The state of cybersecurity in the UK has reached a chilling level of vulnerability as cyber criminals have become better than ever at exploiting weaknesses, according to an expert in the field.
“The reality is, the bad guys are doing a better job than the good guys in terms of successfully infiltrating organisations, compromising users stealing data and creating havoc,” Ronan Murphy, chief data strategy officer at Forcepoint and a government advisor on AI, exclusively told UKTN.
“Despite what a lot of the industry says, the fact of the matter is that the bad guys are winning.”
A big part of the problem, perhaps unsurprisingly, are innovations in artificial intelligence. For every innovation the technology has brought to legitimate businesses, that innovation has been shared by bad actors.
Among the most common techniques from hackers is phishing, which has been a staple of cybercrime for years.
In the past phishing emails were associated with crude, poorly constructed messages designed to weed out viewers who would know better, leaving behind the most vulnerable victims.
“That’s gone,” Murphy explained, and it is no wonder why. “Your ability to craft a geo-specific phishing campaign that will target industries and specific individuals on topics that are emotive to them and look real, it’s terrifying”.
The problem with AI isn’t just its capacity to empower hackers either, warned Murphy, but also the risk that it creates vulnerabilities in the very organisations implementing it.
Organisations are under a lot of pressure to rapidly adopt AI, both from government policy and a fear in the private sector that rivals are using it to get an edge.
“If you’re in a leadership team, you’re saying, our competitors are doing a great job, why can’t we be as good as them? Let’s embrace AI, let’s do more, faster, quicker and better.”
The problem, however, is that incorporating in-house AI tools means feeding that AI your own data, putting organisational secrets within a large language model that can be difficult to understand, let alone protect.
For Murphy, the rush among organisations to incorporate AI into their systems is a “far bigger vulnerability than hackers”.
For the most part, modern attacks are looking to steal data from organisations, which can be extremely valuable.
Because of this, Murphy suggested that cybersecurity, a specific discipline concerned with tools such as firewalls and antivirus software, has become less important than the growing discipline of data security.
You can outsource the responsibility for many things. One of the things you cannot outsource the responsibility for is your data,” Murphy said.
“Managing, securing and demonstrating compliance with data has never been more important than it is right now, and that has just been driven by this explosion in AI, data to AI is the same as oxygen to a human.”
Read more: Are businesses ready for AI-enabled cyber threats?
The post Why UK cybersecurity has become so vulnerable appeared first on UKTN.
