9th Annual e-Crime & Cybersecurity Congress Spain
24th October 2023 • Hotel NH Collection Eurobuilding, Madrid
No-one now doubts the cyber threat to national security and economics. So, is AI a help or a problem?
A threat to national prosperity and safety
Cybersecurity is at a crossroads. First, it is now absolutely clear that security is no longer simply a question of enterprise value and reducing business risk, it is also about national economic security, and indeed, national security more fundamentally. In Spain, almost a quarter of all reported crime is digitally-enabled
and the interior ministry has called cybercrime a “remarkable and negative impact on national interests, institutions, companies and citizens.”
This realisation from government and business that cybercrime is more than just another market risk will, finally, force organisations across the spectrum to invest appropriately in security.
In Spain, for example, Spain’s defence minister recently approved the creation of a new military cyberoperations training school to further reinforce national security online. And we have seen public declarations of the need for more offensive cyber operations from countries such as the UK and US.
Second, at the same time, new technologies around ML and generative AI look as though they will transform both the attack and defence sides of the cybersecurity equation.
On the plus side, AI and ML can improve real-time threat detection, SOC analysis and respond better to previously unknown attack types. Automation will free up human analysts for high-value investigations.
In particular, AI holds out the hope of a solution to the perennial problems of phishing and social engineering which remain the most significant vector for malware delivery. It should also revolutionise penetration testing and wargaming.
Against that though, cybercriminals are using AI to carry out a variety of sophisticated attacks, from data poisoning to deepfakes, as well as improving their capabilities in password hacking and automating social engineering attacks.
Security vendors have claimed AI and ML capabilities for some time now, but as generative AI takes off, will those older versions become obsolete and if so, how quickly?
So how will these big picture strategic trends play out in the context of a technology revolution? How will CISOs have to respond – both in terms of providing strategic advice and in terms of understanding the threats and opportunities presented by new technologies?