Formjacking – the practice of exploiting weak security in forms on websites –together with IoT strikes – cyberattacks on IoT devices – are emerging as the new normal in data security risks. Fast-overtaking traditional practices like phishing, these increasingly sophisticated techniques are being used to source valuable personal data.
Unlike phishing, it can be incredibly difficult to identify formjacking. While phishing often uses bogus URLs, with formjacking the malicious code exists within the authentic site. Attacks can happen even when connecting through a genuine mobile app.
Data security risks from IoT
When it comes to IoT strikes, sometimes the device itself is targeted which can contain valuable data. However, the greater risk comes from cybercriminals using IoT devices as soft access points into wider corporate networks. It’s not hard to imagine the damage that can be done by attacking an unpatched VOIP phone to gain access to an erstwhile secure network.
In this age, it stands to reason that traditional security approaches and knowledge learnt from past attacks are no longer enough to thwart these increasingly sophisticated threats. Given the proliferation of end-user devices and networks, coupled with advances in the cloud, IoT, and 5G, businesses are often overwhelmed by the number of data points they need to monitor.
AI to bolster data security
Implementing the right technology solutions is more important than ever to prevent data breaches. Thankfully, businesses can now meet many cybersecurity challenges using Artificial Intelligence (AI) to bolster data security defences.
Thanks to its ability to automate threat prevention, detection and response, AI has a significant role to play within a solid cyber security strategy. By learning to adapt to its current environment and the threat landscape, when deployed correctly, AI can collect intelligence regarding new threats, attempted attacks, successful breaches, blocked or failed attacks and learn from it.
New immune system can curb data security risks
Specialists from the University of Cambridge have developed new immune system technologies using unsupervised machine learning (a subset of AI) and probabilistic mathematics. Immune systems are capable of learning the 'self' of an organisation by analysing every network, device, and user, and modelling them accordingly.
In doing so, the immune system can establish a highly accurate read of normal corporate behaviour, giving it the ability to identify abnormal activity as it emerges.
Shoring up data security with AI
When used in conjunction with traditional security methods, AI is a powerful tool for protecting against cybersecurity attacks. Using AI for cybersecurity enables organisations to understand and reuse threat patterns to identify new threats. This allows businesses to reduce the time and effort involved in identifying, investigating and resolving threats.
That said, it’s important to note that AI in cybersecurity can only be successful when data sources are connected to platforms, and work has been done to identify the data sets required to make the AI algorithms usable.
Optimise visibility on corporate data and assets
While the use of AI minimise data security risks represents a huge step forward in the battle against data security risks, it’s important to remember that one of the main causes of data breaches and security incidents continues to be a lack of visibility on corporate data and assets. Any business that uses or stores data online must focus on securing that information.
As businesses grow ever larger and more fragmented, it’s more important than ever to keep tabs on all data and devices. In your own organisation, you need to be able to identify:
- Where all your data is stored
- Who has access to it
- How many how smartphones and IoT devices.
The more data and devices you have, and the more widely spread it is, the bigger the inevitable incidents and data security risk.
