- AI in the hands of hackers can lead to new attack vectors, including social engineering
- Organizations can limit unauthorized access by implementing cybersecurity solutions like Privileged Access Management
In this article, Darren Guccione, CEO and co-founder of Keeper Security, discusses how artificial intelligence (AI) can lead to novel attack vectors in cybersecurity. He explains that as bad actors evolve their tools to circumvent detection, defenders must adapt and implement new solutions to protect against emerging threats. One of the top scamming tactics today is social engineering, and with AI, hackers can easily mimic voices and carry out phone and voicemail scams. In the coming years, AI will lead to more attack vectors that may be out of security or IT leaders’ control. However, organizations can control what hackers can do if they implement cybersecurity solutions that limit lateral movement and protect privileged accounts. Guccione emphasizes the importance of privileged access management (PAM) solutions in protecting an organization’s most valuable assets.
Guccione also highlights the role of Security Information Event Management (SIEM) tools in monitoring events that pose the biggest threats and enabling timely incident detection and response. With increasing attack vectors and a larger attack surface, organizations need better insight into password practices and privileged users, and SIEM tools that utilize AI can enhance the ability to detect anomalies and correlate security events. This will provide organizations with even richer insights to improve their security posture.
Another key point made by Guccione is the adoption of ubiquitous cybersecurity platforms. As organizations shift to the cloud and seek affordable, pervasive solutions, there will be an increase in the adoption of platforms that provide full visibility and reduce security gaps. The article also mentions that passkeys, although growing in popularity, will not entirely replace passwords. Hybrid work environments will require the safe storage of user login credentials, necessitating the use of both passkeys and traditional passwords. The adoption of passkey-based authentication systems faces barriers such as platform support and user hesitancy, but the recent adoption by Google may lead to more websites and service providers adopting passkey-based authentication in the future.
The article concludes by emphasizing the importance of encrypted password managers that support passkeys to ensure adoption and use across different devices while preserving security for existing authentication methods.