Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Operational Security

// // //
11:00 AM
Scott Ferguson
Scott Ferguson
News Analysis-Security Now

ISF: Nation States, AI Will Upend Enterprise Security

In its annual look ahead at the changing security landscape, the Information Security Form finds that attacks by nation states against businesses, as well as how AI and machine learning are used, are the biggest challenges within enterprise security.

Attacks directed by nation states, along with the uncertainty that comes from technological developments such as artificial intelligence and machine learning, are some of the developments that will upend the enterprise security market in the coming years, according to a new report.

The Information Security Forum (ISF) released its annual look ahead on Wednesday. This year's report, "Threat Horizon 2020," is based on interviews with large enterprises, including ones on the Fortune 500 and the Forbes 2000 lists, as well as government agencies, small and midsized firms, and individual ISF members.

The non-profit ISF releases the report annually as a two-year window into the cyber threats that enterprises will likely face, as opposed to commenting on the current crop of known threats, such as ransomware. (See Cyberattacks Soared 113% During Fourth Quarter Report.)

(Source: iStock)
(Source: iStock)

This year's report emphasized that cyber operations unleashed by nation states, such as distributed denial of service (DDoS) attacks, are an increasing threat to businesses of all kinds, especially as more and more rely on technology.

In an interview, Steve Durbin, the managing director of ISF, noted that the recent tension between Russia and the UK, following the poisoning of a spy and his daughter, is indicative of how these threats develop to eventually engulf businesses on both sides.

As countries use cyber weapons against one another to retaliate, businesses are likely to be caught in the middle. (See UK Accuses Russia of Launching NotPetya Attacks.)

"In the UK, there was a warning that the government provided to national infrastructure organizations that said if the government goes down this route, you should expect a potential denial of service or other forms of cyber attack, so it would be worth reviewing your resiliency and the way you might deal with some of those things," Durbin told Security Now before the March 21 report was released.

Another example of this happened earlier this month when the US Computer Emergency Readiness Team (US-CERT), along with the FBI and Department of Homeland Security, issued a warning that Russia-backed groups had attempted to infiltrate the Industrial Control Systems (ICS) of different critical infrastructure facilities, including nuclear power plants. (See FBI & DHS Accuse Russia of Hacking Critical Infrastructure.)

The fundamentals of network security are being redefined -- don't get left in the dark by a DDoS attack! Join us in Austin from May 14-16 at the fifth annual Big Communications Event. There's still time to register and communications service providers get in free!

"In the Threat Horizon, we raised this issue of cyber as a weapon of mass disruption," Durbin added. "We also talked about a hybrid attack that is a combination of cyber and physical, and also the reliance businesses have on GPS, and that satellites are also a target."

Whether a business is a primary or secondary target of such an attack, Durbin said it's important for heads of security and chief information security officers (CISOs) to work harder at making system and IT infrastructure resilient.

Since these types of attacks are nearly impossible to stop, it's important that systems can reboot, data is backed up, a plan is in place to isolate infected systems, and employees know what to in case of an emergency.

The trouble with AI
Another security trend that enterprises will face in the next two years is technology itself, specifically developments in machine learning and AI, which is accelerating but hasn't reached full maturity yet.

There are several trends at work here.

There are companies such as Cisco Systems Inc. (Nasdaq: CSCO) and Juniper Networks Inc. (NYSE: JNPR) that are using machine learning to add layers of automation into the network to help better organize data, offer insight and intelligence and keep track of packets coming into and out of the data center to check for signs of malware.

These developments are coupled with an ongoing trend, which started with BYOD, where employees continue to bring new technology into work and eventually onto the corporate network. Policies and procedures from the IT and security teams have a hard time keeping up with the pace of change and innovation.

Cybercriminals are starting to tap into these technologies as well.

"The technology is just developing, developing and developing," Durbin said. "With something like AI, it's available to both sides of the house, and the bad guys are probably better equipped to pick up on something like AI since they don't suffer from some of the same budgetary issues, and they are much more dynamic and entrepreneurial than some companies."

While AI is helping to solve some of the issues that face enterprises when it comes to security, Durbin still urges that businesses invest in "kill switches" to help prevent issues with these technologies from spiraling out of control.

"If we can push it down to true AI, then we can really help security out since it's such a complex environment," Durbin said. "But what if down the road you have the 'good' AI going against the 'bad' AI, and this is why I think organizations need some kind of kill switch because the last thing you want is the machine taking over … but there are a lot of positives happening in this field for security."

Related posts:

— Scott Ferguson, Editor, Enterprise Cloud News. Follow him on Twitter @sferguson_LR.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The 10 Most Impactful Types of Vulnerabilities for Enterprises Today
Managing system vulnerabilities is one of the old est - and most frustrating - security challenges that enterprise defenders face. Every software application and hardware device ships with intrinsic flaws - flaws that, if critical enough, attackers can exploit from anywhere in the world. It's crucial that defenders take stock of what areas of the tech stack have the most emerging, and critical, vulnerabilities they must manage. It's not just zero day vulnerabilities. Consider that CISA's Known Exploited Vulnerabilities (KEV) catalog lists vulnerabilitlies in widely used applications that are "actively exploited," and most of them are flaws that were discovered several years ago and have been fixed. There are also emerging vulnerabilities in 5G networks, cloud infrastructure, Edge applications, and firmwares to consider.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2023-03-17
The Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the full name value in versions up to, and including, 21.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that w...
PUBLISHED: 2023-03-17
The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pec_coupon[code]’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenti...
PUBLISHED: 2023-03-17
A vulnerability was found in SourceCodester Student Study Center Desk Management System 1.0. It has been rated as critical. This issue affects the function view_student of the file admin/?page=students/view_student. The manipulation of the argument id with the input 3' AND (SELECT 2100 FROM (SELECT(...
PUBLISHED: 2023-03-17
A vulnerability classified as critical has been found in SourceCodester Student Study Center Desk Management System 1.0. Affected is an unknown function of the file Master.php?f=delete_img of the component POST Parameter Handler. The manipulation of the argument path with the input C%3A%2Ffoo.txt le...
PUBLISHED: 2023-03-17
A vulnerability classified as critical was found in SourceCodester Student Study Center Desk Management System 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=reports&date_from=2023-02-17&date_to=2023-03-17 of the component Report Handler. The manipula...