Securing cyberspace in the age of generative AI and minimising attack surfaces
I recently attended Canalys Forum EMEA and was part of a panel that talked about neutralising attack surfaces. Two consistent themes that emerged were the need for organisations to have a cyber incident plan in place and the emergence of generative AI and what that means for cybersecurity and cybersecurity solutions. Minimising the size of the attack surface is paramount and I’ve outlined some ways to do this based on insights I took from the Forum.
It’s not if you get breached, but how you respond when you do
It’s impossible to be prepared for every eventuality, unfortunately. What separates different organisations is how quickly they can bounce back from an attack. A cyber incident response plan will help organisations respond quickly and effectively to a cyberattack and limit damage done. The plan will help organisations respond quickly to contain the incident.
Having a plan is also necessary for compliance, depending on your industry. There may be legal and regulatory requirements from the NCSC in the UK, ANSSI in France or BSI in Germany that mandate developing and implementing a cyber incident plan. To comply with GDPR, NIS2 or PCI DSS, you must have an incident response plan in place, for example. Failing to comply with these regulations can lead to fines and legal consequences.
It might seem negative to be planning for the worst – but having an effective strategy in place could help organisations maintain their customer’s trust, reduce downtime, and potentially reduce any financial loss incurred by the attack.
Enter generative AI
Generative AI is a powerful new technology that has revolutionary potential for many industries. The other side of the coin is that it also poses a huge number of risks to organisations. One of the biggest risks is that generative AI can be used to expand digital attack surfaces with new and sophisticated AI cyber-attacks. The UK’s National Cyber Security Centre (NCSC) has predicted that AI “will have a profound impact on the threat landscape, as more state and non-state actors obtain capabilities and intelligence not previously available to them."
Generative AI is already being used to create realistic-looking fake content that fools an organisation’s weakest security link – its people. The fake content can be used to trick users into revealing sensitive information or taking other actions that could compromise an organisation's security.
Reduce your generative AI risks
To mitigate the generative AI risks to attack surfaces, organisations need to be aware of the latest attack vectors and take steps to protect themselves. Here are some ways to reduce your risk to AI security vulnerabilities:
- Collaborate. Westcon Tech Xpert is our exclusive, opt-in community of 2000+ cybersecurity experts to knowledge share.
- Educate employees about the risks of generative AI and the importance of things like strong passwords and multi-factor authentication. People are the weakest cyber security link in an organisation (unfortunately) so implementing a continuous security awareness programme is important to maintain system integrity.
- Use security solutions that can detect and block generative AI-powered attacks.
- Implement zero-trust security. Our ZTA Secure Trio bundle gives you Authentication, End Point Protection and Secure Access in a simple, powerful package that won’t cost a fortune.
- Test, test and test again. Westcon 3D Lab lets you see how security solutions work to safeguard your customers. Our 50+ virtual demo labs let you and your customers road-test combined multi-vendor security solutions in specific use cases in 48 hours.
Make AI work for you
Generative AI can also be used to make cybersecurity solutions more robust. Here are some ways AI is being used to reduce threats to attack surfaces
- Improving the accuracy of security solutions. AI can train security solutions to detect new and emerging threats.
- Develop new security tools and techniques. AI can develop new security tools and techniques to help organisations protect themselves.
- Automate security tasks. AI can automate security tasks, freeing up stretched security teams.
Securing third-party and digital supply chains
When talking about attack surface reduction these measures must be taken to secure third-party and digital supply chains that contribute to the attack surface.
Conduct Vendor risk assessments. Make sure to do thorough vendor risk assessments before onboarding new third-party vendors or suppliers, assessing their security practices, compliance with security standards, and track record in handling data securely.
Frequent third-party audits and due diligence. Performing regular audits and due diligence on existing third-party vendors will ensure they maintain security standards over time, further protecting your digital supply chain.
Data classification and protection. It’s imperative to clearly define how sensitive data will be classified, handled, and protected when shared with third-party vendors. Pay particular attention to data being encrypted in transit (and at rest) and implement access controls.
Tightly manage access control. Be sure to limit access to your systems and data to only those individuals or entities that absolutely need it. As well as that, implement strong access controls, including multi-factor authentication (MFA) for third-party vendors.
Have a clearly defined exit strategy. Plan for the end of the relationship with third-party vendors. Ensure data is securely returned or deleted, and access is revoked when the relationship ends.
Enact a zero-trust approach. Implementing a zero-trust model assumes no trust by default, requiring verification and authentication for all network access, even from trusted third parties.
To thrive in a world where attack surfaces are under more pressure than ever, collaboration, education, and innovation are paramount. Collaborate with experts and peers in the cybersecurity community to stay informed and agile – while establishing your organisation’s cyber incident response plan. Looking at your supply chain is of increasing importance as attackers probe deeper and deeper for security cracks and gaps.
Find out more about our Next Generation Solutions.