Fortinet business development manager Paulo Pinto says the growth of cyberattacks, their sophistication and the lack of skilled professionals are some of the challenges companies face in terms of cybersecurity.
Paulo Pinto is one of the speakers at the Digital Operational Resilience Summit (DORS), organized by NOS, which takes place on Thursday in Lisbon, where the challenges of cybersecurity and technology resilience will be highlighted.
Among the main challenges that companies face, namely those of electronic communications, in the field of cybersecurity is the growth of attacks in number and impact.
"Companies with larger attack surfaces are increasingly being targeted by attacks that explore vulnerabilities in IoT devices, while old vulnerabilities continue to be explored, requiring a policy robust of updates and security fixes”, points out the ‘business developer manager’ of Fortinet.
Another challenge is the sophistication of cyber attacks, because, especially those carried out by advanced persistent threat groups (APT), "have become more sophisticated" These groups "focus on compromising critical infrastructure and stealing sensitive data, turning critical organizations into strategic targets for espionage and sabotage".
Ransomware cyberattacks are another challenge, with the increase in attacks targeting critical sectors, including communications, becoming "a growing concern", as these "are often designed to disrupt essential operations by disrupting the day the day of society".
On the other hand, he points out, there is a lack of qualified professionals in the area of cybersecurity, which makes it difficult for companies to respond effectively to attacks and maintain a proactive security posture.
In addition, "the average time between the discovery of a new vulnerability and its exploitation has decreased, requiring companies to be more agile in the application of security patches," it said.
Asked whether he believes that generative artificial intelligence (AI) could increase the number of sophisticated cyberattacks, Paulo Pinto lists the facilitation of attacks, the reduction of barriers to entry and 'deepfakes' and frauds.
"AI allows hackers to launch attacks more quickly, such as creating new malware and exploiting application vulnerabilities in an automated way, without direct human intervention," the official explained.
AI tools "help cybercriminals, even those with less knowledge, to carry out phishing and social engineering attacks in a much more convincing way, such as creating e-mails in perfect English, regardless of the attacker's native language," he said.
On the other hand, "AI has been used to create sophisticated deepfakes, such as the case of a fake chief financial officer (CFO) in a video call that resulted in a $25 million fraud," referring to the occurrence at the design multinational and Arup engineering in January.
However, AI can also help mitigate cyberattacks, through improved threat intelligence, and speed up threat detection and response.
"AI can be used to improve the information available about threats to a given organization, automating the collection and analysis of data and correlating information to generate possible lines of action", as this "allows threats to be identified faster and more accurately" , points out.
Other advantages are next-generation firewalls (NGFW) with AI: "Modern firewalls incorporate AI models to increase the effectiveness of functions such as intrusion prevention, malware protection, and sandboxing.
Artificial intelligence "also improves network visibility and facilitates centralized management of security policies".
