From risk to resilience: cyber defences in the AI era

To combat these evolving threats, the security industry is undergoing a transformative shift from traditional methods to innovative, data-driven strategies. Below, we look at key components.

Move on from silos

Today, cybersecurity must be integrated into all aspects of operations. The focus has moved from security to approaches that prioritise resilience and risk. Digital defence systems must reach seamlessly across all departments and business levels.

Speaking to GRC World Forums, VP of Compliance and Risk at Progress Residential, Elizabeth Simon says:

“Transparency, communication, and relationship building are three key values needed to break down silos and establish a culture of holistic risk management. Leaders throughout the organisation, from the front-line managers to the executives need to be aware of how the organisation is identifying and managing risk.

“Being able to communicate the “why” behind what is being asked of them, particularly of the front-line supervisors and managers, is key in helping to provide insight into the bigger picture of the importance of risk management to strategic objectives.”

Adapting to internal and external threats

The adoption of zero-trust models and a focus on identity threat management are milestones on the journey towards more sophisticated, data-driven security practices. 

We need to defend against known threats but also anticipate and mitigate potential vulnerabilities from within. Remember: cybersecurity is only as strong as the individuals and cultures that uphold it.

Speaking to GRC World Forums, Information Security Officer and DPO at B. GROB do Brasil S.A, Igor Gutierrez says: 

“Cyber criminals will always focus their attacks on the human factor and the failures of the tools that support the business. It is necessary to work together within companies so that the technology is implemented within the limits that can be considered safe. 

“It is extremely important that companies in the same sector also share attack information (TTPs and IoCs) and AI models used for defence so that together they can have more agility in counterattacks and the evolution of their defences, becoming a more expensive target to be attacked.

“Likewise, there needs to be collaboration between governments, regulators and technology companies to better manage AI risks through smart policies.”

Leveraging AI and ML

Technological advancements in AI and machine learning have revolutionised security monitoring, allowing organisations to detect and respond to threats more efficiently. By analysing vast amounts of data, we can identify patterns and predict potential weak spots. 

Partnering with external service providers can help bridge the gaps in staff and strategy, embedding a cybersecurity culture throughout the entire IT stack. But there are pitfalls, as

RegTech Adviser and Law Professor at Fordham Law School, Stan Yakoff explains:

“[One problem concerns] trying to rush a ‘solution’ without clearly understanding and articulating the problem statement being solved. Counter to the hype seen today, there are plenty of problem statements where AI is not the most effective answer and there is a simpler, more cost-efficient, and timely approach. 

“For example, the solution instead may be: (1) process automation or (2) the incorporation of additional contextual data available internally or externally to aid with decision-making.

“Failing to understand and control data lineage from its generation to its ultimate consumption, [is another pitfall]; if the data is necessary for accurate operations and it is not in your control or transparent oversight, you risk getting spurious outputs without possibly even knowing it.” 

Know the risks

By integrating advanced monitoring capabilities, strategic planning, and a deep understanding of business operations, organisations can safeguard against existing threats and anticipate future challenges. 

The issues are examined in depth this October at #RISK London, where industry leaders explore the roles that data-driven strategy, business functionality, and regulatory compliance play within building a resilient security posture.