The AI driven cybersecurity architecture will have run through scenarios for answering questions like: 'What could a bad actor exploit in my current environment? What is the potential impact on the availability of certain critical resources?'

'In fact, you could put on a HoloLensand visualize it. And, Cortana could say: Based on this scenario, this is the weakest link. Solve for this first. There is a lot of promise from technology. It is pretty exciting.'

Johnson's enthusiasm for sophisticated solutions, however, is tempered with some down-to-earth advice: Do the basics. 'You can spend millions of dollars on technology, but if you don't have security hygiene, it doesn't matter what you buy.'

Her watchwords are: 'Assume Breach'. 'You always have to assume that you have been compromised. In Asia, compromises are not detected on average for about 500 days - compared with 100 days in the U.S. Think about someone being in your network for 500 days and the amount of damage they can do.'

Her security 'no brainers' include: Stop sharing domain passwords; manage admin privileges in your company; and always update when new patches are released.

Also, continually educate your staff and executives on how to guard against traps like phishing. 'About 85 percent of internal breaches are not malicious. They are often somebody doing something careless, or they don't know any better.'

Think about someone being in your network for 500 days and the amount of damage they can do.

Make sure your network is backed up properly and have an up-to-date disaster plan. Sixty percent of small companies that are breached do not recover and go out of business.

Johnson says the world must now accept that cybercrime is here to stay. 'It is not going to stop. It is going to get worse. We will have to act faster, but we are not going to 'stop' it. It's like saying we are not going to have another murder or another bank robbery.

'Sadly, it is now part of the fabric of society. I am talking a lot more nowadays about cyber-resilience rather than just cybersecurity.'

Meanwhile, the types of actors involved in cybercrime are changing.

'As recently as five or six years ago, we used to put actors into categories. Then, you had nation state actors, financially motivated ones looking for valuable information to sell, as well as those hacking for fame or activism.

'But the lines are incredibly blurred nowadays. It is a multi-trillion-dollar industry … and they are working together in ways they never did before.'

Microsoft Corporation published this content on 26 July 2017 and is solely responsible for the information contained herein.
Distributed by Public, unedited and unaltered, on 26 July 2017 16:05:43 UTC.

Original documenthttps://news.microsoft.com/apac/features/ai-cybercrime-good-bad-news/

Public permalinkhttp://www.publicnow.com/view/6A1BECE83040CDB493429CC9F718CD1F4993A29E