TECH4GOOD
Cybersecurity attacks continue to rise at an even faster rate. Flashpoint’s 2024 Global Threat Intelligence Report shows over 17 billion personal records were compromised in 2023. The same report observed a 429 percent increase in stolen personal data in the first two months of 2024 compared to the same period last year. Recent high-profile attacks involve a major US healthcare billing company and a Philippine executive department.
Despite the scope and scale of these threats, many firms have become accustomed to the dangers, while others simply donot know where to focus their cybersecurity efforts. For decades, cybersecurity has been a game of cat and mouse. Defenses are built, attackers find weaknesses, holes are patched, and the cycle continues. This reactive approach has served many organizations reasonably well, but the landscape is shifting dramatically. Artificial intelligence (AI) and quantum computing are poised to revolutionize how cyberattacks are conceived and executed, rendering traditional perimeter-based security increasingly obsolete.
Cybersecurity professionals today are undoubtedly beginning to find themselves at the forefront of an ongoing battle, defending against ever-advancing adversaries armed with cutting-edge technologies.Traditional cybersecurity plans and strategies, built on a foundation of perimeter defenses and signature-based detection, are struggling to keep pace.
No organization today can expect 100 percent protection against cyberattacks, no matter how much time, technology, and resources they invest in the challenge, according to Keri Pearlson, executive director of Cybersecurity at MIT Sloan.
Traditionally, cybersecurity has centered around defense — building walls, deploying firewalls, and erecting barriers to keep threats at bay. However, the relentless pace of technological innovation has rendered this approach insufficient. We need to move beyond traditional defensive measures to a more resilient approach. Adversaries adapt swiftly, finding cracks in defenses and exploiting them. Resilience, therefore, shifts the paradigm from mere defense to adaptability.
Resilience is the ability toweather an attack with minimal damage to critical assets and reputation. It is about detecting, containing, recovering from, and adapting to cyberattacks. Resilience ensures a business can quickly respond to inevitable attacks by getting systems back up and running with minimal disruption. A resilient organization emerges from an attack relatively unscathed.
Threats are no longer predictable in the realm of artificial intelligence and quantum computing. AI algorithms learn, evolve, and sometimes surprise even their creators. Quantum computers, with their exponential processing power, can break classical encryption methods in seconds. This necessitates a shift in cybersecurity strategy and resilience, which acknowledges this unpredictability and prepares us for the unknown.
Artificial intelligence presents a double-edged sword for cybersecurity. While it can be a powerful tool for threat detection and analysis, analyzing vast amounts of security data from various sources to identify patterns and anomalies that might indicate an attack, attackers can also weaponize it for targeted attacks and evade signature-based detection by using deepfakes, poisoned data, and manipulated models. AI can also automate tasks like social media scraping and vulnerability scanning, allowing attackers to identify high-value targets and tailor their attacks with pinpoint accuracy.
While still in its nascent stages, quantum computing poses a significant threat to current cybersecurity practices. Quantum computers leverage the principles of quantum mechanics to perform calculations that are impossible for classical computers. Once quantum computing becomes commercially viable, it has the potential to break the encryption algorithms that safeguard our data and online transactions. The entire foundation of trust in the digital world could crumble because secure communications, financial transactions, and sensitive data rely on cryptographic algorithms.
A resiliency-based approach moves away from the mentality of “if” we get breached to “when” we get breached. Instead of focusing solely on prevention, organizations should assume that a breach is inevitable. This means having a recovery plan to restore critical systems and data quickly. Regularly backing up data and having a disaster recovery plan are crucial aspects of resilience. The goal should be to minimize the impact and ensure a swift recovery.
In addition to redundancy, a resilience-based strategy must implement a robust incident response plan to allow timely detection and containment to minimize damage. Organizations must also cultivate a security-oriented culture where everyone understands that the organization’s existence depends on its ability to recover quickly from successful attacks. Scenario-based drills simulating cyberattacks will allow organizations to identify gaps and practice resilience under pressure.
Building an impenetrable fortress is not enough to completely address cybersecurity risks. The future of cybersecurity lies in cultivating the ability to bend, bounce back, and adapt to weather attacks. By embracing a culture of resilience and continuously evolving defenses, organizations are better armed to navigate risks, including AI-powered attacks and the uncharted territory of quantum disruption. With a focus on continuous improvement and a proactive approach, we can ensure that our digital world remains a secure and thriving space for growth, innovation, and progress. ([email protected])
(The author is an executive member of the National Innovation Council, lead convener of the Alliance for Technology Innovators for the Nation (ATIN), vice president of the Analytics and AI Association of the Philippines, and vice president of UP System Information Technology Foundation.)