Hackers and cyber criminals getting bold in approach and getting more sophisticated as we pass the first 3 months of 2023, and witnessed several breach reports. According to projections, cybercrime forecast to cost the global economy $10.5 trillion by 2025, reflecting a 15% increase year on year.
Cyber adversaries are most interested in accounting and financial data that are very lucrative in nature. Cyber criminals are already using AI and machine learning tools to attack and networks.
It’s the small organizations, who cannot afford significant investments in defensive emerging cyber security tech such as AI and remain vulnerable mostly.
SMEVenture spoke to Dr. Lopa Mudraa Basuu, who is an acclaimed Security professional, having over 20yrs of rich experience in Information Security, Data Privacy, Risk Management & Governance.
Dr. Basuu elaborates that upcoming trend in cyber security for rest of 9 months of 2023, will see usage of same technologies that will be used to build the effective defence as well as to craft sophisticated attacks to break the defence.
A qualified cyber security specialist Basuu holds a master’s degree in information technology and Doctor of Excellence in (hc) Cyber Risk Management along with required industry certifications, including C|CISO, CHFI, ECSA & CEH.
For women security leaders, Dr. Bassu elaborates that ‘Technology doesn’t differentiate on basis of gender. Arm yourself with knowledge & skill with confidence. Do not ask to be treated specially just because of your gender. Practice equality to move forward’.
Cyber Security is a Dynamic & Sector Agnostic Domain
When we talk about trends of cyber, the allegory is, the same technologies are going to be used to build the effective defence as well as to craft sophisticated attacks to break the defence. In my view:
- Increased Use of Automation will be evident for both protection & attacking purposes
- Use Of AI & ML will continue to increase for both protection & attacking purposes
- Blockchain is going to play a significant role not only in security audit in future, but this technology has some inbuilt capabilities that can be used to elevate the security to the next level
- Analytics will play a significantly big role in elevating security to next level
- IAM (Zero Trust based) & Access Governance will be the game changer
When asked what does she thinks about the long gaps that exist in sophistication in attacks and awareness in cyber security, Dr. Basuu believes to mitigate threats and enhance resiliency and recovery organization have to go through huge transformation. And that is not only limited to technology, it also includes a cultural and Mind space change.
Today, cyber risk has established a stature of its own including in the global risk report of world economic forum as a top 10 risk that the world is facing.
Unfortunately, people are still trying to manage it through an old school approach which is a major gap. This is topped up by inefficient Technology Risk management and lack of knowledgeable & skilled resource at every level.
Transforming Internal & Partner Ecosystem
The most important element to bridge the gap is discovering and managing the technology risks at root including the security technology stack. This is only possible through effective risk visualization and management capability building, since every business is unique. Cyber security is a strategic mind game where human capability is the major differentiator. Mindful selection of security leader is the game changer.
Business security strategy should consider building the capability to cover and support the need of continuously transforming internal, external and partner business ecosystems keeping the business strategy, technology risk appetite & data centric security & resiliency as a core. It needs to be well aligned with investment, flexible to accommodate new requirements and should emphasize on cost efficiency.
AI Increasing Speed & Elevating Security to Next Level
Role of AI is expanding in cyber security and International Data Corporation (IDC) says AI in the cyber security market is growing at a CAGR of 23.6% and will reach a market value of $46.3 billion in 2027 .
When asked what is her opinion about AI deployment and how that will increase to combat cyber threats.
Considering the vast quantum of attacks, its sophistication, frequency, complexity and continuously emerging attack surface, it has become humanly impossible to combat with the threats by matching the speed.
AI is playing a very crucial role, here, to raise the speed and elevate the security to the next level. Responsible adoption of AI is a game changer in reactive, proactive, and offensive defence. It increases the speed & efficiency of cyber operations, control state monitoring, testing and provides dependable inputs for in-time strategic decision.
These are the 4 critical areas where AI has significant impact where traditionally we have intensive dependency on humanware elaborates Dr. Basuu.
Cyber skilling A Challenge, AI to Bridge the Gap by Eliminating The Human Error
Lack of skilled knowledgeable cyber security resource at every level is a major industry challenge today as a security professional feels Basuu.
AI will also help us to bridge this gap to an extent through strategic adoption of AI. We can increase the speed and eliminate the human error from activities like repetitive tasks, high speed analysis, mechanical tasks that trigger brain fatigue. This will allow us to invest human assets in the area of cyber that demands value addition through thinking, innovation, architecture, strategy and decision.
It is high time to re-strategize the career path to upskill keeping in mind that AI is not going to completely replace the human from cyber domain rather the demand for security professionals is going to increase to manage and execute the AI driven security ecosystem responsibly and efficiently.
Most importantly, AI and other emerging technologies are infusing a new set of risks in the digitally connected ecosystem and best of breed technology risk management professionals are needed to manage them effectively.
Women workforce Emerging stronger in Cyber Sec domain, more than before; Gender Bias do exist
Women workforces are emerging in cyber sec arena and gender bias do exist. Bias and salary disparities are two glaring gaps that do exist. Different research including (ISC)2 Cyber security Workforce Studies reveal a gender pay gap. The magnitude varies, but on an average, women professionals are paid 35% lesser than their male counterparts despite having equal or higher competency and qualification.
As per WEF, 25% of global cyber workforce is women whereas a Deloitte study shows that 33% of global IT workforce is women. Increased acceptability, significant women participation is evident in cyber which were predominantly known for male dominance. This is a healthy sign. It is time to bridge the gap including pay parity by practicing competency-based equality.
Industry has realised the huge value add from the different perspectives to decision making that is coming through inclusion of women workforce in cyber security. Organizations are reshaping to inculcate equality that is need of the hour.
Women are demonstrating commendable achievements in every domain of IT including cyber though the participation in executive and non-executive management is very less. Changes in policy too are a huge advantage for women workforce to exhibit their talent and skill.
Organizations are focused to build a cohesive women friendly environment by eliminating bias thereby addressing the gender gap in the system.
In the recent past we have seen many initiatives taken by the companies to develop inclusive work force. Post pandemic, the world whole heartedly welcomed hybrid work culture. New avenues are opening for women. It is time for women to break the bias and take these opportunities to build a successful rewarding career of their choice.
If women are able to reap the benefits and make these transitions happen, they could be on the path to greater career opportunities based on equality that will help them to bag highly-paid jobs.
If they cannot break the biases in their own minds, they could face the growing gaps be it skills, parity in salary and will be left further behind. So, it is in the hands of all the women out there on how they are going to shape tomorrow’s work place.
A journey is only worth remembering when it is a roller coaster ride not a smooth monotonous one. Well, mine is an interesting journey of transformation, from a network engineer to an Information & Cyber Security Professional to a Technology Risk Management Leader sums up Dr.Basuu.