMATION SECURITY OFFICER , SECURITYSCORECARD
WWW . INTELLIGENTCISO . COM 29