Cybersecurity — The art of prevention

Hack­ing has become a busi­ness — and a lucra­tive one at that — and is accor­din­gly carried out by busi­ness people! A large propor­tion of the attacks that have taken place in recent years can be attri­bu­ted to orga­ni­zed crime. Entire compa­nies have been set up that do nothing other than hack and black­mail other compa­nies. In addi­tion, cyber attacks have become an inte­gral part of warfare, espe­ci­ally econo­mic and social desta­bi­liza­tion. The disrup­tion of the running of a society can be reali­zed not only through spec­ta­cu­lar hacks of hospi­tals or energy suppli­ers, but also through “smal­ler” attacks, such as on bake­ries or super­mar­kets. Last year alone, there were seve­ral cases in which the shel­ves of the local super­mar­ket in a village were empty because a hacker attack disrupted the IT systems of a store chain. 

AI has a very special effect on cyber­se­cu­rity. While in other indus­tries it ensu­res that compa­nies need fewer staff to provide a certain level of service, the oppo­site is the case here. 

First of all, it beha­ves as usual: the great strength of AI lies in pattern reco­gni­tion. If it is trai­ned to reco­gnize weak­ne­s­ses in IT systems, it can search for further weak­ne­s­ses itself and point them out accor­din­gly. These results are anything but perfect and must always be checked and proces­sed manu­ally. For hacker groups, this means that a few highly specia­li­zed experts can train AI models, which then signi­fi­cantly increase the effec­ti­ve­ness of all the inex­pen­sive hackers that are recrui­ted. In this way, many more systems can be scan­ned and atta­cked. This enables broa­der waves of attacks on more compa­nies and increa­ses the effi­ci­ency of the groups enorm­ously. This forces compa­nies to also rely on AI-supported defense measu­res in order to keep up. 

There is no blue­print that can be used to build a company safely. Howe­ver, there are basic rules that should be obser­ved and imple­men­ted. The gene­ral rule is: preven­tion before detec­tion before reac­tion. — This simple prin­ci­ple is often disregarded. 

In recent years, we have seen a number of compa­nies that were really well protec­ted. What they all had in common was that they did not blindly purchase solu­ti­ons and products, but first deve­lo­ped a clear stra­tegy for their company. A stra­tegy that aims to provide adequate protec­tion. — A stra­tegy that promi­ses maxi­mum secu­rity with the lowest possi­ble expen­dit­ure (effi­ci­ency) and that reli­e­ves the burden on the company’s own IT depart­ment. Compa­nies with such a stra­tegy can be reco­gni­zed by the fact that they inte­grate secu­rity into every busi­ness process without slowing it down. Secu­rity is part of the corpo­rate iden­tity and culture. 

Arwid Carlo Zang heads a company that specia­li­zes in holi­stic and preven­tive cyber­se­cu­rity solu­ti­ons. The focus of greenhats is on white hack­ing, conti­nuous vulnerabi­lity test­ing and custo­mi­zed cyber­se­cu­rity trai­ning for employees, mana­gers and IT experts. In addi­tion to his exten­sive expe­ri­ence as an audi­tor for criti­cal infra­struc­tures (KRITIS), Arwid is the author of the book “Hacker vs. 

az@greenhats.com