With the growing adoption of AI to handle Big Data, attackers will be the flip side of the coin using AI to deliver attacks. The very intelligence that is used to manage and manipulate data could also be able to be tweaked to carry out malicious attacks on the ocean of data out there. Yes many cybersecurity vendors too have identified this and many too have claim to have adopted AI to automate the prevention, detection and radiation from malicious AI activity. But the question is who can make a more intelligent AI?
Cloud adoption is seeing a constant and upstream growth. With many new players joining the fray, it seems that there are no stopping organisations of all sizes, from all verticals, to move rapidly in transforming the old school on premise infra to a hybridised version leveraging on the scalability, flexibility and “less hassle to maintain hardware ideology” of the cloud.
With the increasing amount of data deployed in the Cloud, it is alarming to observe that majority of the organisations still do not have good housekeeping and measures made to their data estate in the cloud.
After the highly publicised “WannaCry”, “NotPetya” and “BadRabbit” attacks in 2017, many organisations thought that when they manage to survive it with no 2018 malware seeming to receive the same amount of spotlight.
The hard truth of the matter is ransomware, cryptojacking, trojans and VPN filters are still rampant and active. Many threat intelligence and monitoring from major vendors are still seeing a relentless wave after wave of attacks happening on a continual basis. Just as zero day detection had seen vast improvements, but many organisation still rather not use such solutions often citing the high level of false-positives and high costs.
Yes there are improvements made in Zero-Day attack detection, but did you know that the sophistication of such Zero-day attacks are also seeing improvements with the assistance of AI?
Psst…..Do you know that DDoS is still prevalent and is increasing in volume? Yes, you may not see as much buzz about DDoS in the press, but it is known to some that many of these very persistent attacks still haunt many big organisations who rather keep it under wraps. Many organisations rather quietly try to mitigate and remediate these attacks, as having to publicly fall victim to such attacks would only publicise their shortcomings but to participate in firefighting protocols to seek immediate assistance only to realise that as these attacks often affects their online presence, and even when such attacks may be purely be an act of mischief, a website that cannot be reach, may often result in loss of revenue in a world where online transactions are starting to be a norm for consumers to make purchases online.
Attack vectors continue to shift and evolve with speed. Users from all levels are seeing the need to include cyber hygiene practices in their work flow. With the advent of GDPR, many organisational leaders are starting to be aware that when it comes to protecting their data estate, the users within the organisation would probably be their weakest link. From insider threats from current and ex-staff, to lack of cyber awareness from lack of training, these problems many IT managers argued to have more inclination towards being a HR problem is undisputedly also an IT problem when looking from another perspective. It only shows that how technology had been infused into our working society that a holistic approach across all working levels in an organisation and proper awareness training and cyber hygiene should be enforced and practiced by every single human asset across the entire organisation.
Original Article Can Be Found HERE!!!