The cyber security guard every business needs?

Cybersecurity threats have reached an all-time high in recent years, with software supply chain attacks, for example, hitting three out of five companies in 2021. Worse still, only 6% said the impact of these were minor.

It’s perhaps therefore unsurprising to hear that many security professionals still don’t feel their companies are properly protected.

Despite the breadth of technology available to mitigate risks and catch threats before it’s too late, they feel vulnerable to ever-increasingly sophisticated threats, and are desperate to find more robust ways to maximise their security posture.

This is undoubtedly because hackers are using more advanced tactics to access company networks – not least with targeted email attacks – meaning employees practically open the front door to an organisation’s precious data.

Causing sleepless nights for IT administrators across the globe, phishing is all too common today. But what’s even more frightening, is that 97% of people can’t detect these scams. No matter how many tips and tricks security executives share, this is something that they cannot control.

In fact, a recent IBM survey found that human error is the main cause of 95% of cybersecurity breaches – an alarming percentage when you consider that if this wasn’t a factor, then 19 out of 20 breaches might not have happened in the first place.

HYBRID WORKING HARMING SECURITY

One key factor fueling this challenge is the rise of hybrid working environments. With employees increasingly spread across different geographical locations – all accessing company resources and using different collaboration tools – it’s really difficult for security teams to retain the same degree of control over a more disparate infrastructure.

Are employees using company approved devices at all times? Are they sharing sensitive information across unsecure networks? And what risk does behavioural change play?

New research revealed that 80% of enterprise IT security leaders believe remote workers pose a significant risk to their organisation, due to being detached from the corporate world – not least their security teams.

So although constant email reminders, video training sessions, VPNs and hotly-debated SD-WAN solutions all help, phishing attacks still peaked in 2021 – showing there is an urgent need for more robust security threat detection measures.

AI-POWERED CYBERSECURITY

Luckily, a new type of technology can help prevent such email attacks – stopping them in their tracks before they can infiltrate a company’s network, and wreak irreversible damage.

Natural Language Understanding (NLU) is AI-powered tech that can ingest language, sentiment, and identity behaviour on a granular level, to better detect whether the email has been legitimately sent, or is actually phishing in disguise.

Of course, human language is a pretty complex and multi-faceted construct, and words have no inherent meaning for digital systems that interpret coding. But that’s what makes NLU even more impressive.

It works by using deep machine-learning to analyse tone, context, and intent, to determine what was meant, rather than just what was said, before ‘scoring’ the email according to its probable validity. In other words, is the content considered normal – and was it likely to have been sent by a real human – or could it be a potential attack?

NLU goes way beyond just checking for suspicious email addresses or incorrect spelling typically associated with cybercrime. It delves deeper into the specific language used, low communication history, Domain Keys Identified Mail (DKIM), and low domain frequency – digging into the real nitty gritty of the email to make a sound judgment.

This technology has already shown its potential by correctly identifying an email supposedly sent by the Bank of America, which asked recipients to update their contact details. The content managed to get past Exchange Online Protection and other security measures, but it was actually a threat.

This was reportedly a particularly sophisticated example of a phishing attack – with the email not being sent in bulk, and including a page in the attack flow that asked for ‘security challenge questions’ to increase legitimacy, for example.

Yet, NLU managed to detect unusual requests, lots of financial language, low communication history, and low domain frequency – all of which led to the email being flagged as dangerous. Not only did this save the company significant time, money, and resources, it also prevented considerable reputational damage.

This use case is the ultimate example of why companies should be utilising NLU to strengthen their security armour. The technology is typically associated with machine agent style automation in contact centre environments, but its ‘intelligence’ lends itself to far wider deployment.

If industry findings are true, and security teams are as worried about breaches as the data would suggest, surely they would be able to sleep better at night knowing this tech would dramatically reduce the risk caused by human error.

Is this the future of cybersecurity? Without a shadow of a doubt.

By Tim Mercer, CEO of Vapour