Corporations and small businesses are overwhelmingly targeted by threat actors who are motivated by money. Money is the motive in more than 9 out of 10 incidents. Profit-based cyberattacks tend to end in some kind of negotiation.
Nation-state cyberattacks want to quietly steal intelligence or cause damage. But here’s a key point: we often see organizations underestimate their value as a target to a foreign nation-state and not realize that they can be used to reach the real target, a government agency.
We see far more attacks on private entities that serve as part of the supply chain of critical infrastructure and governments. Significant interruption to one player in the chain can cause a domino effect.
We also see more and more overlap between different categories of attackers in terms of attack vectors, tactics, and techniques. This means more risk, even for small organizations.
With AI grabbing everyone’s attention, cybercriminals and state-associated threat actors are constantly looking for ways to utilize AI in their attacks.
In the short term, attackers with AI have an advantage. They can quickly leverage the strengths of Generative AI (GenAI), such as:
Plus, they don’t have to worry about the things that defenders worry about. More than that, the bad guy’s AI implementation doesn’t have to be perfect — they just have to get it right and succeed in an attack once, while defenders have to get it right all and every single time.
In the longer term, the picture is less clear, but history suggests that it will largely even out.
Most attackers are not developing their own AI systems but are relying on third-party AI tools, some of them widely available, that offer guidance on how to do things.
These tools have limited use for attackers, but they can leverage these tools more aggressively and negligently than software vendors, which gives them an advantage.
Criminal attackers will not develop their own AI systems but will rely on off-the-shelf solutions. The winner will be the one who invests more in training the AI models.
Most cybersecurity teams are just getting started with their AI journey. For the majority of cybersecurity vendors, it’s mostly a marketing tool for now, but we’re starting to see how AI can deliver benefits in cybersecurity.
We see the implementation of AI in:
Ultimately, organizations are looking for real AI systems that can think and make decisions for themselves. No doubt, AI will take on an increasingly important role in cybersecurity.
It’s more important to stay focused on your cyber defenses, make sure your team is properly trained and has the resources to make the most of your security tools, and then identify and close the gaps in your defenses.
That’s how you build cyber resilience for your organization.
