Page 93 - Cyber Defense eMagazine March 2024
P. 93
But we will soon start to see AI use pivot from defense to attacks. As AI becomes more accessible, bad
actors will increasingly use its capabilities to harvest data available online to acquire personal information
about individuals and their organizations. We’ve seen deepfake clips showing how AI can be utilized to
mimic a person’s voice. With technology available today, an attacker could harvest data from LinkedIn,
YouTube, or other public sources to place a phone call, simulate a manager’s voice, and perform
malicious activities like resetting an organization’s passwords.
We’re also seeing new threats from AI on the web. The ability to render new sites in response to search
queries has a great potential for interacting with customers, but it can also introduce new fraud risks. The
more generative AI search capabilities advance, the greater the possibility that organizations can lose
control of the information on their own websites. It won’t be long before AI can write, construct, and render
an authentic-looking page almost as fast as a search result can be served up. Whether the page is
genuine, or contains false, malicious content may not be obvious to a viewer.
The pressure is growing for leaders to develop a strategy to manage AI threats as well as take steps to
ensure trust for key company assets like public websites.
Preparing for a post-quantum world
Quantum computing has also been advancing rapidly over the past few years, and it’s posing a serious
threat to existing cryptography. Soon, large-scale quantum computers will be capable of cracking most
public key cryptosystems, potentially compromising communications on the Internet and other digital
systems. Although many IT leaders are aware of quantum computing risks, their business counterparts
may be unaware of the looming threat. According to a report by the Ponemon Institute, “Preparing for a
Safe Post Quantum Computing Future: A Global Study,” most organizations have not yet established
clear post-quantum cryptography strategies.
Despite the slow start, business leaders will soon become more aware of post-quantum cryptography
(PQC). Industry organizations like NIST will release new standards the summer of 2024, which should
encourage organizations to better develop and document their quantum strategies. With improved
communication, better education and proactive planning, it’s expected that executives will take major
steps forward in PQC preparation and accelerate their companies’ investments.
Trust takes a seat at the table
Much of the threat posed by AI and quantum technologies comes down to digital trust. Trust is
fundamental to business relationships, and its loss can dramatically impact a business’ reputation and
revenues. It’s not surprising that organizations are taking a close look at the role of digital trust in their
organizations. As threats become more sophisticated and traditional perimeter-based defenses
encounter new challenges, they are seeking to modernize their security approaches to go beyond the
traditional infrastructure—and consider trust issues like personal identities.
Cyber Defense eMagazine – March 2024 Edition 93
Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.