High-stakes in the cyber-security arms race

Danny Lopez at Glasswall looks at how AI is shaping the way governments approach cyber-security

 

By the end of last year, roughly half the world’s population had elected their leaders in what was described as ‘democracy’s big year’. For many countries, this has ushered in periods of significant change, with new governments mandated to deliver on their domestic and international priorities.

 

One of the most pressing issues shared by everyone in authority is confronting the risks to national security and economic stability caused by cyber-crime. During every administration, the issues become more embedded within political discourse as the impact continues to be felt. Five years ago, for example, the 2020 IBM Cost of a Data Breach report revealed that the average time required to identify and contain a data breach was 280 days.

 

Fast forward to 2024, and the time required had dropped to 258 days – welcome news, but a figure that still equates to around eight-and-a-half months of disruption. Moreover, during the same period, the average cost of a breach has gone from $3.86 million in 2020 to an all-time high of $4.88 million last year. The bottom line, according to one industry source, is that cyber-crime is expected to cost nearly $14 trillion globally by 2028.

 

AI – for better or for worse

So where does this leave existing and new governments under growing pressure to turn these numbers around or, at the very least, limit their growth? There are a range of urgent priorities to address, among the most pressing being the role of AI. For cyber-security teams and their adversaries, AI has recalibrated how they operate – a process that is certain to accelerate as experience with these technologies deepens.

 

The 2024 PwC Digital Trust Insights report, for example, revealed that 69% of respondents planned to use AI for cyber-defence in the next 12 months, while 47% already use the technology for cyber-risk detection and mitigation.

 

On the other side of the technology arms race, Gen AI can “augment malicious actors at every stage of the attack kill chain,” according to an industry study. This starts with reconnaissance activities, where CAPTCHA-breaking software and OSINT (Open Source Intelligence) are used to gather information about an organisation’s attack surface and potential vulnerabilities. From weaponisation and delivery to lateral movement, exfiltration and encryption, cyber-crime is being automated at a huge scale.

 

Think of it this way: speaking to The Register last year, JPMorgan Chase’s CEO revealed that the company repels 45 billion cyber-attacks per day (over half a million a second). Given that this represents the experience of just one large organisation, it’s somewhat easier to put the scale of the challenge into perspective. Adding AI-powered automation to the picture shows the monumental difficulties CISOs are facing.

 

Can we regulate our way out?

As the PwC report correctly identifies, “Policymakers around the world are scrambling to set limits and increase accountability” for AI in general – cyber-security being a major regulatory incentive. Acting on this clear sense of urgency is important, and regulations are already hitting the statute books in the US, EU and elsewhere.

 

The big question is, will this be enough to drive security standards in the right direction? That remains to be seen, but looking at data protection laws such as GDPR, which has now been active for six years, opinion is split on its overall effectiveness.

 

Looking ahead, even though we’ve yet to see the major AI-related security breaches and errors that many industry experts have predicted, they are certain to arrive. Given that, according to PwC, nearly two-thirds of C-level executives said they would be comfortable deploying generative AI before having internal policies for data governance and policy in place, we could be in for a rough ride.

 

Where do we go from here?

Clearly, this is an unequal battle. Unburdened by morality, ethics or governance, threat actors can implement AI with impunity. This raises some very real concerns about the ability of organisations to keep pace with the speed of change, particularly those reliant on legacy technologies where the detection of known threats is key to keeping systems and data secure.

 

For instance, organisations that can’t defend against new and zero-day attacks will find themselves in a very difficult position. This is a vital consideration that throws even more weight behind the zero-trust approach to cyber-security, where, by default, no interaction with IT infrastructure, whether inside or outside of a network, is deemed trustworthy.

 

In this context, security technologies that deliver proactive defence against unknown security threats and vulnerabilities are certain to play a more important role as the arms race escalates. 

 

---

 

Danny Lopez is CEO of Glasswall

 

Main image courtesy of iStockPhoto.com and sankai