AI, Cybercrime and Trust
Here's a fascinating, forward-looking perspective on cybercrime: This is how artificial intelligence will become weaponized in future cyberattacks
Among other insights, it points out that AI will create new techniques for cybercrime. The most significant of these is "gaining an understanding of what communication is dominant in the target's network and blending in."
Who hasn't heard the story of the diligent employee who fell victim to a clever phishing attack due to domain deception or unclear relationships between vendors? They clicked on what appeared to be an official company domain or perhaps one related to a partner of the company (like their insurer or 401K provider). They filled out the form and provided the requested information, just as they had done many times before.
In other words, employing adaptive behavior typically attributed to human hackers. Scary stuff, especially at the scale that AI could potentially achieve. Using trust to confuse during phishing attacks is not a new technique. That's why many companies insist on hosting customer and partner-facing services under their domain.
These points highlight the incredible opportunity and threat that AI poses. It underscores the importance of maintaining control over data, especially when it leaves your organization. Because even if you can defend your employees against future AI cybercriminals—or cyber-augmented criminals—can you protect your partners, vendors, and customers?
Here's a fascinating, forward-looking perspective on cybercrime: This is how artificial intelligence will become weaponized in future cyberattacks
Among other insights, it points out that AI will create new techniques for cybercrime. The most significant of these is "gaining an understanding of what communication is dominant in the target's network and blending in."
Who hasn't heard the story of the diligent employee who fell victim to a clever phishing attack due to domain deception or unclear relationships between vendors? They clicked on what appeared to be an official company domain or perhaps one related to a partner of the company (like their insurer or 401K provider). They filled out the form and provided the requested information, just as they had done many times before.
In other words, employing adaptive behavior typically attributed to human hackers. Scary stuff, especially at the scale that AI could potentially achieve. Using trust to confuse during phishing attacks is not a new technique. That's why many companies insist on hosting customer and partner-facing services under their domain.
These points highlight the incredible opportunity and threat that AI poses. It underscores the importance of maintaining control over data, especially when it leaves your organization. Because even if you can defend your employees against future AI cybercriminals—or cyber-augmented criminals—can you protect your partners, vendors, and customers?
FAQ
How can CIOs ensure compliance and audit readiness in Microsoft 365?
Balancing collaboration speed with strong governance is the top challenge. Features like Teams/SharePoint external sharing can create oversharing and audit gaps if unmanaged. Pairing Microsoft Purview with a guest-less external collaboration layer like eSHARE keeps data in-tenant, applies existing controls, and gives CIOs/CISOs the visibility they need without slowing work.
What is the biggest Microsoft 365 governance challenge for CIOs and CISOs today?
Balancing collaboration speed with strong governance is the top challenge. Features like Teams/SharePoint external sharing can create oversharing and audit gaps if unmanaged. Pairing Microsoft Purview with a guest-less external collaboration layer like eSHARE keeps data in-tenant, applies existing controls, and gives CIOs/CISOs the visibility they need without slowing work.
How do organizations manage Microsoft 365 guest account sprawl?
Balancing collaboration speed with strong governance is the top challenge. Features like Teams/SharePoint external sharing can create oversharing and audit gaps if unmanaged. Pairing Microsoft Purview with a guest-less external collaboration layer like eSHARE keeps data in-tenant, applies existing controls, and gives CIOs/CISOs the visibility they need without slowing work.
