John Mc Loughlin, CEO, J2 Software.
The rise of cyber attacks using old tricks and proven methods is expected to continue. Criminal organisations are relentlessly seeking access to your systems, aiming to exploit vulnerabilities in your environment and disrupt your supply chain.
Businesses, regardless of size, must prioritise safeguards against common threats like business e-mail compromise and compromised user accounts. Detecting unusual behaviour is crucial for preventing invoice fraud and session hijacking, which could lead to reputational and financial damage.
Moreover, ransomware attacks are proliferating, facilitated by professional groups offering easy-to-use ransomware kits to a growing number of affiliates. Businesses need to embed resilience into all aspects of their operations to mitigate the impact of such attacks.
Deepfake technology, which creates convincing fake videos, is rapidly advancing. It poses various risks, including tricking business users into fraudulent transactions, as seen in a case where a Hong Kong multinational was duped into paying $25 million to fraudsters using deepfake videos of executives.
Furthermore, deepfakes can be employed to spread misinformation and sow fear, particularly during times of uncertainty such as election years. To counter these threats, enhanced monitoring and targeted protection measures are essential to ensure both systems and personnel are resilient and informed.
Failure to implement a comprehensive cyber resilience programme leaves businesses vulnerable to increased cyber crime and significant financial losses. Despite the growing threat landscape, many executives continue to overlook cyber security risks and underinvest in resilience measures. This stems from a lack of awareness about the severity of potential risks and complacency due to past incidents going unnoticed.
Legislation addressing cyber risk is expected to expand globally, although its effectiveness remains subjective. Collaborative efforts between industries and policymakers are crucial to develop practical and relevant laws that keep pace with technological advancements. However, the slow pace of legislation could render it outdated by the time it's enacted.
Artificial intelligence (AI) has become a prominent tool in cyber security, offering both opportunities and challenges. Poorly implemented AI solutions can compromise data security, leading to unauthorised access and breaches.
Attackers are leveraging generative AI to enhance their tactics, while defenders are increasingly relying on AI to detect threats quickly amid the growing volume of network traffic. However, effective use of AI requires continuous management and monitoring to remain effective.
Partnering with established cyber security technology firms can bolster a company's capacity and provide enhanced visibility into potential threats. By leveraging proven solutions and expertise, businesses can better protect themselves against evolving cyber threats and mitigate the risks.
