The result of the current BSI report is worrying. Ransomware is still on the rise and threatens IT security. But AI also causes headaches for IT managers.
The IT security situation is at risk, according to the current BSI report. Once again or still, one would like to add. Ransomware is still the biggest threat, but it feels like it has been around for so long that it is hardly noticed anymore - to the chagrin of many of those affected. At the same time, a new specter is looming on the horizon that will keep those responsible for security on their toes in the coming years: artificial intelligence. So what can we expect in the area of IT security in the coming year? Sebastian Mehle, Account Manager at Varonis Systems, takes a look into the future:
Data security is establishing itself as an important cybersecurity discipline
Gartner analysts recently brought data security into the focus of cybersecurity with the term they introduced, Data Security Posture Management (DSPM). DSPM focuses on the security posture of the data, providing visibility into where sensitive data resides, who has access to it, how it is used, and how the appropriate security controls and permissions are configured. And even if the approach of putting data at the center of the security strategy is not new, the new term will help to give data and its protection the necessary attention and to establish data security as a decisive factor in IT security.
“Friendly” AI also poses a risk to IT security
When it comes to artificial intelligence cyber threats, most people think of deepfakes, AI-powered phishing campaigns, or AI-created malware. The dangers posed by “friendly” AI tools receive little attention. With its co-pilot, Microsoft has introduced an assistant that is integrated into every Microsoft 365 app such as Word, Excel, PowerPoint, Teams or Outlook. Dias is intended to make work much easier for users and increase productivity.
To ensure that this leads to the desired results, Co-Pilot has access to all sensitive data that the user can access. On average, at least 10 percent of a company's M365 data is accessible to all employees. Sensitive data can quickly find its way into presentations or emails and leave the company. Many other providers, such as Salesforce, are working on similar AI assistants, which greatly increases the risk of (deliberate or accidental) data exfiltration. Therefore, AI-created documents must also be part of the data security strategy.
AI becomes part of the IT security team
In addition to the dangers, the use of artificial intelligence also offers numerous advantages for IT security: machine learning and artificial intelligence have been used in many solutions for years, for example in the area of threat analysis and threat models. More and more, advanced security providers will rely on AI assistants that specialize in conducting investigations, eliminating threats, and proactively securing environments.
In the future, AI will also be able to better analyze alerts and place them in a broader context to help security managers resolve cyber incidents more efficiently. Additional features such as natural language search increase user-friendliness and enable the security team to find answers in seconds to questions such as “Do we have files with passwords that are accessible to everyone on the Internet?” or “Which users have access to our payslips accessed?”.
The NIS 2 directive comes as a complete surprise to many
Who remembers the introduction of the GDPR? Years before it came into force, there was a lot of discussion, debate and explanation. Who does it apply to? What needs to be taken into account? Where are the stumbling blocks? What was done: little. And suddenly it was there, fines were looming and a certain panic was spreading. It was like every year at Christmas: everyone knows when the date is, but in mid-December they are surprised that the presents are just around the corner.
And this is exactly the behavior we are experiencing with the NIS 2 directive: From October 2024, many companies in 18 critical sectors will have mandatory security measures and reporting requirements. Many companies are not even aware that they are affected by the new legislation. And even among those who know, there are still major deficits. A current study shows that only about every second German company affected regularly analyzes the greatest threats to their critical information systems. The clock is ticking. Especially since – just like with the GDPR – it is not enough to install a tool. IT security, also in the sense of NIS 2, is a continuous process that must be established and constantly adapted, but above all must be addressed.
More at Varonis.com
About Varonis Since its founding in 2005, Varonis has taken a different approach than most IT security providers by placing company data stored both locally and in the cloud at the center of its security strategy: sensitive files and e-mails, confidential customer, patient and Employee data, financial data, strategy and product plans and other intellectual property. The Varonis data security platform (DSP) detects insider threats and cyber attacks through the analysis of data, account activities, telemetry and user behavior, prevents or limits data security breaches by locking sensitive, regulated and outdated data and maintains a secure state of the systems through efficient automation .,