By the end of the coming year, the cost of cyber attacks on the global economy is predicted to top $10.5 trillion.

This staggering amount reflects the growing need for cyber security to be treated as a strategic priority on an individual, organizational and governmental level.

As in every other field of business and technological endeavor, artificial intelligence (AI) will have a transformative impact on both attack and defense. Its impact will be felt across every one of the trends covered here.

The Cyber Security Skills Crunch

A shortage of professionals with the skills needed to protect organizations from cyber attacks continues to be a running theme throughout 2024. In fact, the situation appears to be getting worse – research indicates that a majority (54 percent) of cyber security professionals believe that the impact of the skills shortage on their organization has worsened over the past two years. We can expect efforts to rectify this situation to include a continued increase in salaries paid to those with the necessary skills, as well as greater investment in training, development and upskilling programs.

As AI increases in sophisticoation at a frankly alarming rate, we will continue to see more sophisticated and smart AI-powered attacks. This will range from deepfake social engineering attempts to automated malware that intelligently adapts in order to evade detection. At the same time, it will help us detect, evade or neutralize threats thanks to real-time anomaly detection, smart authentication and automated incident response. If cyber attack and defense in 2024 is a game of chess, then AI is the queen – with the ability to create powerful strategic advantages for whoever plays it best.

Next-Level Phishing Attacks

Social engineering attacks involving tricking users into giving attackers access to systems will also increase in sophistication. Generative AI (such as ChatGPT) tools enable more attackers to make smarter, more personalized approaches, and deepfake attacks will become increasingly prevalent. The response to this will largely revolve around organization-wide awareness and education, although AI and zero trust will play a growing role, too.

Cyber Security In The Board Room

In 2024, cybersecurity is a strategic priority that can no longer be siloed in the IT department. Gartner has predicted that by 2026, 70 percent of boards will include at least one member with expertise in the field. This enables organizations to move beyond reactive defense, meaning that they can act on new business opportunities that come with being prepared.

IoT Cyber Attacks

More devices talking to each other and accessing the internet means more potential “ins” for cyber attackers to take advantage of. With the work-from-home revolution continuing, the risks posed by workers connecting or sharing data over improperly secured devices will continue to be a threat. Often, these devices are designed for ease of use and convenience rather than secure operations, and home consumer IoT devices may be at risk due to weak security protocols and passwords. The fact that industry has generally dragged its feet over the implementation of IoT security standards, despite the fact that the vulnerabilities have been apparent for many years, means it will continue to be a cyber security weak spot – though this is changing (more on this below).

Cyber Resilience – Beyond Cyber Security

Two terms that are often used interchangeably are cyber security and cyber resilience. However, the distinction will become increasingly important during 2024 and beyond. While the focus of cyber security is on preventing attacks, the growing value placed on resilience by many organizations reflects the hard truth that even the best security can’t guarantee 100 percent protection. Resilience measures are designed to ensure continuity of operations even in the wake of a successful breach. Developing the capability to recover in an agile manner while minimizing data loss and downtime will be a strategic priority in 2024.

Less Than Zero Trust

The fundamental concept of zero trust – always verify – evolves as systems become more complex and security is integrated into business strategy. Zero trust states that there is no perimeter within which network activity can be assumed to be safe. As the threat landscape evolves, this principle extends beyond the corporate network to the ecosystem of remote workers, partnered organizations and IoT devices. In 2024, zero trust moves from being a technical network security model to something adaptive and holistic, enabled by continuous AI-powered real-time authentication and activity monitoring.

Cyber Warfare And State-Sponsored Cyber Attacks

The war in Ukraine, which looks set to enter its third year, has exposed the extent to which states are willing and able to deploy cyber attacks against military and civilian infrastructure in 2024. It’s a safe bet that going forward, wherever military operations take place around the world, they will go hand-in-hand with cyber warfare operations. The most common tactics include phishing attacks designed to gain access to systems for the purposes of disruption and espionage and distributed denial-of-service attacks to disable communications, public utilities, transport and security infrastructure. Outside of warfare, major elections will take place in 2024 in countries including the US, UK and India, and we can expect an increase in cyber attacks aimed at disrupting the democratic process.

