The impact of new age tools on cybersecurity

The impact of new age tools on cybersecurity has been profound, revolutionizing the way organizations protect their digital assets. With the advent of advanced technologies such as artificial intelligence, machine learning, and automation, cybersecurity professionals now have powerful tools at their disposal to detect, prevent, and respond to cyber threats in real-time. On the other hand, the advent of these tools have given rise to concerns of them being used by malicious elements. Along the same lines, Preeti Singh, associate director- IT security Risk and Compliance, Osttra recently spoke to Dataquest.

DQ: What are the implications of new age tools like ChatGPT on the security industry?

Preeti SIngh: While AI revolution is not a recent development, it has been years of study and innovation. These generative tools offer benefits in the cybersecurity industry, where resource limitations and talent gaps exist, helping to increase the efficiency of cybersecurity staff and filling skill gaps within teams. They can identify and mitigate network security threats, automate security incident analysis, and accurately filter spam emails faster than human capabilities.

However, there are also concerns to address. Hackers can exploit these tools to craft sophisticated phishing emails and quickly generate malicious code for hacking purposes. Existing vulnerabilities in these tools can lead to data breaches, and employees might unknowingly expose sensitive business information in chatGPT, which saves messages on open AI servers.

To effectively adopt such technologies, the cybersecurity industry must consider both the advantages and disadvantages. Proper training, validation, and complete oversight of the tools are essential to mitigate associated risks. Speaker 1 emphasizes the significance of weighing the pros and cons and handling the implementation carefully for a secure use of chatGPT and similar technologies in the security industry.

DQ: How should CISOs and CIOs overcome these concerns?

Preeti Singh: If a CIO is the driving force behind digital transformation and technical evaluation in any organization, then the CISO acts as a crucial brake, preventing information leakage and ensuring technology security. It is essential for CISOs and CIOs to collaborate and address security and technology concerns in the current generation.

To protect against these concerns, several steps and actions are necessary. First, conducting risk assessments is crucial to identify potential vulnerabilities in deploying new systems. CISOs cannot do this alone; they need support from CIOs. Secondly, when utilizing these tools in the infrastructure, implementing the right set of access control, authentication, and identity management controls is vital to prevent unauthorized access.

Furthermore, adopting secure development practices within the organization is essential, including testing for vulnerabilities before systems go live. This requires a proper SDLC framework that prioritizes security from development to deployment. Monitoring and logging mechanisms should also be established to detect and respond to security incidents promptly.

Strong data privacy measures, such as encryption and safeguards for sensitive information, must be implemented. Organizations need to regularly patch their systems to stay protected from evolving security vulnerabilities and potential exploits by hackers. Creating user awareness and training programs are equally important as human behavior can be the weakest link in security.

Developing a well-defined incident response plan, including data leakage incidents from tools like ChatGPT, is crucial for effective incident management. Additionally, if AI services are outsourced to a third-party vendor, conducting thorough due diligence on their security practices and contractual obligations is essential to safeguarding shared data and information.

In conclusion, the collaboration between CISOs and CIOs and the implementation of proactive security measures are vital to overcoming these security issues in the technology landscape.

DQ: How can multinational organisations navigate diverse cyber security and data protection regulations around the world?

Preeti Singh: At present, more than 100 countries are engaged in formulating data protection and privacy bills, leading multinational companies to grapple with upcoming regulations in the realm of data privacy. This challenge is not limited to major countries like Europe, the UK, and the US, as jurisdictions worldwide are introducing their own data privacy laws. The main issue arises from the inconsistency among these regulations, requiring companies to navigate through various frameworks and develop concrete plans to ensure compliance.

To address these concerns effectively, a dedicated compliance team comprising experts from legal, IT security, and privacy fields should be established. This team's role would involve conducting in-depth analyses of cybersecurity and data protection regulations applicable to the organization's operations. They must identify specific requirements related to data ownership, consent, localization, cross-border data transfers, privacy rights, and more. Based on this assessment, the team can develop a framework to bridge any gaps in compliance.

Security controls such as encryption, tokenization, and harmonization should be universally implemented to protect data and privacy in line with the applicable standards and regulations. Additionally, a robust data incident response plan must be in place to align with notification requirements across different jurisdictions. Timely reporting of incidents to individuals, regulatory authorities, and stakeholders can shield the organization from potential penalties.

Defining policies and procedures to handle data classification, protection, and security across all layers (at rest, in use, and during transmission) is essential. It fosters a culture of compliance, where every employee is responsible for safeguarding company data, whether personally identifiable information (PII) or non-PII.

Staying updated on emerging cybersecurity and data protection technologies is crucial. Evaluating their potential impact on compliance efforts and embracing advanced solutions will enhance data protection and cybersecurity measures.

Lastly, if the organization relies on third-party vendors, implementing a robust management program is vital. Assessing vendors' data protection and cybersecurity practices and ensuring compliance with applicable regulations should be part of the contract clauses to safeguard the organization.

By adhering to these practices, companies can navigate the complex landscape of data privacy regulations and ensure comprehensive compliance, ultimately safeguarding both their data and reputation.

DQ: How can CISOs and CIOs can partner with CEO and other board members to improve agility and responsiveness, and enhance an organisation’s security posture?

Preeti Singh: What I believe is that CIOs, board members, and partners are primarily business-oriented individuals who focus on numbers, profits, and smooth operations. However, when it comes to security, they rely on CISOs and CIOs, lacking a deep understanding of security matters. Bridging this gap is crucial, and CISOs and CIOs should simplify security concepts to help business leaders grasp its importance as a business need. Furthermore, they should assist leadership in becoming cybersecurity risk-aware, highlighting the potential impact of cybersecurity on the business to gain support for security initiatives.

To effectively communicate with CEOs and board members, security and tech leaders must present IT and security plans in terms of risk, cost, and business impact, ensuring these elements align with each other. Partnering with CIOs and board members to enhance agility and responsiveness and fostering a security-conscious culture through organization-wide training is essential. When the security-conscious culture is established from top to bottom, the vision of CISOs and CIOs will naturally be fulfilled.

Moreover, CISOs and CIOs need to align security initiatives with the business strategy and objectives. Understanding the company's business objectives and aligning technology and security strategies accordingly is crucial. For example, if the objective is digital transformation, proposing a plan that supports digitalization, including security and digital innovations, is vital.

Working closely with CEOs and board members, CISOs and CIOs should provide insights into potential threats and vulnerabilities and collaborate to improve security postures and governance frameworks across the organization. These small but impactful steps will help CEOs and CIOs prioritize technology and security on par with other initiatives aimed at business growth.