teissTalk: Better security awareness training with AI

On 10 October 2024, Teiss Talk host Thom Langford was joined by Rebecca Stephenson, Specialist Lead Lecturer in Digital Pedagogy, Government of Jersey; and Ben Wynn-Jones, Information Awareness Lead, Canon EMEA .

 

Views on news 

Email phishing attacks rose by 28% in Q2 2024 compared to Q1, with attackers deploying effective ways to overcome defences, according to a new Egress report. One prevalent tactic used by attackers was sending phishing emails from familiar accounts to bypass authentication protocols. Increase in these numbers is partly due to the AI tools that attackers use – a cheap AI tool, for example, can detect weaknesses in secure email gateways. Training is often limited to not clicking on links in emails, while WhatsApp and teams aren’t covered.

 

With that in mind, training should become more generic and applicable to all devices, especially mobile. And raising awareness shouldn’t be limited to links in emails but also what comes afterwords – the page where it leads, designed to capture user credentials. It must also be explained what a good URL or log-in page should look like. 

 

Adapting to new trends and attack vectors

What makes people click on what they shouldn’t is often the lack of attention resulting from multitasking. That’s why prompts at the point of performing negative action can be so effective. To ensure that next generations will do better, it’s key to teach students, mostly digital natives, cyber security awareness.

 

As the design of mobiles is geared towards quick and easy use, it’s so much easier to fall victim to cybercrime on them. Therefore, a new level of training must be added to take that feature of mobiles into consideration. AI can help with enhancing cyber security too.

 

A solution, for example, can provide first response feedback to a user on the risk an email that they have flagged up is posing based on whether the hyperlink or the sender has already been labelled as malicious. These solutions can also lower the load on security operations teams. These systems can reduce the number of false positives by leveraging real-time location and other data. AI can also be tailored to user behaviours on different platforms to better detect anomalies.

 

However, with the use of AI platforms internally, special care must be taken regarding sensitive corporate data. The safest way to ensure no sensitive data is leaked into the public domain is to include strict data protection terms in contracts with service providers. AI can also be leveraged to monitor employees’ user behaviour and then for sending out microlearning pieces to them when an anomaly in behaviour is detected – the pieces’ content can also be adjusted to the user’s previous behaviour and learning patterns. 

 

The panel’s advice

• Repeating messages may lead to an alert fatigue.
• Paradoxically, younger people as digital natives tend to be more blase about data security.
• New countries get targeted by cybercriminals as new languages become accessible through translation AI.
• Stay cool, calm and collected when dealing with social engineering or responding to a cyber incident.