AI-supported attacks challenge companies

29 November 2024
| No comments
AI-supported attacks challenge companies
Advertising

Share post

A cybersecurity provider has released the latest results of a survey of IT leaders. The data shows that AI is making it more difficult to detect phishing and smishing attacks, with 84 percent of IT leaders acknowledging the increasing challenge.

The emergence and continued evolution of artificial intelligence (AI) is transforming cybersecurity, introducing new levels of complexity in threat detection and defense. New research from Keeper Security, a leading provider of zero-trust and zero-knowledge solutions for protecting passwords, passkeys, privileged access and remote connections, shows that while organizations are implementing AI-related policies, there remains a significant challenge in being fully prepared to deal with AI-driven threats.

Advertising

One in eight companies has AI usage policies for employees

According to the Keeper survey, 84 percent of IT and security leaders believe that phishing and smishing attacks - already a critical threat - are even more difficult to detect with AI tools. In response, 81 percent of companies have implemented AI usage policies for employees. Confidence in these policies is also high, with 77 percent of executives saying they are either very familiar or well-versed in AI security best practices.

Despite these efforts, the gap between policies and how AI-driven threats are addressed persists. Keeper's 2024 Top Data Threats report shows that 51 percent of security leaders view AI-powered attacks as the biggest threat to their organizations, and 35 percent believe their organizations are the least prepared to combat these attacks compared to other types of cyber threats.

Advertising

Subscribe to our newsletter now

Read the best news from B2B CYBER SECURITY once a month



By clicking on "Register" I agree to the processing and use of my data in accordance with the declaration of consent (please open for details). I can find more information in our Privacy Policy. After registering, you will first receive a confirmation email so that no other person can order something you don't want.
Expand for details on your consent
It goes without saying that we handle your personal data responsibly. If we collect personal data from you, we process it in compliance with the applicable data protection regulations. Detailed information can be found in our Privacy Policy. You can unsubscribe from the newsletter at any time. You will find a corresponding link in the newsletter. After you have unsubscribed, your data will be deleted as soon as possible. Recovery is not possible. If you would like to receive the newsletter again, simply order it again. Do the same if you want to use a different email address for your newsletter. If you would like to receive the newsletter offered on the website, we need an e-mail address from you as well as information that allows us to verify that you are the owner of the e-mail address provided and that you agree to receive the newsletter. Further data is not collected or only collected on a voluntary basis. We use newsletter service providers, which are described below, to process the newsletter.

CleverReach

This website uses CleverReach to send newsletters. The provider is CleverReach GmbH & Co. KG, Schafjückenweg 2, 26180 Rastede, Germany (hereinafter “CleverReach”). CleverReach is a service that can be used to organize and analyze the sending of newsletters. The data you enter for the purpose of subscribing to the newsletter (e.g. email address) will be stored on the CleverReach servers in Germany or Ireland. Our newsletters sent with CleverReach enable us to analyze the behavior of the newsletter recipients. This can include It is analyzed how many recipients have opened the newsletter message and how often which link in the newsletter was clicked. With the help of so-called conversion tracking, it can also be analyzed whether a previously defined action (e.g. purchase of a product on this website) took place after clicking on the link in the newsletter. Further information on data analysis by CleverReach newsletter is available at: https://www.cleverreach.com/de/funktionen/reporting-und-tracking/. The data processing takes place on the basis of your consent (Art. 6 Para. 1 lit. a DSGVO). You can revoke this consent at any time by unsubscribing from the newsletter. The legality of the data processing operations that have already taken place remains unaffected by the revocation. If you do not want an analysis by CleverReach, you must unsubscribe from the newsletter. For this purpose, we provide a corresponding link in every newsletter message. The data you have stored with us for the purpose of subscribing to the newsletter will be stored by us or the newsletter service provider until you unsubscribe from the newsletter and deleted from the newsletter distribution list after you have canceled the newsletter. Data stored by us for other purposes remain unaffected. After you have been removed from the newsletter distribution list, your e-mail address may be stored by us or the newsletter service provider in a blacklist if this is necessary to prevent future mailings. The data from the blacklist is only used for this purpose and is not merged with other data. This serves both your interest and our interest in complying with the legal requirements when sending newsletters (legitimate interest within the meaning of Art. 6 Para. 1 lit. f GDPR). Storage in the blacklist is not limited in time. You may object to the storage if your interests outweigh our legitimate interest. For more information, see the privacy policy of CleverReach at: https://www.cleverreach.com/de/datenschutz/.

