20 June 2022
Chris Vermeulen, Chief Information Security Officer at Sanlam, offered some insight into the opportunities in the dynamic world of technology and how they impact on business cybersecurity.
What Klaus Schwab predicted
In 2016, Klaus Schwab, the Executive Chairman of the World Economic Forum, coined the term “the fourth industrial revolution”, and part of his prediction about the future was the rise of artificial intelligence (AI) in everyday life.
We know that AI is simulated human thinking through machines, which powers enablers like faster medical diagnosis, effective client profiling and digital assistance for users. However, AI can only work if it is underpinned by good quality information, therefore big data (data that contains greater variety, arriving in increasing volumes and with more velocity)* enables AI.
What does the fourth industrial revolution mean for business?
- The development of better products
- More customised customer experience
- Robotic process automation
- Enabling faster delivery
The challenge is the reskilling required – shifting from hardware programming to coding, and the investment for this kind of reskilling is seldom small.
The thief at your back door
While these new technologies provide myriad opportunities for better solutions, services and customer experiences, they increasingly provide opportunities for hackers. Chris lists some weaknesses in our digital world and how hackers constantly try to exploit them:
- While cloud computing is a leveller, it provides a playground for hackers if the system is configured poorly.
- In recent times, more employees are working remotely, and as a result phishing attacks are on the rise. It’s more difficult to target a business digitally, than it is to target an individual working from anywhere.
- It’s becoming increasingly difficult to protect employees’ mobile devices (often devices of choice when working remotely) than it is laptops and desktops.
Some of the top types of scams where hackers have increasingly become successful:
- CFO/CEO phishing
- Business email compromise
- Attacks on supply chains
So, how do we secure the future?
Chris points to the use of AI as a solution. While all attacks cannot be prevented, AI can be used to observe behaviour, and more importantly, anomalies in behaviour at the level of the user, the system and the network. He also believes that using bots to trawl social media and the deep web will help to prevent hacks.
In the words of Klaus Schwab, it’s not the big fish that eats the small fish. It’s the fast fish that eats the slow fish. So, it’s important to stay ahead, in order to stay alive.
Some Q&A from Chris’ session
1. Are Apple devices safer than Microsoft ones?
In the past, Apple was stricter about the kinds of applications that they allowed onto their AppStores, so they had a better reputation as a more trusted platform. There were instances where the Google Play Store had applications with security weaknesses. In all cases secure your phone and use a trusted app store – it’s that simple. It’s sometimes difficult for smaller businesses to get the apps they need in an app store. The bottom line is to secure your device and don’t adjust any of the security mechanisms on your device and use a trusted app store.
2. With multiple devices in one’s personal and professional life, is Microsoft OneDrive a safe platform for storing data?
Microsoft gives you everything you need to be digitally safe. Their security teams are on par with the NSA and they constantly release solid security products, which come standard with the Windows programme that you purchase. The important thing is to patch your desktop security as this is what hackers target.
3. What can I do to keep safe online?
- Enable Microsoft Defender which comes with the Microsoft operating system and is a solid anti-virus application.
- Use multi-factor authentication as a matter of course.
- Always choose strong passwords and don’t use the same one everywhere.
- When you share data on One Drive, make sure it’s shared to only persons or people for whom it is intended, and password accessed.
- Download applications only from trusted sources and ensure that you update your operating system when prompted to do so.
- Check if your email or phone's data has been breached
4. To what extent is POPIA a hindrance to sharing and processing data, especially when using client information as big data in AI?
POPIA is not a hindrance, but it does influence how we use the data. POPIA regulates how we use data and that it is being used within its agreed intended purpose. POPIA defines what we can use and for that purpose. It doesn’t stop us from using AI and gaining better insights about our clients, in order to serve them better.