IT security is ramping up this Fall due to an escalating and evolving threat landscape, especially from AI-powered attacks like sophisticated phishing. Unfortunately, we are seeing the effects of this with some of our own clients. In response, organizations are being advised to increase their defenses, focusing on AI-driven threat detection, multi-layered defense, and patching vulnerabilities.

Here are some of the ‘scary’ factors causing the increase in IT security:

  • AI-powered cybercrime – The use of AI is causing attacks, like phishing, to be more effective. Studies show AI-automated phishing attacks are clicked at a much higher rate than traditional ones.
  • Sophisticated Attacks – The overall nature of cyberattacks is becoming more sophisticated and persistent.
  • Ransomware resurgence – Yes, there has been a recent sharp increase in ransomware attacks, especially in North America and Europe.
  • AIrelated risks – Organizations are increasingly aware of and concerned about risks associated with using AI tools, such as data leakage and compliance issues, leading them to block many AI-based applications.

So, what can your organization do to ramp up your own IT security? Here are the most important measures to put in place:

AI-driven defenses

There is a strong push to use AI to counter AI-powered threats by enhancing threat intelligence and detection capabilities. We recommend the following:

  1. AI-driven spam filtering such as in Barracuda, which we use. Barracuda uses artificial intelligence (AI) to provide AI-powered security solutions that protect against sophisticated email-borne threats like spear phishing and business email compromise. AI analyzes emails in real time to identify and block malicious messages before they reach inboxes, and it continuously adapts to new attack tactics.
  2. Addition of Microsoft P2 licensing – Here are its key features:

Microsoft Entra ID Protection – uses machine learning to detect and respond to suspicious activities and allows for risk-based conditional access policies, such as requiring multi-factor authentication for logins from unfamiliar locations.

Privileged Identity Management (PIM) – provides just-in-time (JIT) access to privileged roles and enhanced auditing for administrators, which helps to secure administrative accounts.

Access Reviews – facilitates the review of user access to groups and applications, helping to ensure that access is still appropriate.

Identity Governance – offers enhanced controls for managing user identities

Other key features to employ (and you can find in our tech tip section of our website) are Multi-layered security, the core point of which is “Never trust, always verify.” Multi-factor authentication (MFA) falls under this category.

We also recommend deploying SentinelOne, which is a step up from traditional antivirus and endpoint protections, securing against threats from personal devices. Improved  patch management is critical in limiting exposure to widespread exploits. Lastly, KnowBe4 is a security awareness training and simulated phishing platform that helps organizations protect against cyber threats. (Read more here.)

Unfortunately, cyber crime is only growing. Contact us with any questions or for more information on everything your organization should be doing to stay up to date with your IT security.