Soft Skills Becoming Increasingly Essential For Cyber Security Professionals

Cybersecurity professionals will increasingly be expected to take on more complex workloads during 2024 as the threat landscape grows ever more sophisticated. This doesn’t simply mean in a technical sense – those with responsibility for countering cyber threats will also find themselves tasked with more complex social and cultural aspects of threat mitigation. This will lead to a growing reliance on soft skills such as interpersonal communication, relationship-building and problem-solving.

Cyber Security Regulation

Governments and organizations are becoming increasingly aware of the risks to national security and to economic growth posed by cyber threats. The potential social and political fallout of large-scale data breaches is also a major factor in the emergence of new regulations around cyber security issues. For example, businesses in the UK have until April 2024 to ensure they are compliant with the Product Security and Telecommunications Act, which sets out minimum security requirements that networked products must adhere to (for example, they mustn’t be shipped with a default password). Implementation of the EU’s similar Radio Equipment Directive has been delayed until 2025, but the topic is still likely to be high on the agenda of legislators throughout 2024.

Source: https://www.forbes.com/sites/bernardmarr/2023/10/11/the-10-biggest-cyber-security-trends-in-2024-everyone-must-be-ready-for-now/

Artificial intelligence and quantum research were at the centre of science and technology announcements in the UK chancellor’s Autumn Statement on Wednesday.

The government will boost spending on computing power to develop AI by £500mn over two years to bring total planned investment to more than £1.5bn, said Jeremy Hunt.

The increase followed criticism of the £900mn allocated to AI computing in the March Budget as being too modest by international standards, with other countries planning to spend much more. “It’s great to hear that the government will find a further £500mn over the next two years to fund further innovation centres to help make us an AI powerhouse,” said Rashik Parmar, chief executive of the British Computer Society.

At the same time, the government revealed five “moonshot missions” for its £2.5bn national quantum strategy. They include developing UK-based quantum computers capable of running 1tn operations without making any errors — today’s fastest machines are capable of just a few hundred error-free operations.

It also aims to deploy “the world’s most advanced quantum network at scale, pioneering the future quantum internet”. “It is much more than headline pledges, it’s a call to arms,” said Chris Ballance, chief executive of UK quantum start-up Oxford Ionics. “The government is sending a clear signal of the UK’s unwavering commitment to becoming a leader in the quantum revolution.”

Elsewhere, the Autumn Statement provided £121mn to the UK space sector for a variety of infrastructure investments in Earth observation and communication technology. Some of the money, with additional funding from aerospace company Lockheed Martin, will enable Northumbria University in Newcastle to set up a £50mn North East Space Skills and Technology Centre.

The pharmaceutical and biotech industries welcomed the promise of a £520mn investment in life sciences manufacturing from 2025-26, as well as changes to research and development tax credits that the government says will provide relief worth an additional £280mn per year. “Increased flexibility in the tax relief scheme for R&D-intensive companies will make a meaningful difference to company growth, job creation and accelerating the delivery of new medicines to patients,” said Steve Bates, chief executive of the BioIndustry Association.

Looking at the Autumn Statement as a whole, Sarah Main, executive director of the Campaign for Science and Engineering, said: “I’m encouraged by the ideas that emerged. They show government thinking creatively about new ways to support science in the long term and seeding support across the breadth of the science economy.”

Source: https://www.ft.com/content/bdd127e4-0b6e-4047-b038-74c1324d8073

Artificial Intelligence is undoubtedly the buzzword of our time. Its popularity, particularly with the emergence of generative AI applications like ChatGPT, has brought it to the forefront of technological debates.

Everyone is talking about the impact of AI generative apps like ChatGPT and whether it is fair to take advantage of their capabilities. However, amid all this perfect storm, there has been a sudden surge of numerous myths and misconceptions around the term Artificial Intelligence or AI.

I bet you might have heard many of these already! Let’s dive deep into these myths, shatter them, and understand the true nature of AI.

