Connect and BLOCKPHISH partner to deliver AI cyber advisory services.

Artificial intelligence (AI) is permeating every sphere of business as companies integrate the technology into operations to drive efficiencies and achieve scale.

While implementing technologies like generative AI (GenAI) and large language models (LLMs) in the business can create huge opportunities for organisations, they also come with risks as they introduce new attack vectors.

Without the right policies, procedures and solutions, businesses become vulnerable to attacks.

“While organisations are bringing AI into the business to enhance their capabilities, there is a general lack of understanding regarding the risk and threats that these technologies pose,” explains cybersecurity specialist and partner at BLOCKPHISH, Tom Pepper.

Business leaders need to understand how AI increases penetration risks and what third-party solutions can bring to the table in terms of shoring up security.

In this regard, Pepper says businesses need a multi-modal approach to data security, starting with employee awareness and clear company policies, technical controls, and restrictions and guidelines on using AI engines.

“Workers need to know the risks when uploading company documents or sensitive data to a public LLM like ChatGPT, as sharing this information can provide it to competitors,” elaborates Pepper.

Additional threats coming from AI include more sophisticated cyberattacks from malicious actors, who are using the technology to enhance their capabilities.

“Attackers are leveraging AI for precision and speed, looking to exploit vulnerabilities in a company’s growing attack surface due to their expanding digital ecosystems and interconnected systems,” explains Pepper.

“In this AI-powered threat landscape, traditional cybersecurity measures are no longer enough.”

For instance, AI can deploy large-scale phishing campaigns, generating emails with fewer of the mistakes that typically characterise these attempted attacks, making it harder for targets to identify them as malicious.

Thankfully, AI can also play an important role in detecting attempted cybersecurity breaches and protecting companies, with solutions that use AI to uplift security capabilities offering businesses significant value.

By using AI and machine learning (ML) to understand incidents, these solutions can identify and learn from evolving attempts to effectively anticipate, detect, and respond to emerging threats.

“In this way, incorporating ML into Security Incident and Event Monitoring (SIEM) tools and Security Operations Centre (SOC) capabilities helps reduce the strain placed on human resources, especially given to the talent shortages in cybersecurity expertise,” elaborates Pepper.

AI-based solutions also reduce the time spent by security analysts reviewing threats, offering the ability to identify and prevent attempts at a speed and scale that human security resources are incapable of achieving.

However, selecting proactive, intelligent solutions that can outpace threats, ensure compliance with ever-changing regulations, and build AI cyber resilience within organisations requires a comprehensive assessment of individual company requirements.

To address this need, BLOCKPHISH and Connect have partnered to provide expertise in navigating the complexities of AI-related threats and addressing the security risks associated with AI systems and technologies.

“Together, we offer comprehensive advisory services to assess, mitigate, and manage security risks stemming from a company’s AI usage while helping defend against AI-powered threats,” explains Pepper.

This process starts with a consultative phase, which includes a comprehensive review that aims to identify a company’s biggest risks and vulnerabilities.

“In our advisory consultations, we look to identify a company’s crown-jewel assets, determine where a business is most exposed from a security perspective, and recommend the right tools and processes to wrap around these assets to uplift their security posture and protect them,” continues Pepper.

Advisors also guide businesses on ethical AI use, data privacy, IP protection, and legal risk management, ensuring responsible AI governance and compliance with applicable laws and standards, including GDPR, the AI Act, HIPAA and PCI-DSS regulations.

“While most CISOs and CIOs understand the broader cyber threats posed to their business, the risk that AI brings changes the game. It is critical that business leaders know they haven’t left a hole in their perimeter.”

A key focus for the cyber advisory team is staff awareness and training to ensure workers operate securely and understand the risks.

“Companies that leverage the functionality of LLMs – either in-house or taking advantage of third party models – still need to ensure they are used securely,” says Pepper. “Teaching people how to use AI and engage with chatbots securely reduces the risk of a breach.”

Connect’s tailored cyber defence training, awareness programmes and threat briefings help an organisation and security team understand the risks posed by AI in the context of cybersecurity and empower teams with tailored AI-specific cybersecurity knowledge and skills.

In the next phase, BLOCKPHISH and Connect security and automation experts evaluate a company’s AI deployment, uncover vulnerabilities, and provide strategies to defend against threats, such as data poisoning, adversarial attacks, and model inversion.

“This evaluation enables us to provide recommendations that are specific to the types of AI models and use cases an organisation employs, including strengthening the security posture of AI systems to defend against AI-enhanced cyber threats, like AI-generated phishing and adaptive malware.”

The AI cyber advisory team will also help businesses develop a plan and response strategy to respond and recover following an attack.

“While most companies know how to deal with common cyberattacks, few are prepared for the growing number of AI-driven incidents,” continues Pepper.

An adversarial attack simulation exercise takes an organisation through a potential incident to determine whether there is a good monitoring strategy in place with the appropriate alerts to ensure the company can react and respond as early as possible. The advisory team will also advise organisations on how to respond and what to do next.

“Ultimately, reducing AI-related risks requires robust policies and procedures, while responding appropriately to an attack or breach requires security infrastructure that is prepared for AI-based malware, phishing, or fraud attempts, and established and clear AI-focused incident response plans that ensures companies can quickly react and respond to attacks,” concludes Pepper.