Technology is changing the way we do business. The latest innovations can help streamline processes and expand your reach, but there are risks to digital technologies. Cybersecurity leaders share how businesses and individuals can protect themselves while making the most of emerging digital tools.
Our panel:
Keith Bamford, CEO and co-founder of Daystar, daystarinc.com Jeff Stutzman, CEO of Trusted Internet, trustedinternet.io
Keith Bamford, CEO and co-founder of Daystar, daystarinc.com
How are businesses leveraging generative AI to create new efficiencies and enhance client experiences?
A. ChatGPT brought conversational, generative AI technology to the mainstream virtually overnight. Research firm Gartner predicts generative AI’s impact will be like the invention of electricity or the internet. For businesses, generative AI will most definitely change the playing field, but it’s a long-term game. This powerful technology is still very new.
In these early stages, many first experiment with content generation. This presents promising opportunities for sales and marketing teams, as well as HR. Using generative AI as a jumping point to brainstorm topic ideas or produce first drafts streamlines content creation. Additionally, we see businesses using AI to freshen existing content in a new voice or tone.
Other ways businesses are using generative AI include summarizing large volumes of content; enhancing website chatbots; automating tasks; generating meeting recaps and takeaways; and improving analytics and insights.
Some are using it to leverage existing applications. Many software developers are building AI into their platforms. For example, CRM providers like Salesforce and HubSpot have rolled out AI features to bring powerful new tools to their clients. QuickBooks launched Intuit Assist late last year as a generative AI financial assistant.
Stay aware of updates or additions with your current platforms. Note that some may include product enhancements you can access instantly, while others require an additional subscription, such as Microsoft Copilot.
What are some basic best practices to follow when using generative AI?
A. Communicate your business’s expectations around the acceptable use of generative AI with your team. Provide guidelines, such as not sharing sensitive data, on open, free AI platforms.
Get serious about data governance. As the technology matures, it will integrate more deeply into your operations and systems. Generative AI relies on data. Do the work now to structure and clean up your current data so you are ready to take advantage of future enhancements.
Experiment safely. Generative AI can be unpredictable. Review and verify AI-generated outputs to ensure accuracy. With generative AI coding, create sandboxes to safely test and analyze results before going live. It’s important to keep security at top of mind when using generative AI.
Why is cyber insurance important, and how can businesses better position themselves to qualify for good, cost-effective coverage?
A. As cyberattacks continue to rise, cyber insurance provides important financial and legal protection. Cyber threats have grown both in the number of attacks and in sophistication. Because of this, the risks are greater, which, in turn, leads to higher costs for coverage.
Still, cyber insurance is very important. A cyber breach costs more than just restoring data and systems. The real cost of a cyber incident includes costs associated with loss productivity, customer or employee notifications, loss reputation, compliance fees, legal fees, etc. According to IBM, the average data breach costs $2.98 million for businesses with fewer than 500 employees.
Work closely with your insurance broker and IT provider to apply for cyber insurance. Follow cybersecurity best practices covering all three vectors of people, process and technology. This demonstrates the proactive measures you have taken to mitigate some of the risks to insurance providers. Lastly, start the application process early. It takes time and effort to gather all the information needed to position your business well for coverage.
Jeff Stutzman, CEO of Trusted Internet, trustedinternet.io
What kind of internet hacking can homeowners be susceptible to?
A. Here is a real example of a home Wi-Fi invasion that Trusted Internet just helped resolve.
During the last week in February and the first week in March, Trusted Internet performed an incident response, assisting a hacked homeowner to recover from an Evil Twin attack called Karma.
An Evil Twin attack means that something is impersonating something else but with malintent. Karma is used to duplicate an otherwise trusted Wi-Fi connection, enticing users with seamless connectivity. Karma identifies, then duplicates a known Wi-Fi SSID, but without credentials, in the hope that an unsuspecting user will connect, or better, a machine will look for the first successful connection, which occurred.
The victim unwittingly opened his phone only to associate with a Karma-generated Wi-Fi doppelganger.
Once connected, sensitive data began to flow freely — contacts, credit card information, usernames, passwords and even the contents of private communications become fodder for the attacker’s insatiable appetite.
Within the first few hours, the infection spread, and the homeowner was quickly overtaken with paranoia and fear. He’s a smart technical guy but couldn’t find a way clear. Credentials were being changed, and devices locked out. He was becoming desperate fast.
What can someone do once they have been hacked?
A. The homeowner called Trusted Internet about 12 hours after the breach.
We instructed him to terminate his internet access. We had no idea how this was happening, but our first step is isolation. Once cut off from the internet, we had one more call by phone — we had him pick up a new phone and laptop at a local Best Buy.
The phone was set up on a Trusted Internet VPN, and used only as a mobile hot spot, allowing him to download our endpoint security tools safely. We overnighted him a firewall and had him move to a wired connection while we rebuilt the remainder of his home computers.
We created a separate network for his work, and brought computers online one at a time, watching the firewall and security tools for any indications of compromise. It took about a week to fully restore the network and computing in his home.
The consequences of a successful Karma attack can be devastating, both for individuals and organizations. Besides financial damage, the fallout from such an incursion becomes personal. Trusted Internet’s team of Virtual CISOs can respond quickly, offering technical support and cyber therapy, as needed.
