NC TECH Panel Ponders Cyber Future and Possible New Threats

While cyberattacks are on the rise and new technologies are fueling more and more worry about the state of security for enterprises of all sizes, getting back to basics may be the best approach.

That seemed to be the consensus among the panel of experts gathered Thursday at NC TECH’s State of Technology event in Durham, N.C. Led by moderator Chad Rychlewski, cybersecurity lead at Accenture, the group explored topics ranging from malware to artificial intelligence used in both defense and on the attack side.

Part of the difficulty in dealing with generative artificial intelligence (GenAI) being used in cyberattacks is that the threat is newer. Deepfake videos, audio, and text that is increasingly sophisticated is being deployed by cyber criminals. “How do you think about defending against things like deepfakes? Unfortunately, the industry doesn’t really have a good answer,” said Samuel Cameron, AI security architect at education company Pearson.

And right now, he notes, it’s Big Tech spending the money to solve the biggest threat questions. That’s both a good thing and a bad thing, he said. “I think that’s great -- the question is, do we want to rely on Big Tech companies to tell us what’s real and what is fake?”

Smaller companies and organizations must start finding their own solutions as well, Cameron said. “I think going forward as defenders of cybers, we have to think about how we can lead by defending against deepfakes.”

Related:How Does the Ransomware-as-a-Service Model Work?

For Jon Sternstein, founder and CEO of Stern Security, as technology evolves and cyberattacks get more sophisticated, defenders can still lean on tried-and-true techniques. “The protective measures, I’m really encouraged that those are not changing all that much … I mean, you still should have multifactor authentication in place.”

The cyberattack sophistication also presents a learning opportunity. “Just think about all the opportunities out there on the SOC side or for analysts -- making the work more meaningful. That side is really exciting. It’s not all scary,” Sternstein said.

For Maryam Meseha, a founding partner at law firm Pierson Ferdinand, companies don’t necessarily need to reimagine their security practices because of new and evolving threats. “I think that’s it’s really just going back to the basics,” she said. Even with more sophisticated attacks, “the weakest link is always going to be the human. Even if the technology advances, we’re going back to a place of understanding, where we can at least validate [an email or other communication].”

Related:‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure

Cyberattackers Offer Advice

Stern told a story about a ransomware group that actually contacted the firm after the ransom was paid to give some tips on how to prevent similar attacks in the future. “I believe the payout was like $200,000 or something,” he said. “[The attackers] sent the organization a small write up of exactly how they broke into the organization and how they traversed through the network and then encrypted information.”

Meseha noted that one attacker told her clients they needed time to reply because “they had to pick their kids up from school. We laugh about these things, but they’re humans too -- just on the other side of the fence. You have to understand what the motivations are and nine times out of 10, it’s monetary. And they will help your IT folks on how to patch whatever the vulnerability was … because they don’t want their competitors going in after them.”

Watching Out for Third-Party Vulnerability

While major attacks on institutions and large corporations grab headlines. Smaller attacks happen frequently and can serve as a back door to larger attacks.

“That’s a risk that clients often don’t think about,” Meseha said. “On their end, they might have protocols, they have great teams working on them. They have all the bells and whistles, and they’ve done everything right. And then they turn around and they realize that the issues actually had nothing to do with them. It’s with this party that they’ve contracted with.”

Related:Four Horsemen of Cyber Reunite at the RSA Conference

She said it’s important for companies to have vendor protocols and ask about their security up front.

Rick Doten, CISO of Carolina Complete Health, said the healthcare industry is more mature than others in vendor security policies. “In health tech, we are still liable if there was an incident further down the chain,” he said.

One way to mitigate exposure to third-party cyber risk is to limit the amount of data shared, Sternstein said. “There are so many times that I’ve worked with third parties and organizations and see the amount of data they are sending and we ask, ‘Why are you sending all this data?’ I strongly encourage organizations to carefully look at what the vendor third party actually needs and focus on minimizing the data.”