Zaheer Ebrahim, solutions architect for Trend Micro Middle East and Africa.

Twenty years ago, security consisted mainly of antivirus programmes that would react once a threat was detected in the system. “That was where reactive security was born and we’ve been using it ever since, reacting when we are faced with a security threat,” says Zaheer Ebrahim, Solutions Architect for Trend Micro AMEA. “However, with the speed and technical sophistication of today’s threats, reactive security is no longer sufficient.”

Threats are emerging on a continual basis. Ransomware is one of the biggest current threats, and ransomware gangs are causing havoc. With AI progressing at such a fast pace, deepfake technology is growing at an alarming rate, targeting both enterprises and individual consumers.

Deepfaking often looks incredibly legitimate, and many organisations have made payments to bad actors, believing that their CFO is instructing them to do so in a phone call or online meeting. With these threats becoming more frequent and sophisticated, it’s essential for organisations to incorporate AI into their defences. AI is a powerful tool when harnessed for good. It allows you to bolster the technology stack in a security environment, and use features such as predictive analytics to predict an attack before it even happens. This is far more effective than a security system that responds only when an attack is already within the network.

Vision One from Trend Micro contains specialised AI to detect, predict and prevent attacks. “AI is the brain behind this technology, which also provides analytics in user behaviour, triggering alarms if anomalies are seen,” Ebrahim says.

Zero-trust is a vitally important methodology that must be used for people, processes and technology. It is becoming increasingly important for both authentication and authorisation. The type of zero-trust that an organisation uses will depend on their environment. Zero-trust in the financial sector will have different methods and requirements from zero-trust in the medical sector. A password alone is not enough. Today, at least one other layer of authentication is needed before employees can access company data. Continuous verification is also important, so that users are prompted to update their credentials regularly, to ensure it is still them working in the system.

You can never be complacent with the security you have, because a new threat can develop and cause disastrous breaches, just as AI has done. As Ebrahim explains: “In today’s world, it’s not a case of if you will be hacked, but when. Threat technology is constantly evolving, and your security needs to do the same.”

Education is key, not only for technical staff, but for non-technical people who also work in your company environment. A phishing email will often be aimed at those staff who are less involved in, and aware of, security, and once a hacker is in the system, the environment is compromised. Make security a core requirement, be proactive, and focus on education and awareness training for all staff. A security-first culture is imperative.

Security tools need to enable a secure environment without hindering company performance, and end-users need to be aware how crucial it is to protect the data in their environment, even when they are working remotely or from home.

“It’s essential to have a digital-first mindset, and to be aware what the attack surface covers, and to minimise the risk at all times and in all environments,” Ebrahim says. “South Africans are known as alert travellers, who are generally streetwise and aware of their surroundings. This mindset needs to spill over into the digital world, so that we become known as the most smart and streetwise in the online world as well.”

www.trendmicro.com