 1. AI is Intelligent

Contrary to popular belief, AI isn’t intelligent at all. Most people nowadays do think that AI-powered models are intelligent indeed. This might be led by the inclusion of the term “intelligence” within the name “artificial intelligence”

But what does intelligence mean?

Intelligence is a trait unique to living organisms defined as the ability to acquire and apply knowledge and skills. This means that intelligence allows living organisms to interact with their surroundings, and thus, learn how to survive.

AI, on the other hand, is a machine simulation designed to mimic certain aspects of this natural intelligence. Most AI applications we interact with, especially in business and online platforms, rely on machine learning.

These are specialized AI systems trained on specific tasks using vast amounts of data. They excel in their designated tasks, whether it’s playing a game, translating languages, or recognizing images.

However, out of their scope, they are usually quite useless…  The concept of an AI possessing human-like intelligence across a spectrum of tasks is termed general AI, and we are far from achieving this milestone.

2. Bigger is Always Better

The race among tech giants often revolves around boasting the sheer size of their AI models. Llama’s 2 open-source LLM launch surprised us with a mighty 70 billion features version, while Google’s Palma stands at 540 billion features and OpenAI’s latest launch ChatGPT4 shines with 1.8 trillion features. However, the LLM’s amount of billion features doesn’t necessarily translate to better performance.

The quality of the data and the training methodology are often more critical determinants of a model’s performance and accuracy. This has already been proved with the Alpaca experiment by Stanford where a simple 7 billion features powered Llama-based LLM could tie the astonishing 176 billion features powered ChatGPT 3.5.

So this is a clear NO!

Bigger is not always better. Optimizing both the size of LLMs and their corresponding performance will democratize the usage of these models locally and allow us to integrate them into our daily devices.

3. Transparency and Accountability in AI

A common misconception is that AI is a mysterious black box, devoid of any transparency. In reality, while AI systems can be complex and are still quite opaque, significant efforts are being made to enhance their transparency and accountability. Regulatory bodies are pushing for ethical and responsible AI utilization. Important movements like the Stanford AI Transparency Report and the European AI Act are aimed to prompt companies to enhance their AI transparency and provide a basis for governments to formulate regulations in this emerging domain?.

Transparent AI has emerged as a focal discussion point in the AI community, encompassing a myriad of issues such as the processes allowing individuals to ascertain the thorough testing of AI models and understanding the rationale behind AI decisions. This is why data professionals all over the world are already working on methods to make AI models more transparent.

So while this might be partially true, it is not as severe as common though!

4. Infallibility of AI

Many believe that AI systems are perfect and incapable of errors. This is far from the truth. Like any system, AI’s performance is contingent on the quality of its training data. And this data is often, not to say always,  created or curated by humans.

If this data contains biases, the AI system will inadvertently perpetuate them.

An MIT team’s analysis of widely-used pretrained language models revealed pronounced biases in associating gender with certain professions and emotions. For example, roles such as flight attendant, or secretary were mainly tied to feminine qualities, while lawyer and  judge were connected to masculine traits. The same behavior has been observed emotion-wise. Other detected biases are regarding race. As LLMs find their way into healthcare systems, fears arise that they might perpetuate detrimental race-based medical practices, mirroring the biases inherent in the training data.

It’s essential for human intervention to oversee and correct these shortcomings, ensuring AI’s reliability. The key lies in using representative and unbiased data and conducting algorithmic audits to counteract these biases.

5. AI and the Job Market

One of the most widespread fears is that AI will lead to mass unemployment.

History, however, suggests that while technology might render certain jobs obsolete, it simultaneously births new industries and opportunities. For instance, the World Economic Forum projected that while AI might replace 85 million jobs by 2025, it will create 97 million new ones.

 6. The AI Takeover

The final and most dystopian one. Popular culture, with movies like The Matrix and Terminator, paints a grim picture of AI’s potential to enslave humanity.

While influential voices like Elon Musk and Stephen Hawking have expressed concerns, the current state of AI is far from this dystopian image.

Today’s AI models, such as ChatGPT, are designed to assist with specific tasks and don’t possess the capabilities or motivations depicted in sci-fi tales.

