Solutions
AI is dominating the cybersecurity market - both in terms of more advanced, sophisticated threats,
as well as vendors are leveraging the rapidly evolving technology to fight the next generation of
attacks.
At e92plus, we're bringing together some of the key vendors who are investing in AI technology, as
well as being at the forefront of the fight where AI is used as a core part of produced more
advanced phishing attacks, malware and expotentially increasing the scale of the assault on our
networks, applications and users.
Microsoft 365 Copilot — the new AI-powered productivity tool — is transforming daily workflows.
However,
organizations must understand that it has access to the vast amount of data that users generate and
access every day across Microsoft 365. Therefore, before Copilot deployment, it’s vital to address
key
security vulnerabilities like inadequate data access controls, excessive permissions and
unidentified
sensitive data, all of which increase your risk of data breaches and compliance issues.
What might the risks look like?
What might the risks look like?
- Improper permissions — Copilot relies on the Microsoft 365permissions already assigned, so if they’re not set up correctly, sharing sensitive information can quickly spiral out of control, resulting in data breaches and hefty compliance fines.
- Inaccurate data classification — Copilot has inherits the sensitivity labels assigned to protect data. Again, data is at risk from inaccurate labels – and data classification is often inconsistent and incomplete. For example, manual labelling is highly prone to human errors, and Microsoft labelling technology is limited to specific types of files.
- Copilot-generated content — The greatest challenge is for new documents, which doesn’t carry labels or categorisation. This means that new documents containing sensitive data could be shared with unauthorized users. Ensuring these documents are properly classified is a challenge, due to the sheer volume of content that Copilot can produce.
Badly written phishing emails have always been good for a laugh – but they remain incredibly
powerful
and effective, demonstrated by their continued existence. And yet the quality, sophistication and
personalisation has continued to improve in parallel to improved security, with the best often
evading
multiple layers of technology. That dangerous trend has been accelerated by AI – through greater
automation, through improved translation into other languages (so foreign attackers aren’t let down
by
poor English, or where more countries now become targets without the need for a local speaker),
deepfake
technology improves and silly mistakes become eliminated.
The reverse side is, of course, the ability for AI to compliment and strengthen our defences. The sheer scale of phishing emails (estimated at 3.4 billion a day) means that being able to leverage AI means not just a quicker response when identifying patterns and suspicious activity, but able to using the scale of threat as a weapon by turning that into an intelligence source for the AI to learn from.
For cybersecurity teams, the solution is being able to combine AI with human intelligence. The sheer speed at which new threats arrive makes it impossible to rely on people or even patterns, behaviour or algorithms – 88% of new threats each year have never been before, and 50% of all attacks bypass legacy email gateways.
The threat of AI, however, is not just confirmed to the potential for damaging, more advanced malware (although that’s a big concern) – it’s also around privacy concerns and the use of data that could be even be used as part of legitimate processes and tools, and the interaction of users with AI – such as phishing emails.
The reverse side is, of course, the ability for AI to compliment and strengthen our defences. The sheer scale of phishing emails (estimated at 3.4 billion a day) means that being able to leverage AI means not just a quicker response when identifying patterns and suspicious activity, but able to using the scale of threat as a weapon by turning that into an intelligence source for the AI to learn from.
For cybersecurity teams, the solution is being able to combine AI with human intelligence. The sheer speed at which new threats arrive makes it impossible to rely on people or even patterns, behaviour or algorithms – 88% of new threats each year have never been before, and 50% of all attacks bypass legacy email gateways.
The threat of AI, however, is not just confirmed to the potential for damaging, more advanced malware (although that’s a big concern) – it’s also around privacy concerns and the use of data that could be even be used as part of legitimate processes and tools, and the interaction of users with AI – such as phishing emails.
The potential AI has undoubtedly gripped the public’s imagination, and that’s certainly reflected in
many organisations as well – with 69% of organizations officially adopting generative AI tools. But
in
cybersecurity, that’s balanced with the risks that AI brings.
The pace of change is arguably the biggest challenge, with new tools being created by bad actors that leverage the AI advances and take the technology in new directions – as well as bringing unparalleled scale to their operations. This increasingly looks like meaning an AI arms race, with an increased focus from cybersecurity teams on prevention to avoid constantly being on the back foot.
Highlights from the recent survey of global CISOs include:
The pace of change is arguably the biggest challenge, with new tools being created by bad actors that leverage the AI advances and take the technology in new directions – as well as bringing unparalleled scale to their operations. This increasingly looks like meaning an AI arms race, with an increased focus from cybersecurity teams on prevention to avoid constantly being on the back foot.
Highlights from the recent survey of global CISOs include:
- 69% of organizations have adopted generative AI tools as part of their daily practice.
- 70% of security professionals say generative AI is positively impacting employee productivity and collaboration.
- 63% state the technology has improved employee morale
Despite the incredible pace of growth and change with AI, it’s essential organisations build a
strategy
– for both defending against AI threats, and how to harness the power of AI in their own defences.
Research from ESG highlights that improving basic hygiene, processes and training are the biggest
priorities ahead of the most advanced tools that AI can support – and shows how AI can be used to
replace more basic tasks, and that our own understanding and intelligence can continue to be where
the
greatest value lies for cybersecurity teams.
At present, many GenAI tools can call on a wealth of information and data, but activity is based on that – reproducing and analysing at scale, but tied to that historical context. This more linear approach than true AI makes it easier to build appropriate defences, especially when being able to collate threat intelligence from multiple sources (you can read more examples here.
One big opportunity around AI is the ability to develop bespoke applications, in particular Copilots. When designed for the cybersecurity solutions, they help automate processes and perform common admin tasks, so allowing staff to focus on more high value activities. For example, applying rules or signatures across multiple devices and locations, or deploying updates or policy changes, as well as using playbooks for automated responses in the event of an incident or alert.
At present, many GenAI tools can call on a wealth of information and data, but activity is based on that – reproducing and analysing at scale, but tied to that historical context. This more linear approach than true AI makes it easier to build appropriate defences, especially when being able to collate threat intelligence from multiple sources (you can read more examples here.
One big opportunity around AI is the ability to develop bespoke applications, in particular Copilots. When designed for the cybersecurity solutions, they help automate processes and perform common admin tasks, so allowing staff to focus on more high value activities. For example, applying rules or signatures across multiple devices and locations, or deploying updates or policy changes, as well as using playbooks for automated responses in the event of an incident or alert.
We’d love to hear from you – and you can get in touch with us on the phone, in person or across
many
different digital channels.
