By: Andrea Deckert//July 6, 2023
By: Andrea Deckert//July 6, 2023//
The rise in popularity of artificial intelligence in business has its pros and cons when it comes to cybersecurity, according to David Wolf, vice president of Just Solutions Inc.
On one hand, it can help advance a business and even detect certain cyberthreats against a company, Wolf said.
Conversely, however, the technology is used by cybercriminals to gain electronic entry to a company’s operation, causing havoc and holding confidential information ransom.
“It’s a double-edged sword,” Wolf said.
Wolf made his remarks at the recent RBJ/Daily Record virtual panel discussion on cybersecurity where he and other local experts discussed the latest cybersecurity trends to make sure companies are as protected as possible.
The virtual panel discussion was sponsored by Harter Secrest & Emery LLP, Just Solutions, OrbitalFire Cybersecurity and Phillips Lytle LLP.
In addition to Wolf, the panelists were:
Wolf spoke about several ways companies can help themselves when it comes to cybersecurity, including staying up to date on cybersecurity awareness training.
Such training needs to be done consistently and on a regular basis, he said, noting that technologies such as AI have made even phishing emails look more realistic.
“It’s getting harder and harder to determine truth from fiction,” he said.
Other tips for companies included using multifactor authentication, as well as a managed detection and response service, which can not only seek out and find an issue, but immediately shut a system down in response.
Harnish said cybersecurity efforts fail for many companies because the industry caters to big businesses with systems that are complex and expensive, and largely ignores the needs of small businesses, the latter of which represents most businesses in the U.S.
Harnish said it is important for small companies to understand their business and its needs, focusing on two areas: defensibility and resilience.
In terms of defensibility, he said companies need to make sure they are doing the right things in the right order, so those a firm does business with — such as its customers and vendors — are satisfied with the answers to their questions about matters including compliance, regulatory and contractual matters.
To be resilient, it is important to know how much disruption one’s business can handle by undergoing a risk assessment and then acting based on those findings.
It is also important for small businesses to evaluate their cybersecurity options and follow-through on decisions that make the best sense for an individual business, Harnish said.
“Once you commit (to a plan), do it and do it well,” he said.
Greene said as more companies increase their use of AI, it is important to also stay on top of their cybersecurity efforts.
He discussed tools companies can use to adopt AI in a responsible fashion, including knowing their risks when using the technology and having a plan in place when an incident occurs.
Running incident response drills internally can help identify risks, as well as viable solutions, he noted.
“Use the tools you have to reasonably and appropriately control risk,” Greene said.
Mercado Clark spoke about new U.S. and European laws related to data privacy.
She said many companies may think they don’t need to know some of the laws related to other parts of the country or the world, especially if they are located in one state.
That is not the case, however, she said, adding that not staying abreast of the new laws can impact a company’s operations, have legal risks and negatively impact a company’s reputation.
“It can be a very costly and unfortunate misconception,” she said.
[email protected] / (585) 653-4021