“Artificial intelligence will be increasingly pervasive in cybersecurity”. Word of Riccardo Baldanzi, CEO of 7Layers, the cybersecurity company of the Fastweb Group. “AI can help address the growing complexity of computer systems and increasingly sophisticated threats, and improve the prevention, detection and response to cyber attacks in a variety of ways.”
Baldanzi, therefore we are already in a new phase. What can artificial intelligence be used for in practice?
Cyberthreats are getting more and more sophisticated, using advanced techniques such as social engineering, cryptography and artificial intelligence itself. Which therefore has the double role of threat but also of a weapon of contrast. For starters, AI can be used to detect cyberthreats faster and more accurately than traditional detection techniques. And it can be used to analyze large amounts of data in real time to identify attack patterns and more importantly to prevent attacks. The role it can play in automating responses to cyber-attacks is also decisive: with AI it is possible to detect attacks autonomously and provide appropriate responses, reducing the need for intervention, at least for the most repetitive operations. And this not only allows to reduce the response time to attacks but also and above all to minimize the damage caused to company assets. For these reasons, the use of AI in cybersecurity will become increasingly common also because it goes hand in hand with the growing challenges of the digital world, including the scarcity of resources trained on cyber topics.
How has the scenario evolved and is it evolving?
The pandemic and the geopolitical situation have changed the cards on the table. Let’s start from the pandemic and therefore from the strong push towards smart working: the rapid transition to remote working has posed significant challenges for IT security. The use of unsecured home networks and devices can increase the risk of cyber attacks and you need to adapt quickly to ensure the safety of sensitive data and IT infrastructure. The geopolitical situation has led to an increase in cyber threats from nation-states, terrorist groups and hackers. The race to control digital assets and critical infrastructures has generated greater ‘aggression’ in cyber warfare and espionage operations. The combination of factors such as smart working and the geopolitical situation has made cybersecurity-governance an increasingly complex and critical challenge. It is essential that organizations quickly adapt to changes and develop robust security strategies to protect data and infrastructure.
Data and infrastructure: how to take action?
The protection of personal, financial and customer data is a major concern for organizations as the loss or theft of this type of data can cause economic damage and reputational damage. In addition to data, infrastructures must be protected, especially the so-called critical ones: energy companies, telecommunications companies and transport companies must guarantee the security of their systems and networks against cyber attacks. Then there is the security related to cloud environments: with the increase in the adoption of cloud computing, the security of data and applications on third-party platforms has become a major priority.
And last but not least, it is necessary to raise user awareness: cybersecurity threats can often be caused by human errors, such as the use of weak passwords or not paying attention to phishing messages. For this reason, training is essential. All this considering that ransomware attacks are on the rise and that the rise of the Internet of Things and connected devices has led to greater exposure to cyber threats, with devices that can be compromised to create networks of botnets. Organizations must be able to identify and respond to advanced threats, such as targeted attacks and insider intrusions, which can be very difficult to detect and prevent.
How do customers behave in cyber crisis management? And how do you support them?
Customers may have different reactions depending on the scale and severity of the cyber attack they suffered. It is important that organizations prepare themselves to manage a cyber attack and, in the event, provide transparent and timely information regarding the attack suffered, the possible consequences and the measures adopted to manage the crisis. But above all, specialist support in the event of an emergency is essential, to provide indications and tools to manage critical situations in the best possible way.
@ALL RIGHTS RESERVED