The emergence of Generative AI (GenAI) is reshaping the 2024 telecoms risk radar. According to SecurityScorecard’s recent research, Security ratings: A new horizon, 85% of the top telecom companies in the US, UK, France and Germany experienced a third-party data breach in the past 12 months alone.
Organisations in the technology, media and telecommunications (TMT) sector are at the forefront of modern connectivity, linking people and businesses across the globe. Despite how advantageous recent technology developments have been to propel the industry further, malevolent actors stand ready to exploit and capitalise on vulnerabilities.
Additional studies indicate that cyber-resilience is under pressure, throwing data governance strategies into question with the dramatic expansion of GenAI. EY’s Top 10 risks in telecommunications report discovered 68% of telco respondents believe they are not doing enough to manage the unintended consequences of AI, and 74% say they need to do more to mitigate against bad actors who could use AI to support cyberattacks and other malicious activities.
In the same body of research, 53% of telcos believe the cost to their organisation of cyber breaches will exceed US$3m in 2023, up from 40% in 2022.
The National Cyber Security Centre’s recent assessment highlighted that AI will almost certainly increase the volume and heighten the impact of cyberattacks over the next two years, and the threat to 2025 comes from evolution and enhancement of existing tactics, techniques and procedures.
These threats further incorporate a growing sense of unease within the sector due to insufficient talent and skills management. EY’s findings underline that digital talent is increasingly in demand, but a shortage of network engineers presents a more immediate challenge to the industry. It continues to uncover more risks to the talent pipeline spurred on by financial pressures. More than half (55%) of telecoms employers have introduced hiring freezes – almost double that recorded across all sectors (28%), and 61% of telcos say talent retention is being hampered by salary and benefits cuts as part of a cost-reduction drive – well above the sector average (44%).
The progression of efficiency, speed and connectivity from enhanced AI can easily be unpicked without enough defenders to protect the landscape. While there are whispers weaving throughout all industries about AI replacing people, the synergy between technology and humans seems stronger than ever. Building a cyber-resilient strategy may seem like an enveloping fog, but a visible, empowering and proactive approach will likely tackle the risks ahead.
We speak to experts in the TMT sector – Ben Matthews, Partner, Altman Solon; Christos Kalantzis, Chief Technology Officer, SecurityScorecard; and Steve Cobb, Chief Information Security Officer, SecurityScorecard – to gain insight into what measures should be taken to build confidence in the industry.
Ben Matthews, Partner, Altman Solon
A recent survey of cybersecurity professionals by Sapio Research shows 75% of executives saw an increase in attacks over the past year – and these come at a price. According to IBM, the average global cost of a data breach is now estimated at US$4.45 million – a 15% increase from 2020. This has led to global spend on cybersecurity reaching US$188 billion in 2023, a number expected to increase as cybercrime is estimated to cost the global economy US$9.5 trillion in 2024.
Many cybersecurity experts believe that advances in GenAI tooling are contributing to this rise in cybercrime. While chatbots like OpenAI’s GPT or Google’s Bard are programmed to not generate code that could be used for hacking purposes, attackers are finding new ways to ‘trick’ these chatbots into generating malicious code. This can include techniques like goading a chatbot to respond to a question as if it had ‘no moral restraints’ or by adding extra spaces between banned words when communicating with the chatbot to bypass censors.
GenAI chatbots can mimic fluid, written communications and make phishing emails, which are often riddled with spelling and grammatical errors, more linguistically complex and thus harder to weed out. What’s more, hackers can use GenAI chatbots to craft ‘spear phishing’ emails by adding in personalised information about potential victims and getting a tailored, highly credible result.
Cybersecurity: Going from reactive to proactive
Today, many business leaders have a reactive approach to cybersecurity, investing in tools like anti-malware software, password protection with Multi-Factor Authentication and firewalls. While these tools can be helpful for protecting against known threats, they won’t suffice when it comes to more complex cyberattacks.
Today, CISOs should continue to pivot away from the reactive approach of legacy cybersecurity and implement preventive, proactive measures. Conducting regular audits of systems to identify potential vulnerabilities and drafting company procedures for protecting sensitive data contribute to a culture of preventive security.
The cyberthreat landscape is changing rapidly and it can be useful to outsource this by hiring an external cybersecurity expert – for enterprise customers, this would be the security software vendors, and for SMBs they would do well to seek out the support of a Managed Security Service Provider (MSSP). These outside experts can use advanced analytical methods to identify security risks, provide holistic security solutions and in some cases, offer implementation and operational support.
