Uncertainty Does Not Equal Chaos: Revisiting Cybersecurity Fundamentals in the Age of AI
Louis Arthur-Brown
Solutions Partner | MBCS | Cloud PC Evangelist | Cyber Security, Microsoft Cloud, AI & Copilot
Whatever your opinion on AI is, be it optimistic & positive, or pessimistic & negative, it is generally agreed upon that AI is going to be something more than just a passing fad. The current problem is that we don't yet know how to properly apply 'AI' to our businesses to begin reaping the rewards, beyond a few isolated use cases, and a general sense of some productivity gains which Microsoft 365 Copilot and a few other product integrations have already shown us.
Some recent fads which were toted as the next big thing were quite obviously not going to deliver on it's promises - taking the 1st iteration of Metaverse as a great example - it was good in principle, but nobody is realistically going to pull an 8hr working day completely immersed in a chunky and sweaty VR headset, talking to a cartoon Avatar while on the top of Mt Everest. Generally we all realised this was largely hype from the off despite some efforts from companies like Meta who attempted to convince us otherwise. (NB, I am not against VR, I just believe XR/AR will have much more success for actual business use cases).
Back on topic, either way, the cold, hard fact is that the application of AI is nascent. While what is referred to as 'AI' has been around for a long time now, we are only just beginning to witness the capabilities of these models, and we are in our infancy of trying to apply these to our businesses to realise compelling productivity or fiscal gains which we are all excited about.
In this new AI era, the cybersecurity landscape is experiencing unprecedented changes. AI is a tool which can be used for both good and bad purposes, and just like a conventional war does to the advancement of technology, so will AI's use in the current cyber-war effect the paradigm of cyber defense.
As leaders in IT and cybersecurity, we must navigate this uncertainty without succumbing to chaos, or being caught up in the hype.
AI: A Double-Edged Sword
AI's capabilities in automating threat detection by integrating into SIEM/SOAR, predicting potential breaches with it's involvement in Threat Modelling, and augmenting human efforts will undoubtedly revolutionise cybersecurity. Sticking with the war analogy, it is best to fight fire with fire, so the ability to defend at machine speed is absolutely required, even today.
Luckily, this is happening already with some excellent advancements from vendors like Microsoft, with their Security Copilot, and from CrowdStrike with their next-gen SIEM and Charlotte AI.
However, these advancements come with the risk of these AI systems being exploited, in ways which we cannot yet imagine or anticipate. I recall an example that I experienced first hand, with Microsoft 365 Copilot, where a process separate to the LLM inserted emojis into responses to make it feel more friendly. However, by engineering a prompt to effectively say to the LLM that emojis will cause the user harm, the LLM 'saw' the emojis being added anyway, and assumed that it has inserted them, and began maliciously inserting emojis by itself in an attempt to 'hurt' the user. This of course wasn't the fault of the LLM - as it was of course complying with the general logic of the original intent - and has since been patched.
There are going to be more examples of unintentional actions or omissions like this, of which bad actors can exploit - until of course it is remedied by the LLM providers.
With all of the above in mind, AI is creating a dynamic threat environment that is both unpredictable and complex, and requires the appropriate mindset to help protect users and organisations.
How to defend against such a threat? Reaffirm your Cyber Fundamentals.
By bolstering the fundamentals of cyber security, this can help you defend against the majority of all currently known cyber attacks, and by applying this logic and giving your users the necessary training and tools to help highlight these cases, you can help protect against emerging threats effectively.
This includes the basics like;
领英推荐
The use of MFA on your accounts [alone] makes your accounts 99% less likely to be hacked.
from CISA.gov
(It doesn't sound correct does it, 99% protected just be enforcing MFA? However, this is very much the case - and when you layer in the other items above you do end up around the 98% mark for applying basic cyber security hygiene. Don't just take my word for it - Basic cyber hygiene prevents 98% of attacks - Microsoft Community Hub)
Facing the Future with Confidence
Navigating the uncertainties of the AI-driven cybersecurity landscape is almost certainly a topic on every board's agenda, but by reviewing the foundations on which your cyber security posture resides can yield some fantastic security gains, with relatively little effort.
Users are absolutely the key to preventing current and emerging threats, as they are ultimately the first - and last - line of cyber defence.
A supporting culture of cyber awareness and proactive training & testing is now - in my humble opinion - where the majority of effort needs to be spent. This brings about other challenges, and the necessity to better align business functions with IT; however, if you have ever been on the receiving side of a successful breach, then you will see a co-operation and alignment between all stakeholders and functions like never before.
DO NOT wait to be breached, take the proactive step now to engage your IT department, or trusted IT partner to undertake awareness training, or perform a social engineering activity to engage your users - and your stakeholders.
The more visible IT is in your organisation, the more likely you are to have buy in for constructing or maintaining the necessary cyber defence.
I hope this article was food for thought and invoked a sense of action that is required to help secure your organisation. Please feel free to DM me with any questions!
Good luck on your cyber journey!