Technology and cyber security have become intertwined with society and how people conduct their day-to-day lives. Whether this is at a macro level of geopolitical instability and the continued digitisation of the global economy or the rapidly emerging and maturing technologies that individuals rely upon for communication, shopping, transportation, health, relaxation, learning, finance and countless other uses, cyber security has a real-world impact.
Malicious and nefarious activity has existed throughout human history, with the digital world just the latest hunting ground for organised and opportunistic criminals seeking an unfair and often illegal advantage.
The Ever-Evolving Landscape of Cyber Threats
Since its inception, the World Economic Forum Centre for Cybersecurity has identified building cyber resilience globally as a key priority. Resilience is the quest for organisations to address any pre-existing cyber security technical debt and build sustainable cyber security practices to prepare them for future challenges and opportunities.
As we look to the future, I believe we will see how society interacts with technology change, impacting not just cyber security but the general concept of work. Automation, tooling, and hybrid human/machine working have already entered most industries. Automation can enable increased efficiencies and improved profitability, but more generally, the pace of technological change is accelerating. How people and businesses leverage this paradigm shift will be critical to society’s future.
The evolution of industry described in the progression through Industry X.0 concepts continues to be something organisations and regulators seek to understand and embrace. Industry 4.0 focused on the emergence of cyber-physical systems, IoT and advances in machine learning. Industry 5.0 describes the shift to human-machine collaboration and cognitive systems but, perhaps more importantly, the shift from economic value to a focus on the role and contribution of industry to society. Therefore, with this change in how individuals and organisations interact, cyber security will remain a critical part of the balance between innovation and resilience, as well as opportunity and threat.
Harnessing AI and Industry Evolution: Balancing Innovation with Resilience
Artificial Intelligence will change the way that training, processes, and workstreams operate within businesses, and organisations can leverage this to improve productivity. Equally, malicious threat actors will use the technology to achieve their goals.
There is an arms race of the evolving technologies’ positive and negative applications, including AI. We have seen the massive leaps forward in anomalous behaviour detection, threat intelligence and analytics across the whole gamut of cyber security tooling, including managed detection and response, vulnerability and exposure management, threat intelligence, governance, risk and compliance and supply chain risk, amongst many others. However, we have also seen a rise in malicious use cases, such as using AI to help craft far more effective and tailored social engineering, such as phishing campaigns. Deep fakes have been used to trick people into believing they were on a video conference call with colleagues and transferring money fraudulently to the attacker’s account, believing it to be a legitimate business request.
Equally legitimate, positively intended uses of AI create unforeseen business risks. For example, AI is potentially subject to human-like manipulation based on the veracity and persistence of the input instructions. Risks such as hallucination of accurate responses, data poisoning of the requests to impact innocent bystanders and technology creating false policies that organisations will be legally obligated to uphold are not some science-fiction risks of the machines of the future but real threats, risks, and issues we observe today.
We will see countless positive leaps forward as we embrace future technology, but with it will come unforeseen advances and threats that we have yet to consider. The concept of identity verification through interaction with an AI, where we still rely on the concept of something secret being shared in order to verify you are who you say you are, is put at risk as the amount of data each person has on them grows rapidly but is more easily consumed by the technology of the future at a pace almost unfathomable today. 90% of the world’s data was created in the last two years. And every two years, the volume of data across the world doubles in size. Protecting private information in that growth of creation and ability to consume is a challenge society faces when we might rely on that privacy to authenticate or verify important actions.
Conclusion
I believe we will see a blended augmentation of humans and machines where there is likely to be a shift in the type of jobs people have, but leveraging AI as an accelerator for the complex roles humans can do and the abstract thinking that we are still good at. Equally, it requires a continued focus on the diversity of those working within the field of cyber security in order to ensure we solve problems from a broad range of perspectives.
As we look to the technology of the future, organisations must ready themselves through awareness and preparation to balance the value of the new technology against the cyber risk that comes with it.
Contact our consultants to discuss your cyber security requirements or get advice.
