Though exciting, investing in new AI technology may prove not so intelligent. Have you ever held back on being the first to buy the latest tech gadget, then rejoiced when you heard on the news hackers also wanted to be the first…to destroy the new gadget’s security? Nobody cares to hack into a flip phone today…for your consideration, think how secure flip phones are these days.
Imagine those eager, early adopter hackers attacking your organization’s brand new multi-million dollar, technologically-advanced, AI supply chain. Tested, installed, and launched after several hundred worldwide meetings, conferences, negotiations, deadlines, budget considerations, and approvals. Except real-world hackers were not at those meetings, they want your information, and they love new AI technology too.
AI combined with machine-learning is dynamic and agile, it has to be. With weaponized AI, cyber-security red teams learn from hackers how to be fluid, speedy in adaptation, flexible, clever, and creative. A software engineer will not understand the intricacies of multiple disciplines, or all the specific vernacular of, for example, Lean Manufacturing, but AI will. Learning from billions of data points across a matter of seconds, AI in cybersecurity applications uses reasoning to filter patterns of threats. Machine learning absorbs this knowledge, prepares and adapts for defense with phasers set to stun (so to speak), in order for it to analyze, dissect, and learn even more. Trouble is, savvy hackers everywhere do the same.
Technical Surveillance Countermeasures and AI
Organizations large and small, require personalized and cultivated Technical Surveillance Countermeasures (TSCM) to protect against such hostile and sophisticated actors. As AI grows and develops, quality TSCM does so as well. Business travelers, in particular, are routinely targeted in corporate espionage schemes. Not working in the cybersecurity sector, travelers can not always be completely abreast of all the evolving threats launched against they and their corporate information.
Attending corporate security briefings and mandatory courses to protect company and proprietary information, we have all certainly become more aware of cyber vulnerabilities on public WiFi networks, eavesdropping at restaurants, competitors attempts to collect open source collateral at conferences, and social engineering. Sometimes the best cyber-defense does not require AI at all, but, in fact, more human intelligence tact, some say common sense. Engaging TSCM is practical, common sense.
Before your large budget expenditures are approved for the latest AI buzzwords and gadgets, let the early adopters “learn” the faulty vulnerabilities and adapt. Use that capital to build a more robust cyberthreat countermeasure program. Then as a seasoned, more competent, and better equipped cyber defense community builds expertise countering AI hackers, your organization will benefit from such a prudent and experienced approach thereby avoiding all the hassles of jumping on the overcrowded AI bandwagon. My father ran his successful company for years with a paper and pencil, he and his company were un-hackable. It can be done.