Companies are expected to deploy artificial intelligence (AI) systems and dynamic encryption algorithms to combat the expected complex cyberattacks arising from the growing use of AI by cybercriminals, reports digital security multinational Gemalto.
Gemalto Africa identity and data protection manager Neil Cosser highlights that, while the simplest protection is to apply encryption, key management and controlling access to data, only 1% of business data lost, stolen or compromised in 2018 was protected through encryption.
“This basic measure is essential because encryption renders the data useless to any unauthorised person, effectively protecting it from being misused.”
The Facebook-Cambridge Analytica scandal reportedly affected more than 60 000 South Africans. During 2017, entertainment company Ster Kinekor’s local online booking system exposed the details of seven-million clients, while the local Master Deeds incident showed that 60-million people had intimate personal data stored in an unprotected database, he illustrates.
Similarly, in May 2018, the details of nearly one-million South Africans who had paid traffic fines was leaked online.
The European General Data Protection Regulation and local protection of personal Information laws empower end-users in terms of who ultimately has their data, while ensuring that companies face punitive fines and sanctions to protect the data they hold.
However, as computing power increases, so does the threat from AI-orchestrated cyberattack campaigns to current security protocols, states Cosser.
Therefore, crypto-agility, reinforced by companies’ use of AI, will enable businesses to employ flexible algorithms that can be changed should the original encryption fail, as well as enable businesses to protect their data from future threats, such as quantum computing, without needing to replace their systems as computing power grows.
“Growing computing power means that hackers will launch sophisticated AI- orchestrated cyberattacks this year. Organisations should embrace AI technology to defend themselves,” says Cosser.
Meanwhile, Gemalto data protection chief technology officer Jason Hart says that, as part of a global survey, Gemalto also found that only 48% of businesses can detect if any of their Internet of Things (IoT) devices have suffered a breach. Further, 79% of companies want more robust guidelines on IoT security and want governments to intervene, while 59% are seeking clarification on who is responsible for protecting IoT.
With the number of connected devices set to top 20 billion by 2023, businesses must act quickly to ensure their IoT breach detection is as effective as possible, he advises.
Despite many governments already having enacted or announced the introduction of regulations specific to IoT security, 95% of businesses believe there should be uniform regulations in place, a finding that is echoed by 95% of end-users who expect IoT devices to be governed by security regulations, he adds.
The key IoT cybersecurity challenges are data privacy and the collection of large amounts of data, with only 59% of those using IoT and spending on IoT security admitting they encrypt all of their data, illustrates Hart.
However, blockchain is emerging as a potential solution, with the adoption of the technology doubling from 9% to 19% over the past year.Creamer Media Senior Deputy Editor