Insights from our 2024 cyber security predictions webinar. How will the latest wave of AI advancements impact your business?
Artificial intelligence is on track to reshape the future—but with it comes inherent risks and dangers. In this January 2024 webinar, F12’s Virtual Chief Information Officer (vCIO), Brandon Peters, hosted F12’s Chief Technology Officer Calvin Engen, and Corey Nachreiner, Chief Security Officer at WatchGuard Technologies, as they uncovered possibilities for futuristic and advanced cyber attacks, the best defences against evolving threats, and tips to secure SMBs.
Scroll down to the bottom of the page to watch the entire webcast.
What cyber security threats are predicted to rise in 2024?
Corey predicts various cyber security threats this year at [5:01]. “One of the big things is attackers changing their techniques to use legitimate sites and tools on your device rather than just plain old malware.” He says that although AI poses a huge threat to industries, it can also serve as a benefit.
“Everything that we rely on in today’s age is encrypted and encrypting your privacy,” Calvin says at [12:00]. With technology advancing, your data becomes much more vulnerable as a threat. “It’s something that we have to continue to watch out for.”
How will AI impact our society?
Calvin warns of a resurgence of malicious SEO tactics using AI to manipulate search results at [6:35]. “A company called SolarMarker does search engine optimization poisoning.” Calvin explains that normally, we expect search engines to provide the most trusted and reliable links in the first results. “But what they’re doing is taking legitimate SEO, and raising their malicious website to top ranking.” Calvin stresses that downloading or clicking malicious links can compromise businesses.
At [8:22], Brandon brings up a recent use of AI in detecting fake verification tactics, with the potential for creation technology to become increasingly convincing. A technician received a call about a password reset and almost went ahead with it because he recognized the client’s voice. But it could’ve been a hacker using AI to simulate someone else’s voice. Brandon explains that luckily, F12 has a set of steps in place to ensure they can truly verify someone’s identity in a way that is not compromised, like voice or video.
At [7:33] Calvin points out that with the U.S. election, the implication of deep fakes could be used for disinformation and manipulation. He adds that being able to craft and spread false messages is becoming increasingly common. “We need to do more as an industry, […] to make sure that there is a validation of that information and or a detection of misinformation in a more reasonable fashion.”
How can businesses protect data and ensure privacy in this digital age?
Calvin shifts the conversation back to businesses at [36:13] and notes how vital it is for companies to understand their role in securing client data. “Once you understand […] what the data is, then you can start to build out the frameworks around how to protect that information in a legitimate way.” Calvin explores how businesses can protect personal data that is required to operate a business. Although not an easy task, Calvin says that “having the controls of a system, [could] restrict that access to ensure that that data is safe and secure.”
At [40:05], Brandon warns against asking for unnecessary personal data. “People over time […] become more and more willing to give up that private information.” Brandon’s opinion is that the mindset of how personal information is shared has shifted throughout the years, where it was taught not to use your real name online, but today, the technology to unlock your front door from your phone is available. Brandon says that adding unnecessary information to existing data increases the need for protection. “That’s more risk to you, as a business,” as it contributes to the sheer volume of data that your business needs to keep safe.
At [47:18], Corey adds that encrypted data shared internally should still have proper security measures in place. “Really, your own security measures become the risk assessment you have to do.” Corey warns against oversharing with AI to mitigate cyber security risks. “People are actively going to some OpenAI service, openly giving […] AI all kinds of information about themselves because they think it’s neat, they can get a response back and not realizing that they’re exposing a lot of their own data.
How can we manage cyber security and AI risk?
At [46:55] Brandon asks if there’s no connectivity to the outside world, what is the chance or percentage that AI bad actors are going to get in and extract that data? Corey emphasizes the importance of securing data when using public cloud AI services, as even encrypted data can be at risk of exposure through prompt injection attacks.
Calvin highlights the need for intermediate systems at [49:15], to prevent unauthorized access to sensitive information.
At [51:18], Corey highlights why MSPs and MSSPs are his go-to when it comes to providing cost-efficient security solutions for small businesses struggling with time and resources.
Lastly, the group suggests at [51:47] to stay vigilant, invest in technologies, and continue the conversation about the importance of proper cyber security and risk management to improve the future.
Is your organization struggling to keep up with AI? Could you benefit from a few tips on how to better protect your business from malware? Contact us today to learn how you can secure your business from rising cyber security threats.