At RSAC, every month seems like National Cybersecurity Awareness Month. However, for the rest of the world, October is an important time of year to focus on the state of cybersecurity by assessing what is currently working and perhaps more importantly, looking forward to the future of the industry. The Cybersecurity and Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCA) have collaborated on this year’s theme of “Secure Our World” and issued four principles that everyone should employ in order to maintain their digital security. While these are agreed upon best practices, it is necessary to anticipate and adapt to the rapidly changing threat landscape and artificial intelligence’s (AI) role. As AI becomes more deeply embedded in every aspect of the defensive and offensive facets of cybersecurity, it is important to understand not only its current impact, but also its future potential. By focusing on awareness and raising the collective level of cybersecurity, everyone can work together to “secure our world.”
Make Better Passwords (and Passphrases) for the Win
The first recommended step towards healthier security measures is implementing strong passwords. It is important to choose longer passwords of at least sixteen characters. Passwords should also be random, which can be achieved by using an assortment of mixed case letters, symbols, and numbers that have no connection to one another or by employing a series of unrelated words, which is known as a “passphrase.” Passwords should be unique to every account to prevent a data breach at one company from becoming a disaster on multiple fronts. If all of this sounds complicated and overwhelming, there is some good news - both institutions recognize the difficulty involved in juggling long, random, unique passwords over a series of accounts and also recommend that individuals take advantage of a password manager that can keep track of the passwords for you. This means that you only need to remember one long, random, unique password so that you can login to your password manager.
Install Software Updates
Another agreed upon practice for everyone is regularly updating software. When developers issue software updates, it is often to address a known security issue. By choosing to update the software, users are closing loopholes before attackers get a chance to exploit them. In order to stay up to date, it is recommended to watch out for notifications that a software update is available, install updates as soon as they become available, and enable automatic updates on all devices to ensure that updates are installed in a timely manner.
Think Before You Click (on a Phishing Email)
The third major recommendation is to recognize and report phishing attacks. Phishing typically takes the form of fraudulent emails designed to entice victims into clicking on a link that tricks the user into entering sensitive information such as usernames and password combinations or payment details. Look for tell-tale signs of phishing such as an urgent tone, odd misspellings, or strange character choices for letters. Phishing attempts also frequently ask for sensitive information such as credit card numbers and often use shortened uniform resource locators (URLs). While these emails can be tempting, if something seems off it is important to resist clicking on the links and pursuing the bait. Instead, report the phish either in the email program or via the “report spam” feature. Finally, delete the email. If you have any serious concerns regarding the validity of the email, find another way to contact the company or sender independent of the information in the email.
MFA Works. Use It.
The last step that everyone should take is to enable multi-factor authentication (MFA) on all user accounts. MFAs require that users provide additional means of verification, often with a code sent via text message or authenticator app. This ensures that in the event that a username and password become compromised, the account remains secure.
How AI Is Changing Cybersecurity
While everyone generally agrees that creating stronger passwords, updating software, avoiding and reporting phishing attempts, and enabling multi-factor authentication are fundamental aspects of cybersecurity, it is important to understand how these elements are being impacted by AI, which has had or will have a profound and pervasive effect on almost every aspect of the cybersecurity industry.
Generating Strong Passwords
There are serious concerns regarding AI’s capacity to crack/hack user passwords and penetrate systems and these fears are not without merit. AI, coupled with appropriately powerful hardware, can crack simple passwords almost instantly. However, by following the guidelines for creating strong passwords, users can prevent their passwords from being cracked almost indefinitely. AI is also being employed as a means for generating strong passwords with programs like Google’s Gemini.
Automating Patch Management
Updating software and patch management are essential aspects of any cybersecurity defense strategy and AI can help to simplify and automate some of the complexities associated with managing these processes. AI can help find flaws in programs, automatically write code to address vulnerabilities, and push out updates to affected systems. As systems and software become increasingly complex, the time saved by AI in software updating and patch management can be priceless to an organization. While an individual’s needs may be less demanding, the necessity for keeping up to date is no less important.
More Sophisticated Phishing
Attackers are increasingly adopting AI in their phishing schemes to great effect. AI can help to automate a number of the initial phases of phishing scams using large language models (LLMs). It is even possible that the entire process, from start to finish, can be automated using sophisticated AI while reducing associated costs and time and increasing overall success rates. These same LLMs show potential as a means of detecting phishing attempts. However, the current detection capabilities are limited and inconsistent, creating an asymmetrical situation that needs to be addressed through education and training that promotes awareness and avoidance of phishing attacks.
The Case for Multi-factor Authentication
The proliferation of AI based phishing attacks is making MFA more important than ever. While AI’s impact on MFA is not as significant as it is in some of the other recommended areas, it is still being increasingly used in creating and detecting patterns in users’ behavior as a secondary means of authentication. AI is also effective at regulating levels of access, detecting suspicious activity and automating swift incident response where there is suspected fraudulent activity.
National Cybersecurity Awareness Month is an opportunity for everyone to take a real look at the state of their cyber defense strategies and get back to basics. CISA and NCSA have issued their recommendations for creating strong passwords, enabling MFA, recognizing and reporting phishing, and updating software in conjunction with this year’s theme of “Secure Our World.” While it is important to consider the effects of AI on these elements, it is also important to recognize the human element that is inherent in so many security failures. Education and awareness are among the most important tools in any comprehensive cybersecurity plan. To this end, organizations need to leverage the power of their employees by building security champion programs, in which individuals are chosen to promote security awareness and best practices among their peers. It is also paramount to take advantage of novel training and educational programs that are proven to be effective. For individuals and organizations looking to elevate their defenses or learn more about anything cybersecurity related, the RSAC Library is an invaluable resource that draws upon a wealth of knowledge from industry-leading experts.