Jason Oehley, regional sales manager at Arctic Wolf. (Image: Supplied)
The rapid progress of artificial intelligence has had a dramatic impact on cyber security. Through AI, the threat landscape is evolving rapidly. This means that users – and how they act individually – are becoming more decisive cyber defense outcomes.
To reduce the risks associated with human factors, it is important to engage and train your employees, promote a strong security culture and strengthen the organisation’s resilience.
“It’s not a task that you accomplish overnight, but developing your security awareness and knowledge is something that anyone can do, regardless of technical expertise,” says Jason Oehley, Regional Sales Manager at cyber security firm Arctic Wolf.
With the rise of AI, cyber security has begun to resemble a contest over which side has the most effective AI model: defenders to power their security platform – or the attackers, to sharpen their weapons.
The capability gap between attackers and defenders is shrinking. Threat actors often benefit from not adhering to legislation or ethical standards when developing their offensive AI models.
It may appear contradictory, but Oehley points out that as the technical playing field levels out, ‘soft’ factors will become even more significant for IT security: your organisation’s security culture can be the difference between your entire operations being shut down by a ransomware attack and business continuing as usual.
More specifically, security culture is about every employee being vigilant and able to recognise suspicious events, as well as being empowered to quickly report or alert about these.
Many workplaces already have solid security measures in place. But good tools and procedures are truly meaningful when combined with a culture of trust in the workplace. All coworkers must feel comfortable with reporting problems, suspicious activity, or their own mistakes – for example, if someone accidentally has clicked a suspicious link.
“An indication of when you have a sound security culture is when no employee is afraid of making mistakes,” says Oehley.
Many serious cyber attacks can be traced to an individual user who, through risky behavior or ignorance, enables the breach. It is also incorrect to assume that the human factor in these cases is limited to junior staff. A study by Arctic Wolf reveals that nearly two-thirds of IT managers admit to having also clicked on phishing links.
