EDITOR’ S QUESTION

Predictions includes attackers leveraging AI in various ways, from conducting generative profiling to powering up password spraying. Cybercriminals continue to weaponize AI and use it for nefarious purposes and increase the volume and velocity of attacks they deploy.

From gathering data more efficiently to using large language models, LLMs to craft phishing communications that are more realistic than ever, experienced and novice threat actors are relying on AI as an easy button to streamline their efforts.

To counter the constantly evolving methods used by threat actors to bypass standard defences, security professionals should adopt the following practices.

Rather than waiting for alerts, defenders should conduct proactive threat hunting to identify signs of potential compromise that automated systems may miss. This approach involves leveraging advanced data analytics, behavioural analysis, and hypothesis testing.

Implement a defence-in-depth strategy that layers multiple security mechanisms, such as network monitoring, endpoint security, and anomaly detection so that if one defence is bypassed, others can act as a safety net. Ideally, these solutions should be integrated into a single platform to share layered checks between security and networking systems seamlessly.

Continuously verify users’ and devices’ identity and trust level, even within the network perimeter. Zero- Trust models minimise the damage attackers can inflict if they gain access to the network.

This helps defenders anticipate new tactics and adapt existing safeguards accordingly.

Regular red and blue team simulations can reveal weaknesses in an organisation’ s defences and provide actionable insights into potential bypass strategies attackers might use.

This adaptive, multi-layered approach, underpinned by continuous learning and the adoption of emerging security technologies, helps organisations stay resilient as the threat landscape evolves.

Above all, organisations should procure technology products that are secure by design, as defined by the Cybersecurity and Infrastructure Security Agency, CISA. Secure by design is a foundational approach to product development that ensures security is an integral part of the design and development process, with strong security controls built into the DNA of every product and service.

Defenders should conduct proactive threat hunting to identify signs of compromise that automated systems may miss.

Fortinet is proud to be an early collaborator and signer of the CISA Secure by Design Pledge, which requires that participants commit to taking measurable steps across seven key areas to make their product development processes and the resulting technologies more secure. p

Use up-to-date threat intelligence to stay informed about emerging TTPs and keep playbooks current.

KALLE BJORN, SENIOR DIRECTOR OF SYSTEMS

ENGINEERING, FORTINET

www. intelligentcio. com INTELLIGENTCIO MIDDLE EAST 35