As the workplace becomes more digitized, there comes a trade-off of more data protection required. The Internet of Things (IoT) and Artificial Intelligence (AI) are two examples of technological advances that provoke “smart” cyber attacks. CybersecurityVentures predicts that cyber crime damages will total $6 trillion per year by 2021. Cyber crime can range from stolen data and money to intellectual property theft, and it’s the fastest growing crime in the United States. Although the U.S. has an exceptional cybersecurity score compared to some other countries, there is still work to be done. Below are the latest trends that IT security professionals and leaders should know to best protect their company assets and data.
Artificial Intelligence (AI) Continues Replacing Human Employees
The cybersecurity talent gap is high since the unemployment rate in IT is low. More and more companies are starting to use machine learning and AI to automate functions that human employees can do. For example, companies have utilized AI technology that has algorithms to detect malware, viruses and other potential threats. Natural Language Processing (NLP) is a sub-field of AI that focuses on understanding human language, which is becoming common in cybersecurity. For example, many companies use NLP to scan news articles that discuss the latest cyber threats and how to mitigate and prevent them. Using Artificial Intelligence for automation purposes also helps take work off of a busy worker's hands so they have time to do more important, less repetitive tasks.
Although Artificial Intelligence brings many IT security benefits, it must be implemented and maintained by human workers. Hackers can develop AI-based cyber-threats, as well as malware to bypass AI cyber threat detection software. Companies that use AI must regularly update data sets, which is tedious and time consuming. To properly allocate resources, companies should aim to balance between machine learning and human employees. Hiring IT security professionals that can properly test and mitigate network and application vulnerabilities is critical.
Malicious Chatbots on the Rise
Many businesses these days, such as those with e-commerce websites, use insta-chat to better serve users that have immediate questions.Unfortunately, hackers can create malicious AI chatbots to exploit IT security vulnerabilities in websites and chat rooms. Hackers design malicious chatbots to mimic human communication and trick users into providing sensitive information,sending money, and downloading malware containing files. It’s important to have an IT security team that can identify web application vulnerabilities to prevent hackers from inserting malicious code into the web script. Implementing products such as DNS firewall or network security appliances also helps detect and restrict users access to malicious websites.
Better Password Protection Needed
Last year, a Ponemon Institute survey discovered that just 28% of small businesses have effective protocols to prevent cyber vulnerabilities and attacks. Sixty percent of those surveyed stated that employees and contractors have caused more data breaches than external hackers. Lack of password protection is one key cause to data breaches in small and mid-sized companies, and costs over $100,000 in damages. For example, hackers can take advantage of weak passwords to gain access to company data. Additionally,employees who share their login information with others put themselves at risk for hacking. It’s important to build an IT security team that can effectively enforce practices to protect passwords as doing so is a team effort.
Some common practices for creating strong passwords include:
· 8-16 characters
· Combination of letters and symbols
· Combination of upper and lowercase letters
· Requiring password changes once every few months
· Prohibiting use of names, birth dates, and other easy to guess factors