Sri Lanka’s path to cyber resilience in the age of AI 

 

Headshot of a personBy Harsha Randeny, Country Manager for Microsoft Sri Lanka and Maldives

In today’s era of artificial intelligence (AI), cybersecurity has evolved into a fundamental practice essential for safeguarding digital information, devices, and assets. Cyberattacks typically aim to access, alter, or destroy sensitive data, extort money from users, or disrupt business processes. The pace of attacks has increased to the point where there is now constant combat in cyberspace. Microsoft alone detects almost 4000 password-based attacks against their customers every second of every day. Consequently, cybersecurity is now a critical concern for nations, businesses, and individuals and we must continue to adapt to a dynamic and intensifying threat landscape.

In this era of AI, AI-powered cyberattacks can threaten supply chains, throw essential systems into disarray, or lead to leaks of sensitive data. However, it is essential to recognize that alongside this heightened risk, the advancements in AI have also evolved to offer increased opportunities for threat detection and protection.

As Sri Lanka progresses on its digital transformation journey, robust cybersecurity mechanisms are more vital than ever. Prioritizing cybersecurity and understanding how AI can enhance defences are essential steps for organizations.

Crafting a cybersecurity blueprint

A tailored cybersecurity blueprint is essential, addressing the needs of stakeholders, including assigned leadership team/board of directors, IT and technology teams, compliance officers, and employees. Effective communication and buy-in are crucial for successful implementation across the organization. Here, trust forms the foundation of any cybersecurity framework, ensuring confidence in the system’s ability to protect data and withstand attacks.

Microsoft’s modern security approach, Zero Trust, is built on the principle of “never trust, always verify.” This approach enhances security by requiring verification for every access request, regardless of its origin. With Zero Trust, all users, whether in or outside the organization’s network, are required to be authenticated, authorized, and continuously validated for security configuration and posture before being granted or keeping access to applications and data. This model emphasizes explicit verification, least-privilege access, and the assumption that a breach has occurred, thereby strengthening an organization’s cybersecurity posture.

Navigating an AI-powered cybersecurity landscape

With the emergence of AI, there is a substantial shift occurring in the field of cybersecurity. The integration of AI into cybersecurity solutions has revolutionized the way organizations detect and respond to threats. AI enables businesses to identify security anomalies, suspicious network activity, and hacking attempts in real-time. AI-driven threat detection significantly boosts security architecture by identifying malicious activity that compromises IT infrastructure, website security, and data confidentiality.

In threat detection, time is of the essence. Every minute a company does not use to its advantage gives hackers a chance to cause greater damage. Effective threat mitigation requires swift detection and neutralization before cybercriminals can exploit vulnerabilities. AI reduces the time spent on threat detection, making it an indispensable component of modern cybersecurity. Thereby, AI-driven threat detection increases architecture security by identifying any malicious activity that compromises the IT infrastructure, website security, and data confidentiality.

Fostering collaboration between leaders and employees for cybersecurity vigilance

Cybersecurity is a shared responsibility that requires collaboration and vigilance from both leaders and employees within an organization. Leaders play a crucial role in emphasizing the importance of a consequence-driven approach and fostering a culture of cybersecurity awareness. Leaders must provide the necessary resources and ensure that cybersecurity initiatives are not standalone efforts. Instead, they must be seamlessly integrated and aligned with the organization’s overall strategy. This alignment is vital for initiatives to be effective and for the organization to be resilient against cybersecurity threats.

Employees, on the other hand, must be adequately trained and empowered to recognize and report potential threats, comply with security policies, and adopt best practices in their daily operations. By generating a collaborative approach, organizations can cultivate a cybersecurity-conscious workforce capable of identifying and mitigating risks proactively. Therefore, an alliance is required between leaders and employees to ensure all are working cohesively towards a cyber resilient organization.

As Sri Lankan businesses embrace Cloud and AI technologies, democratizing access to advanced cybersecurity solutions is crucial for a secure digital journey. Cybersecurity protection requires a whole-of-industry and whole-of-society mission. The way forward involves assessing risks, taking appropriate actions to enhance cybersecurity posture, and building a resilient infrastructure that supports business goals while protecting assets and data. Leveraging democratized cybersecurity can empower both organizations and the nation to secure their digital futures effectively.

Disclaimer: This article was first published by Daily News in Sri Lanka on October 16, 2024.

Related Posts