A Cybersecurity Dual Narrative, Who's Winning, Future States
Read Time: 5 minutes
Welcome Reader to Your Tech Suite's weekly newsletter where we provide news, tips, and guidance on improving the technology posture in your startup or SMB. A holistic technical C-Suite... for the rest of us.
This Week's TLDR
- Machine Learning and GenAI are similar tech but have wildly different stories.
- Perception sometimes isn't reality but perception right now is GenAI is a cybercrime hammer.
- The future holds some excellent use cases for GenAI and its future positive impact on email security.
- Apple, the company that used to have cool stuff. More apple, a yummy stock buy back program. United Healthcare hack.
A Cybersecurity Dual Narrative, Who's Winning, Future States
As we forge ahead in 2024, the spotlight grows increasingly brighter on Artificial Intelligence and Machine Learning.
These technologies are no longer just buzzwords to be uttered amongst the corporate data elites but are now pivotal areas drawing significant investment and becoming more accessible to small and medium business.
I love it!
Perhaps the most prominent area to see the sparks of evolution is cybersecurity.
In a month or so time I'll be conferring with some great minds in the security space at the Rocky Mountain Information Security Conference. I'll also be speaking on a topic near and dear to my heart, AI and ML models and how they impact cybersecurity.
As I prep for the talk, I wanted to get a sense of where things are. The here and now cyber innovation.
The dual narrative I uncovered not only blew me away but is equally fascinating and sobering.
A Tale of Two Technologies
I started with a basic premise, a question really.
"How is X being used in phishing detection?" With google I replaced X with either machine learning or GenAI.
I expected similar results but what I got was an education.
With machine learning, the innovation was clear. ML is rapidly advancing the way software in the security domain is working to protect business from phishing. ML models are harnessed to detect copycat domains, classify links in real-time, and analyze files, text, and images.
A true testament to technology applied for good.
The GenAI search was starkly different. Every result was an article describing the way GenAI is being used to improve phishing attacks, increase attack volume, and automate phishing dispersion. Its like detection wasn't even in the conversation.
The Divergence of Perception
While initially stunned, I've worked with teams leveraging ML and AI in cybersecurity solutions. I've witnessed the effective impact of applying these technologies to the cybersecurity domain.
I know GenAI is being used...so where is it?
After some significant searching and testing, I eventually did find programs using GenAI but I also realized that public and search engine sentiment diverges between these two technologies.
GenAI's potency is significantly overshadowed by the the nefarious uses constantly highlighted in news and media. A classic case of a good tool, falling into the wrong hands.
The Economics of Cybercrime
Let's set the scope of the problem. Cybercrime, if it were a country, would rank in the world's top ten economies by GDP. Forecasting for growth suggests it will rank in the top 5 in 2025.
Additionally, the comical early days of phishing are quickly coming to a close. Awkward phrasings, hilarious misspellings...
That's in the rear view mirror.
GenAI's capabilities are on an exponential growth trajectory. A recent YTS newsletter highlighted a Hong Kong company that was scammed out of $25 million through sophisticated usage of phishing and AI-driven technology.
Since the release of ChatGPT in late 2022, phishing volume has skyrocketed by over 1200%. Use of GenAI in phishing scams has risen from 1% in 2022 to over 18% in 2023.
2024 will see that number over 50%. Guaranteed.
Finally, this isn't just a small scale business issue. Studies have shown that orgs over $1 billion of annual revenue are more susceptible to their smaller counterparts.
The wins are few and far between.
Turning the Tide
Yet despite the grim overview, I am giving a talk on the positive impacts of GenAI. The technology will see the pendulum swing back and GenAI will have its transformative day in the sun.
Here are 4 ways that GenAI specifically has or will contribute to addressing the growing phishing menace.
- Enhanced Detection & Response
GenAI's swift processing can generate phishing emails effectively so why not use that processing to review those emails effectively. Near real-time analysis of anomalies in email provides a crucial defense against sophisticated phishing attacks.
- Simulating Phishing Attacks
If scammers can use GenAI to ramp up their attack volume, why not use GenAI to ramp up phishing scenarios. Affordable org wide attack simulation keeps team members aware and vigilant. With GenAI this can be done for pennies on the dollar.
- Real-Time Threat Intelligence
GenAI can amplify existing threat intelligence capabilities. This one requires a higher level of coordination and collaboration from some of the bigger players in the space. Yet the impact of being able to respond, remediate, and eliminate in real-time to attacks that are out in the wild benefits everyone.
- Phishing Awareness Content & Training:
GenAI's bread and butter is content generation. Something that it continually shows to be improving. Usage of the technology to generate content and training materials that are tailored specifically to individuals and teams can help zero in the improvements our people need to make to survive the coming phishing deluge.
A Call to Action
Technology is becoming more and more daunting by the day. And GenAI's dark side is a bit unnerving. Yet the evolution of the technology provides a little beacon of hope.
We'll continue to innovate and improve the solutions we use to combat cyber threats.
Joining ML and AI will continue to align with our needs for security and resilience.
Cybercrime is a bit of a battle. Awareness, preparedness and complementary technologies are our allies.
Hopefully you see that tech like GenAI can be leveraged to do so much more than what its doing now and that the ROI on investing in these solutions makes your business all the stronger.
News
This might surprise you, but Apple's *cough* innovations in hardware haven't set the record breaking revenue streams it once had. Seriously guys, 1 second photos.... iPad revenue has fallen 17% year of year. Vision Pro is starting to smell a bit like Lisa.
But not to be undone, even amidst crappy hardware, somehow the Apple behemoth is so a flush with cash that it unveiled a record buyback program. Maybe we try actual capitalism for a change...
A fair amount of healthcare cybercrime news. UnitedHealth Group's announcement that it potentially has a compromised data set of over 100 million US citizens. Biggest attack since Anthem's ~79 million affected hack in 2015. Ugh.
YTS Weekly Recommendation
|
The Goodnewsletter
Good Good Good
Join 50,000+ subscribers who wake up to the day’s best good news stories. |
Say Hi on LinkedIn, Twitter/X, & Instagram
Did someone send you this awesome email? Subscribe Here
Need additional help? Reach out to the YTS Team!