Data processing

We have concluded a data processing agreement (DPA) for the use of the above-mentioned service. This is a contract mandated by data privacy laws that guarantees that they process personal data of our website visitors only based on our instructions and in compliance with the GDPR.

Basic cybersecurity practices are essential

To meet these new challenges, companies are focusing on several key strategies:

  • Data encryption: This is the most widely used measure: 51 percent of IT leaders have included it in their security strategies. Encryption helps protect sensitive data from unauthorized access, which is critical for defending against AI-driven attacks.
  • Training and awareness raising of employees: As a high priority, 45 percent of organizations are focusing on improving their training programs to better prepare their employees for the evolving threat landscape. Effective training can help employees recognize and respond to AI-powered phishing and smishing attempts.
  • Advanced threat detection systems: With 41 percent of organizations investing in these systems, there is a clear focus on improving the ability to detect and respond to sophisticated, AI-driven threats. Advanced threat detection solutions can provide early warning and mitigate potential damage from these attacks.

The emergence of AI-driven cyberattacks presents new challenges. Basic cybersecurity practices – such as data encryption, employee training or advanced threat detection – remain essential. Organizations must ensure that these basic measures are regularly updated and adapted to new threats.

Proactive, advanced security solutions strengthen resilience

In addition to these basic measures, adopting advanced security frameworks such as Zero Trust and implementing Privileged Access Management (PAM) solutions such as KeeperPAM can significantly improve resilience. Zero Trust ensures that every user, device, and application is continuously verified before accessing critical systems, minimizing the risk of unauthorized access and limiting the radius of spread in the event of an attack. PAM helps protect an organization's sensitive accounts by controlling, monitoring, and auditing privileged access, which is especially important for defending against sophisticated AI-driven attacks that target sensitive credentials.

Organizations should also be proactive by regularly reviewing their security policies, conducting routine audits, and fostering a culture of cybersecurity awareness. Even as organizations make progress, cybersecurity is an ever-evolving field that requires constant vigilance. Combining basic practices with modern approaches like Zero Trust and PAM will help organizations stay ahead of evolving AI-powered threats.

Go directly to the report on KeeperSecurity.com

 

About Keeper Security

Keeper Security is changing the way people and organizations around the world protect their passwords, secrets and sensitive information. Keeper's easy-to-use cybersecurity platform is built on the foundation of zero-trust, zero-knowledge security to protect every user and every device.

 

Matching articles on the topic

NIS2 – how a SaaS infrastructure contributes

It is estimated that up to 40.000 German companies will be affected by NIS2 in the future. The directive is intended to improve cyber resilience and ➡ Read more

Zero-Trust Architecture – Opportunities & Risks

Trust is good, control is better: The Zero Trust architecture turns traditional security models on their head by checking every access – ➡ Read more

25 years with numerous cybersecurity challenges

As we approached the year 2000, the IT and business world looked with concern at the infamous “Y2K bug” – a ➡ Read more

DeepSeek and Qwen are the tools of hackers

Criminals are increasingly exploiting DeepSeek and Qwen, using jailbreaking techniques to create their malicious content to commit financial and information theft. ➡ Read more

Passkeys: Efficient management supports CISOs

New security passkey management solution supports organizations with secure authentication, offering IT complete control over the entire lifecycle ➡ Read more

These are the most important security vulnerabilities and attack techniques

The number of reported security vulnerabilities increased by 2024 percent in 38. With the increasing dependence on software systems, the ➡ Read more

DORA: How financial companies are meeting the challenges

The Digital Operational Resilience Act (DORA) was passed to address the increasing cyber threats in the financial industry and to ➡ Read more

NIS-2 has failed – waiting is still not an option

While other EU countries have long since established clear guidelines for NIS-2, implementation in Germany has failed for the time being. This means that parts ➡ Read more

PR News
, , , , , , ,