Page 145 - Cyber Defense eMagazine July 2024
P. 145
Identifying Emerging Cyber Risks
In the fast-paced cybersecurity landscape, organizations must also be well-educated on emerging cyber
trends and associated risks their organizations may be susceptible to. The development of generative AI
technology presents new risks and data privacy concerns that companies of all sizes and all industries
must proactively address. For example, cybercriminals are increasingly using phishing campaigns and
deepfakes to target vulnerable employees and gain access to a company’s system and steal sensitive
data.
Organizations must quickly harness generative AI before threat actors can use it to their advantage.
Navigating these developments necessitates the formulation of comprehensive policies and diligent
education initiatives to ensure safe and responsible utilization of AI tools.
Security leaders should create an acceptable use policy for AI within the organization and communicate
to all levels of the organization. If employees are not properly guided on how to use AI tools, there is a
risk of losing control over the organization’s data and creating an insider threat or a vulnerability for bad
actors to exploit. Establishing clear guidelines and guardrails ensures that employees can use AI
productively while maintaining data security.
Organizations must embrace a proactive security approach that includes risk and threat management in
order to transcend reactive tactics. The ability to adjust and take preventative action will be essential to
resilience in the face of a future potential cyber-attack. Those that fail to prioritize both risk assessment
and threat mitigation will fall behind in the rapidly evolving digital world.
About the Author
George Jones, Chief Information Officer, Critical Start: In his role as the CISO,
George defines and drives the strategic direction of corporate IT, information security
and compliance initiatives for the Critical Start, while ensuring adherence and delivery
to the firm’s massive growth plans. George was most recently the Head of Information
Security and Infrastructure at Catalyst Health Group, responsible for all compliance
efforts (NIST, PCI, HITRUST, SOC2) as well as vendor management for security-
based programs. George brings more than 20 years of experience with technology,
infrastructure, compliance, and assessment in multiple roles across different business
verticals. Recently as Chief Information Officer and Founder of J-II Consulting Group,
a security & compliance consultancy, George was responsible for the design and implementation of
security and compliance programs for various organizations. He also delivered programs to implement
Agile methodologies, DevSecOps programs, and Information Security Policy and Procedure
Plans. During his time at Atlas Technical Consultants, George drove multiple M&A due diligence and
integration efforts, consolidating nine acquired business units into a single operating entity, enabling the
organization to leverage greater economies of scale and more efficient operations.
George grew up in Austin and is a recent transplant to the Plano area. He attended Texas A&M University
and graduated Magna Cum Laude from St. Edward’s University.
Cyber Defense eMagazine – July 2024 Edition 145
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
