How can corporations improve their cybersecurity measures so that these type of breaches don’t happen again?
I think a big part of that is obviously legislation and regulations helping to push that on companies that have to do it. When you really think about it, only a few years ago, companies didn’t even have to necessarily disclose if they had been hacked.
The unfortunate truth of it is that what does “more” actually mean for companies? Because they don’t really have the resources. The human talent is one of the biggest problems. There’s a massive scarcity issue when it comes to that. The solution is really in the people. It’s not to buy more tech, necessarily.
Forbes, a couple of years ago, wrote an article about there being a million cybersecurity jobs unfilled on a yearly basis. I saw some other reports saying there are 2.8 million jobs in cybersecurity, most of which will be unfilled because there just aren’t people who have the experience and time in cybersecurity. So that’s the biggest hurdle that companies have to deal with.
On the flip side of that, I think the other thing is to empower the actual users, the consumers, with more tools. I don’t necessarily think that it’s a company problem or a government problem. As a consumer of technology, we all are really the problem.
At the end of the day, you click and say “Yes” on one of those things, that’s not really on them, that’s on you. And most of the attacks now are targeting the individual more so than the infrastructure of major corporations. I think it’s a combination of being able to address both of those issues.
You mentioned Blockchain earlier, why could that be the answer?
I believe that blockchain is what email was 20 to 25 years ago, which not many people got it and not many people had one and not many people knew how to use one. I think the difference is that here we are 20 years later; now we all have one, if not ten. And that’s what’s happening with blockchain. The only thing is it ain’t going to happen in ten or 20 years; it’s going to happen in two.
I believe blockchain is extremely utilitarian, opening a new area of cybersecurity, with issues such as the methodology for confirming transactions and identifying and recovering potential losses from cyber-attacks.
Blockchain is ultimately another form of logging. There are uses for it that would significantly improve safety because it has been designed with a focus on maintaining integrity and traceability.
How about AI? Do you think Artificial Intelligence will be used by hackers in the future?
I personally think AI is a fancy term but in fact nothing more than automation. It’s automating something that a human could do, but automation is still created by humans, so AI is not going to be the force for hacking, it can actually be a vulnerability.
It can have a positive impact, but it will not replace hackers, I think. It can be used as a tool. And hackers always find ways to speak to machines.
We can argue that we are all artificially intelligent, as we are products of our environment. Similarly replacing something that humans could do is another product of the environment. So it’s the matter of input and output, which you can manipulate, especially in AI.