In the world of protecting assets from cyber threats, posture is essentially table stakes. All advanced security measures begin where posture leaves off. Develop a strong cybersecurity posture, and your network, devices, identities, and data are much more difficult to breach.
However, the challenge for many companies is recognizing that a secure posture is a moving threshold. A company's security posture from five years ago was significantly weaker than those that we are seeing today. As threat actors have developed new attack vectors, techniques, and malware, posture has had to evolve to meet potential incoming threats.
The latest concern amongst security professionals is the exploitation of AI and machine learning tools like ChatGPT to develop never-seen-before cybersecurity threats. Since its launch late last year, attackers have tried to use generative AI tools, including ChatGPT, to create polymorphic malware.
BlackMamba, ChatGPT’s polymorphic proof-of-concept malware, is forcing security teams to evaluate whether their security posture is strong enough to withstand this latest evolution in cyber threats. AI has raised the stakes, and with it, it is pushing organizations to reconsider posture, the building block of cybersecurity.
Strategizing Your Cybersecurity
There are actually three different types of cybersecurity strategies organisations tend to follow. The first are those who are reactive to events around them. They offer protections based on history and develop training and strategies to prevent the data breaches, network takeovers, and ransomware attacks of yesterday.
These companies, who are very much like generals who prepare to fight the previous war, tend to check boxes for compliance without seriously considering the security of their network.
The second type of strategy is being deployed by companies that have a vision for the future but lack the budget to implement leading cybersecurity solutions. As a result, they often end up taking the same approach as reactive companies.
The last type of company is proactive. These organizations, which are often in the financial industry or in e-commerce, recognize the need to be ahead of the game. In addition to thinking about the risks they are currently facing, they tend to look for cybersecurity tools that are preparing for attacks of the future.
They are upgrading their security posture and ensuring that they have AI tools in place to secure their network against AI-driven attacks. It’s a different mindset that takes posture to a different level in protecting the network.
How This Impacts Posture
As you might imagine, the strategy adopted by an organization has a major impact on posture. Proactive organizations are already viewing posture through an AI lens. They recognize the changing nature of attacks and can easily envision AI-based attacks trying to breach their network.
Embracing AI as a key component of cybersecurity posture isn't just a recommendation; it's imperative for survival. Companies should consider AI-driven security tools that can provide real-time threat analysis, automate incident responses, and evolve through machine learning to counter emerging threats. Furthermore, training initiatives should be undertaken to equip IT personnel with the skills needed to operate AI-driven defense systems effectively. This way, not only will businesses be prepared for threats like BlackMamba, but they will also be equipped to tackle the unknown challenges of the future.
About Author
Ric Smith boasts a distinguished career of over 20 years, having left his mark on enterprise software development, both within private and public entities. Notably, he has championed the scaling of product teams through two IPOs (NYSE:MDLA and NYSE:S) and has held leadership roles in prominent SaaS/Cloud vendors (NYSE:ORCL). Recognized for his talent in establishing diverse, high-performing teams, Ric continues to influence product delivery to a vast range of clients, from small businesses to multinational enterprises.
