Telecom Review Africa recently conducted an exclusive interview with Roland Abi Najem, CEO of Revotips, to discuss the impact of artificial intelligence on the cybersecurity landscape. The interview covered a range of topics, including the ways in which AI has contributed to the proliferation of cybersecurity threats and how it can be used to improve cybersecurity awareness and training for employees. In addition, Mr. Najem discussed the specific technologies that Revotips is prioritizing in 2023 to strengthen cybersecurity systems, as well as the solutions and services the company is focusing on to address potential cybersecurity challenges. Finally, he shared some of the goals and future plans that lie ahead for Revotips in the rapidly evolving field of cybersecurity.
How has the proliferation of AI added to the cybersecurity threat landscape?
The proliferation of AI has significantly impacted the cybersecurity threat landscape in various ways, making it more complex and challenging to manage. AI eliminated many barriers to entry to cyberattacks and made it easier for almost everyone to use AI tools like ChatGPT to create a scam email or message, check certain codes for security holes, use deep fake technology to mislead their victims, and so on. Moreover, AI-powered tools can help cybercriminals automate the generation of malware, phishing emails, and other malicious content. These tools can adapt and evolve rapidly, making it harder for traditional security solutions to detect and counteract them.
What made those threats worse is that, currently, there are no rules or regulations to govern all aspects of AI since governments are still struggling to find the proper rules to control cyber-attacks before AI; now, things are becoming more complicated with AI.
How can AI be used to improve overall cybersecurity awareness and training for employees?
AI can be employed in multiple ways to improve cybersecurity awareness and employee training, mainly by personalizing the training where AI can analyze each employee's learning patterns, strengths, and weaknesses to create personalized training modules that cater to their specific needs. This ensures a more effective learning experience and improves the retention of crucial information.
Moreover, AI can be used to create engaging, interactive, and game-based training exercises that encourage employees to participate actively in the learning process. This can include simulations, quizzes, and virtual environments where users can practice responding to cyber threats in a safe and controlled setting.
Additionally, AI-powered training platforms can adjust the difficulty and content of training modules in real time based on an employee's progress and performance. This helps to maintain an appropriate level of challenge and keeps employees engaged and motivated throughout the training process.
As for the KPIs, AI can provide real-time feedback to employees during training exercises, enabling them to learn from their mistakes and improve their understanding of cybersecurity concepts and best practices. AI can analyze employee behavior, such as their interactions with emails, websites, and applications, to identify potential risk areas and provide targeted training to address those vulnerabilities.
What technologies are Revotips prioritizing in order to strengthen cybersecurity systems in 2023? And what solutions and services are Revotips focusing on to address potential cybersecurity challenges, particularly AI-based threats, in the coming years?
Seeing as there is no one solution that fits all in cybersecurity, that’s why our key added value in Revotips is that we always work on Security Assessments for organizations to provide them with the best solutions that fit them, taking into consideration their financial capabilities, their team expertise and potential, etc. Our Research and Development team at Revotips works daily to stay up-to-date with the latest cybersecurity threats and to strengthen cybersecurity systems to provide the ultimate protection, considering that there is nothing called 100% secure in cybersecurity. Based on this fact, the purpose is to enhance the protection against cyberattack and reduce the detection time.
Nowadays, Artificial Intelligence (AI) and Machine Learning (ML) should be integrated with all your security systems since they can enhance threat detection, response, and prediction capabilities. These technologies can help detect unknown threats and develop proactive defenses by analyzing vast [amounts of] data and identifying patterns.
Moreover, since we can only partially secure, especially with the increase of security threats due to the rise of AI, we always work on building the Zero Trust mindset and Zero Trust Architecture, which requires verification of every user, device, and connection before granting access to resources. This reduces the attack surface and helps prevent unauthorized access to critical systems and data.
Implementing MFA can always remain a key point in enhancing security since it reduces the risk of unauthorized access to systems and data by requiring multiple forms of verification, such as passwords, tokens, biometrics, or other factors, before granting access.
EDR solutions are also key elements in cybersecurity since they continuously monitor and analyze endpoint activities. Cloud Security, Security Orchestration, Automation, and Response (SOAR) are all key elements of cybersecurity.
As with the advanced threat of AI, the focus should be on increasing training and awareness for the technical and non-technical people in the organization since 95% of cyberattacks are caused by human errors. Scammers are using the latest AI technology nowadays, like Deep Fake, professional scam emails, and many other ways to scam employees. Investing in technology only without investing in your people will lead nowhere.
What goals and future plans lie ahead for Revotips?
The cybersecurity industry is becoming really challenging due to so many factors. One main factor is AI-based threats, but there are so many other factors, like the current economic crisis, where many organizations are losing lots of money and can’t invest in cybersecurity.
At the same time, hackers are getting more advanced with high capabilities, and it is becoming much more difficult to stop them.
Based on the above, Revotips’ future plans are to always work on finding the most case-specific suitable solutions and support the organizations with the best affordable prices they can pay, and this is really challenging.
Moreover, we are working at Revotips on many automated solutions that can support the end users in identifying a security threat. One of those solutions is SEPA — Smart Email Protect Alert — which is an add-on that can identify a security threat in any email, and it can be integrated with any spam filter or any other email protection system.
The main purpose of such plans is to facilitate the detection of any threat and help the end user identify it.