Technology plays a determining role in cybersecurity’s effectiveness and the threats it must protect against. For individuals, organizations and governments to prepare for potential threats, they need to stay up-to-date on the influencing technologies in play.
Below, security professionals have shared which technologies have influenced summer security trends and how.
Generative AI
The ongoing proliferation of generative AI technologies is deeply influencing cybersecurity technologies. Existing security products on the market are proving to be highly vulnerable to deepfakes, which are being used to trick unprepared identity verification systems and fool unsuspecting employees. We’ve seen an AI arms race for detecting deepfakes, yet cyberattacks only escalate, with bad actors social engineering employees using voice, video and image deepfakes. Following a winter and spring of crippling deepfake attacks, businesses are looking to adopt stronger AI-powered cyber defenses by implementing identity verification solutions that focus not on passive detection, but on active prevention of digital injection attacks and the use of AI deepfakes. – Aaron Painter CEO at Nametag.
Balancing Cybersecurity Strategy with Risk Tolerance
Relying on just one security component barely leads to actual protection. A museum can have the most advanced surveillance system in the world — but without physical measures in place, security personnel can only observe a theft, not prevent it. Along the same lines, even if businesses invest in monitoring tools, they won’t be able to actually respond to threats without an effective incident response plan and the right team to execute it.
A balanced cybersecurity strategy supports tools with people and processes, which play a crucial role in protecting infrastructure without much financial investment. For example, establishing a process that requires business users to annually review their data repository permissions can minimize your attack surface by eliminating superfluous permissions. This process-based approach that emphasizes least privilege security can be particularly helpful for SMBs, as it provides a solid foundation that can be scaled up as the business expands. – Illia Sotnikov, Security Strategist & Vice President of User Experience at Netwrix
Zero-Trust, EDR and IAM
Typically, summer months lead to an increase in cybersecurity risks and threats due to employees traveling on vacation and having more relaxed “work from home” policies. It’s crucial that organizations have a heightened alert when it comes to gaining visibility into employee usage and access to corporate devices to pinpoint unusual behavior. Technologies such as Identity and Access Management (IAM), Endpoint Detection and Response (EDR), and Zero-Trust Architecture are being adopted by businesses to secure their organizations and employees.
The concept of Zero-Trust is being adopted by enforcing strict controls over every individual or machine, inside or outside the network, looking to gain access to the environment. “Never trust, always verify”.
EDR platforms are being adopted by organizations to gain visibility into assets, whether that be in the cloud or on-premises devices, to detect abnormal behaviors and allow for quick automated remediation.
Lastly, IAM solutions are being adopted to authorize and authenticate users, including multi-factor authentication, to mitigate unwarranted and suspicious activity. – Jeremy Ventura, Field CISO at Myriad360
Moving Target Defense (MTD)
Moving Target Defense (MTD). This is a technology that can tear down and rebuild a compute environment in seconds, making it nearly impossible for a hacker to gain persistence in the environment. MTD requires the use of containers and specific application conditions, so it demands a lot of implementation effort. However, once in place, an environment becomes extremely difficult to attack. Examples of this technology are Morphisec and Phoenix. – Andrew Plato, author of The Founder’s User Manual and Founder of Zenaciti