So for now… we are still safe!

Main Conclusions

In conclusion, as AI continues to evolve and integrate into our daily lives, it’s crucial to separate fact from fiction.

Only with a clear understanding can we harness its full potential and address its challenges responsibly. Myths can cloud judgment and impede progress.

Armed with knowledge and a clear understanding of AI’s actual scope, we can move forward, ensuring that the technology serves humanity’s best interests.

Source: 6 Artificial Intelligence Myths Debunked: Separating Fact from Fiction – KDnuggets

Cybersecurity firms are increasingly looking at integrated platforms to provide holistic online security for both for their B2B and end users as disconnected point tools struggle to support enterprise security requirements

The main reason that cybersecurity companies give for focusing on development of integrated platforms is that they make it easier for companies to provide a comprehensive solution to a problem that is “categorised by its complexity and constant evolution” says Kartik Shahani, Country Manager, Tenable India.

What are integrated cybersecurity platforms?

Integrated platforms provide solutions to this problem. A 2020 IBM survey found that organisations deploy approximately 45 solutions on average, with most requiring coordination across 19 security tools.

(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)

Integrated cybersecurity platforms “equip security teams with a holistic view of the entire attack surface and amalgamates diverse elements, including vulnerability management, cloud security, web app security, identity security, and attack surface management,” Shahani says.

Essentially, integrated platforms are better equipped at identifying threats, filling gaps in security, and mitigating threats due to the ability to collate and use information gathered from different areas of a network.

These platforms offer consolidated risk insights, exposure analytics, prioritises risk, recommends remediation strategies, and quantifies the reduction of cyber risk, he added.

Use of cloud-based computing has further allowed cybersecurity firms to provide access to their integrated platforms without requiring users to upgrade their systems. Integrated platforms from most firms have been designed to be easily integrated into organisation’s existing tech stacks, while also allowing customisations based on the user’s needs.

In some cases, “customers are beginning to pay on consumption basis rather than a subscription,” Binod Singh, CEO and Chairman, Cross Identity said.

Why are enterprises increasingly shifting to integrated platforms?

Integrated platforms are also increasingly finding takers in businesses due to their economic advantage, the lack of skilled personnel to manage security apparatus, and improved visibility of gaps in security for enterprises.

Businesses looking to cut costs may pivot to integrated platforms as there is minimal overlap in the implementation and identification of security products. Further, the use of integrated platforms also allows enterprises to sidestep the problem of hiring cybersecurity experts, which can be a problem due to the lack of skilled personnel in the domain.

Are platforms the future of cybersecurity?

With the benefits of integrated platforms, B2B organisations with complex IT environments are increasingly adopting unified platforms for monitoring and responding to security threats.

“B2B organizations are embracing integrated cybersecurity systems because they provide robust protection, simplify management, offer cost savings, adapt to changing needs, support regulatory compliance, and enhance the ability to respond to threats quickly and effectively,” Ritesh Chopra, Director Sales & Field Marketing, India and SAARC Countries, Norton, said.

Small and medium-sized enterprises in India with a view to restrict expenditure, which earlier involved adopting multiple points solutions on individual licenses or subscriptions, are now increasingly turning to integrated platforms.  The adoption of these platforms is aimed at bolstering security posture in accordance with the laws of the land without the overwhelming costs and complexities associated with managing multiple standalone security tools.

An of integrated cybersecurity platforms has its benefits for enterprises, it poses a challenge for startups in the cybersecurity space which may struggle to finding the right constellation of cybersecurity experts to develop all the features needed be truly comprehensive. “Most often, the best experts are specialized in topics such as threat intelligence, malware analysis, application security, data loss prevention, network security, vulnerability management, AI, privacy, etc. Thers is also a shortage of these experts on the market, which indeed presents a challenge to startups,” Chopra said.

For the end users, integrated platforms allow cybersecurity companies to present users with an all-round security solution, which while may not be a silver bullet, ensures protection across devices which may not be possible with point security solutions.

Source: How are cybersecurity firms adapting to gen AI – The Hindu