Due to economic turbulence and a relentless surge in cyber threats, today's cybersecurity landscape requires enterprises to remain resilient by adapting to security risks. Many organizations have chosen to adapt to these risks by embracing modern technology such as generative artificial intelligence (GenAI), which can present new risks if not implemented properly. The speed at which companies innovate and adopt new technology is far outpacing the security measures that must be addressed first. This issue is compounded by the fact that innovation is moving faster than ever before, emphasizing go-to-market over producing secure technology.[1]
Recent insights reported in the "2024 Thales Data Threat Report" ("DTR")[2] shed light on the intricate challenges facing organizations today. Almost all (93%) respondents report increased attacks such as malware, ransomware, and phishing, among the many pressing concerns emerging technologies present. There is a critical need for a proactive and comprehensive approach to cybersecurity. Amid the backdrop of technological advancement, three prominent focal points for effective cybersecurity arise in the modern era.
The rise of AI yields a new era of innovation, with 22% of enterprises planning to integrate AI into their products and services within the next 12 months. An additional 33% are gearing up to experiment with this transformative technology. With this innovation comes unknown vulnerabilities to a company's security posture.
Because data train large language models (LLMs), the input information could be stored and resurfaced if prompted by a particular query. Should employees enter confidential information into an AI platform, the risk of this form of extraction runs high. Additionally, prompt injection is a proven threat to AI, where hackers trick chatbots by inputting deceptive triggers to override their instructions. This exploits the predictive nature of LLMs, which drive AI responses.
See: https://redskyalliance.org/xindustry/llm-gpt-ai
Ultimately, facing the pressure to innovate quickly, companies rushing to implement AI could strain operational systems, making them more susceptible to cyberattacks or abuse. This is a probable scenario for many, despite numerous industry examples showing the dangers of prioritizing adoption speed over security.
Organizations need to create robust policies or adhere to published guidance from organizations like the Cybersecurity and Infrastructure Security Agency (CISA) to ensure the LLMs being leveraged or developed internally don't have access to sensitive data. Otherwise, pausing to focus on compliance as new regulations are enacted is an intense course of action, as the DTR found that companies with better compliance are ten times less likely to experience a breach.
The National Institute of Standards and Technology (NIST) approved four cipher suites in July 2022; post-quantum cryptography (PQC) has become increasingly relevant in tackling a looming threat that is gradually becoming more immediate. Despite the absence of any verified or recurring quantum computing attacks on conventionally encrypted data, there is still cause for proactive measures. Though quantum computing is not yet a threat to cryptographic standards, the data encrypted using traditional methods today could potentially be gathered to decrypt it in the future in "harvest now, decrypt later" attacks.
For these threats, PQC presents itself as the primary defense against the looming threat of quantum computing. Almost half (48%) of respondents have not recognized PQC as the cornerstone of future cryptographic strategies. Consequently, many companies aren't investing in PQC because it seems years away from tangible adoption, but the reality is that data is presently being harvested. Businesses can future-proof their technology by making the proper investments. Soon, customers will be looking for products built only with PQC to defend against sophisticated cyberattacks or elevate their cybersecurity efforts otherwise. While we still may be a few years out from quantum, the organizations that will be ready when that innovation comes are preparing now.
Given the adoption of new technologies, the need for security to be integrated seamlessly into digital products and services has never been higher. Specifically, when assessing cloud and DevOps environments, secrets management was the greatest security concern for 56% of DTR respondents, followed by workforce identity and access management (IAM) and authorization.
For developers, these three challenges are closely related, as they all require tasks for privileged users and the workload lifecycle they manage. However, the common difficulty with secrets is that they are designed as "bearer tokens," granting access to whoever possesses said token, password, API (application programming interfaces) key, encryption key, or any other credential. When secrets are "lost," for instance, included in code as plain, readable text, hackers won't need to impersonate internal users to gain access. Thus, the consequences are severe.
Adopting a data-centric security architecture is key to improving security across these environments. Organizations can mature their DevSecOps practices by leveraging new frameworks, such as the NIST "Guide to Operational Technology (OT) Security"[3], which are standards to improve the quality and resilience of overall engineering performance. Security champions are also crucial to the development team and should provide clear, practical security guidance to manage privileges and store secrets better.
The pace of technological development is astounding, with innovation emerging rapidly in recent years. While enthusiasm to adopt the latest technology is understandable, this excitement cannot overshadow critical security considerations. Despite the variety of new threats that invariably accompany modern technology, many of the mistakes being encountered are recurring issues.
It is imperative to develop robust policies for new tech and futureproofing by favoring investments in security. Trusting device security out of the box is no longer viable; evaluation and strong security practices should precede adoption. Industry can and should continue to embrace innovation but with the understanding to remain vigilant against evolving vulnerabilities by demonstrating security as a priority.
This article is shared at no charge and is for educational and informational purposes only.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. We provide indicators of compromise information via a notification service (RedXray) or an analysis service (CTAC). For questions, comments, or assistance, please get in touch with the office directly at 1-844-492-7225 or feedback@redskyalliance.com
- Reporting: https://www.redskyalliance.org/
- Website: https://www.redskyalliance.com/
- LinkedIn: https://www.linkedin.com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://register.gotowebinar.com/register/5378972949933166424
[1] https://www.darkreading.com/vulnerabilities-threats/current-cybersecurity-landscape-new-threats-same-security-mistakes
Comments