As organizations become more reliant on technology, it is inevitable that cybersecurity vulnerabilities will continue to be one of the leading global threats. The increased use of AI can now open new possibilities of threats and risks to organizations. With the continued wave of machine learning and its ability to scan billions of pieces of text from across the internet, its potential to learn and process information is growing exponentially. Even after the learning phase, trained AI models can still be left vulnerable to attacks resulting in data acquisition or held ransom.
Just a few short months ago, the AI-driven chatbot, ChatGPT launched and has quickly become the tech industry’s new shiny toy. Not long ago, popular virtual assistants like Siri, and Alexa became a permanent fixture in homes. Now, ChatGPT offers tools that can undoubtedly simplify lives, generate creative content, and deliver even more convenience into our day-to-day. This new AI can interact with the user in a conversational way, ask follow-up questions, admit to mistakes, and reject questions. It can generate an essay, craft lyrics among other talents. It’s highly sophisticated in comparison to anything we have seen before.
Like any AI, it’s difficult to know how it will be used and for what intentions. Cyber experts do warn that with the increased reliance on AI, we may also experience a growing number of sophisticated cyber-attacks, resulting in increased loss ratios. It is important to be aware of the risks imposed by malicious actors aided by increasingly smarter AI tools.
“Unlike most technological advancements to date, this breakthrough tool appears to offer malicious actors the capability to generate phishing emails, code and other forms of malicious content on a scale and sophistication that is simply unprecedented and revolutionary in its implications to our industry”, says Jason Ponton, Cyber Practice Leader for Canada.
“Additionally, once in a network, we have every reason to believe that a malicious actor would try and leverage this technology to learn an organization’s communication patterns and gain insights from the information available in order to launch custom-made attacks that are virtually indistinguishable from legitimate operations. Understanding these capabilities and identifying and preparing for their aftermath forms a large part of Crawford's evolving cyber practice.”
For now, it remains important that organizations remain vigilant about cyberthreats and continue to secure their networks and monitor suspicious activity. The continued development of new technologies will continue to pose a threat, so it would be wise for an organization to ramp up their efforts to protect themselves against threats by:
- Regularly updating and patching software and systems to prevent known vulnerabilities from being exploited.
- Implementing strong password policies and multi-factor authentication.
- Regularly backing up important data to protect against data loss.
- Conducting regular security assessments and penetration testing to identify and remediate vulnerabilities.
- Training employees on security best practices and educating them on common attack methods.
- Having an incident response plan in place and testing it regularly to ensure readiness in the event of an attack.
- Having a data governance process in place to ensure that confidential data is protected and comply with regulations.
- Regularly monitoring networks and systems for unusual activity and implementing measures to detect and respond to breaches in a timely manner.
- Continuously monitoring the external threat landscape and adapting security measures accordingly.
- Most importantly, invest in cyber insurance coverage to benefit from access to world class experts that will help mitigate reputational, legal, and financial exposures in the event of an indemnifiable attack.
For more information, please contact one of our global cyber experts: https://www.crawco.co.uk/resources/our-global-cyber-experts
