When Mimecast released its most recent State of Human Risk report, one thing became abundantly clear: South African organisations are concerned about the threat of artificial intelligence (AI).
By Yesh Surjoodeen, MD: southern and central Africa at HP
That said, while 72% of local organisations see AI as a potential threat, most organisations also see it as an opportunity, and at least half of surveyed companies are actively utilising AI to defend against cyber-attacks.
Cybercriminals are not just targeting AI systems, they’re using AI to bolster their attack capabilities, such as writing attack scripts, analysing potential system vulnerabilities, and even developing new malware. The rise of AI-assisted phishing is also a major concern not just for organisations, but individuals, as personalised phishing emails are becoming harder to identify – a recent study showed that such emails are fooling more than 50% of their targets.
In the wake of several well-documented hacks in South Africa – such as the R165 million hack of the South African Social Security Agency and the data breach of Cell C – many business leaders are shifting priorities, and budgets, to build cybersecurity resilience. But are they prioritising it enough?
While 86% of organisations are increasing their cybersecurity budgets, Mimecast suggests that funding remains insufficient to meet growing demand and more sophisticated threats. Organisations must establish clear security requirements and invest in the right technology, including understanding the hardware-enforced security that is now built into many endpoint devices.
Meanwhile, it’s essential that governments develop more nuanced cybersecurity and AI regulation to make sure that AI is used safely, and as South Africa’s Institute for Security Studies has said: “new AI strategies must prioritise human security, transparency and accountability.”
As individuals, we too should educate ourselves on how to avoid security breaches, especially when using new technologies like large language models that often send data to the cloud.
However, there are numerous ways in which organisations can take the initiative here, and it all starts with the handling – by humans – of their devices. More specifically, implementing smarter defences across their entire lifecycle.
Effective device security starts from selecting the right suppliers. Procurement specialists need to involve IT security teams to assess vendors, devices, and test hardware and firmware security claims. While this practice is not widespread, recent HP Wolf Security research shows that 34% of organisations that do audit suppliers have had a PC, laptop, or printer supplier fail a cybersecurity audit in the past five years. Nearly 18% of those failures were significant enough to result in contract termination.
Beyond procurement, a lesser-known security risk lies in poor BIOS security practices. BIOS security refers to the systems protecting your firmware from unauthorised access, modification, and other malicious activity. Fifty-three percent of IT and security decision makers (ITDSMs) admit to using BIOS passwords that are shared, overly broad, or not strong enough, and the same percentage say they rarely update these passwords throughout a device’s lifespan.
This provides direct opportunities for attackers to access a device’s firmware, potentially disabling critical security features. Similarly, failing to regularly update firmware also leaves devices open to compromise by malware, so deploying updates immediately is the safest option.
The way that we dispose of our devices can also create unnecessary cost and e-waste, with many organisations opting to destroy decommissioned devices, even when secure repurposing options are available. This approach not only increases e-waste but also contradicts most companies’ sustainability goals.
The HP Wolf Security research found that 60% of ITSDMs have devices that could be reused or donated if secure decommissioning solutions were accessible. However, without a dependable method for securely wiping hardware and firmware data, organisations miss out on potential cost savings and sustainability benefits.
AI can also help organisations to protect their infrastructure and data. Many AI-powered solutions, including HP’s Sure Click Enterprise, use machine learning algorithms to identify and neutralise malware and ransomware threats. To maximise protection, organisations can complement detection-based security with threat containment that uses strong isolation to prevent attacks from infecting computers – even zero-day exploits and previously unknown malware.
Additionally, protecting the firmware of devices is crucial because if that’s compromised by an attacker, they’ll get ultimate control of the device. This is why firmware self-healing capabilities that automatically restore firmware to a safe state are so important.
Cybercriminals will continue to harness AI for malicious purposes, which is why business leaders must respond with equal sophistication by investing in the latest technology as well as building strong security cultures across their organisations.