While GenAI can increase certain types of cyberattacks, integrating AI into cybersecurity systems can improve existing resources. As the cybersecurity workforce gap reaches a high of 4 million people, 86% of CISOs think that GenAI tools will mitigate talent shortages in security teams, according to Splunk’s 2023 CISO Report. Organisations can leverage AI to automate aspects of cyberdefence, like threat detection, response and prediction and better identify patterns of threat to arm themselves against hackers.
Christos Kalantzis, Chief Technology Officer, SecurityScorecard
Artificial Intelligence (AI) has demonstrated its power to transform entire industries. But just as organisations are jumping on the AI bandwagon, so too are cybercriminals who seek to leverage the technology for malicious purposes. Because organisations in the technology, media and telecommunications (TMT) sectors represent a critical industry, they must pay extra attention to the risks posed by AI.
Here are several best practices for TMTs when it comes to combatting AI threats:
Identify and catalog your attack surface
You can’t protect what you don’t know about. TMTs tend to have an outsized amount of digital assets compared to more traditional sectors, making their attack surfaces larger and more attractive to threat actors using AI. As a result, TMTs must have a complete (or close-to-complete) understanding of their attack surface in terms of devices, services, employees and software in use.
Automate vulnerability management and risk control
Once a TMT knows its attack surface, it must have automation in place to patch any assets, (both exposed and internal), hide any assets that do not need to be exposed, or leverage ZTNA (Zero Trust network access) tools to access them. For assets that must be exposed, harden them against AI-enabled threat actors who are looking for gaps in networks.
Invest in strong cybersecurity tools and training
TMT organisations should use robust solutions for threat detection and response. These tools enhance cyber-resilience by identifying and mitigating threats effectively. They should also educate staff on AI-related risks and cybersecurity best practices to promote a culture of awareness. Empowered employees can proactively recognise and address potential threats.
Encourage collaboration
Partner with other organisations and cybersecurity experts to share insights and intelligence on emerging threats. By working together, TMT companies can improve their ability to detect, prevent and respond to cyberattacks to strengthen the industry’s overall cyber-resilience.
Implement continuous monitoring
Establish systems for ongoing monitoring of networks and systems to promptly detect and respond to any suspicious activity.
Have a proactive defence
Conduct regular AI risk assessments tuned for bias, explainability and threat detection. Additionally, they should implement encryption for secure AI computations and leverage data governance platforms for access control. This also means developing AI-specific incident response plans through tabletop exercises and utilising automated response.
Steve Cobb, Chief Information Security Officer, SecurityScorecard
The field of Artificial Intelligence (AI) is growing exponentially and, while it’s an exciting time for this new and evolving technology – with many cutting-edge and positive use cases – it’s also important to remember that threat actors are harnessing AI for more nefarious reasons. Because of AI’s ability to collect, analyse and interpret large amounts of data, threat actors are able to scale their operations to hunt for and exploit vulnerabilities in code, applications and infrastructure.
As a result, organisations in the technology, media and telecommunications (TMT) sectors are grappling with many of the same challenges as other markets in the face of AI, and they need to be quicker than ever at remediating those vulnerabilities. Organisations have to embrace AI and match the vigour with which adversaries are investing and utilising it.
Here are a few tips for TMT’s to enhance their cyber-resilience:
Address supply chain risk
Companies need to enhance their vulnerability management programmes. Additionally, they need to be better at addressing supply chain risk and must get better at classifying and categorising what data their vendors and partners have access to and how they access that data.
Invest in people
Though it may seem counterintuitive, the AI problem can and must be solved by humans. TMT organisations need to better prepare their employees to meet the growing tide of challenges presented by this technology. There’s a real skills gap when it comes to AI, and organisations in the TMT sector must improve their recruiting practices and hire experts in this field.
Additionally, employees need to be on the lookout for social engineering attacks perpetrated with the help of AI. Threat actors are now leveraging AI to make it more difficult to detect social engineering attacks. One such attack is called SIM-swapping, where threat actors bribe telecom company employees to change SIM numbers on a phone. Once this happens, the threat actor will receive all SMS and calls intended for the victim.
Protect critical infrastructure
The TMT sector encompasses large portions of critical infrastructure. As individual threat actors and nation-state attackers continue to operationalise AI, critical infrastructure will be in their crosshairs. The TMT sector must improve its detection and response tools and processes so that, as these attacks become more and more ‘AI-powered’, our nation’s critical assets are better protected.
Click below to share this article
