By Low Jat Leng
The recent spate of WannaCry and Petya ransomware infections sent a sobering wake-up call to organisations and businesses around the world: It is high time to take cyber defence seriously.
What measures can Singapore businesses take to secure themselves against cybercrime? How can cybersecurity systems enabled by artificial intelligence (AI) protect their data? What do developments in AI mean for their cybersecurity?
IMpact spoke with Associate Professor Peter Loh of the Singapore Institute of Technology for his views. Dr Loh’s research focuses on information and cybersecurity, along with high-performance computing and computer game technology.
He was previously a principal research scientist at Temasek Labs at the Nanyang Technological University, overseeing security research covering software, mobile phones and operating systems.
What have you discovered is the biggest digital threat for businesses in recent years?
My view is that as more businesses tap into the Internet, the biggest digital threat comes from cyberattacks. These attacks include and are not limited to data theft and forgery, data integrity breaches, phishing, financial fraud, and operation impairment and subversion.
What is Singapore doing right in terms of cybersecurity? What is lacking?
Singapore has signed agreements with countries like the United Kingdom, Israel, Australia and Germany to boost cybersecurity cooperation and collaboration. The Government has also set up the Cyber Security Agency of Singapore (CSA) to oversee and coordinate all aspects of cybersecurity for the nation.
Last year, Prime Minister Lee Hsien Loong launched the Cybersecurity Strategy to create a resilient and trusted cyber environment for Singapore. There is also a new unit – the Defence Cyber Organisation – set up in the Ministry of Defence to counter cyber threats.
However, public awareness and a sense of urgency are still lacking when it comes to cyber threats.
Why should businesses take cybersecurity seriously? What can businesses do to protect themselves?
Businesses can incur significant financial as well as reputation loss due to cyberattacks. For basic protection, smaller businesses can adopt core best practices such as segregated data backups, security patches, bring-your-own-device restrictions and access controls. Larger businesses can develop appropriate cybersecurity policy frameworks with actionable items to support business continuity and recovery.
The costs of protection measures like offsite cloud backups, regular patches, updates to software and dedicated cybersecurity personnel are miniscule compared to those of business failure or the loss of lives when critical infrastructure is jeopardised by cyberattacks.
End users are one of the most vulnerable points, setting easy-to-hack passwords and clicking phishing links, for instance. How should companies educate their employees?
Some companies put their new hires through compulsory cybersecurity awareness training programmes and test their progress at specified stages. These programmes need to be encouraged and should be more widespread.
In addition, unannounced cyberattack scenarios can be occasionally simulated within companies to test employee awareness and response readiness, much like the anti-terrorist exercises carried out in schools and public areas.
Which cybersecurity areas can AI assist with? How can machine learning be integrated into data protection?
AI can help improve planning and decision-making, and provide automation support in cybersecurity. The typical areas that AI can assist with – and where they are currently being deployed in – are threat monitoring, incident detection and forecasting in a security operation centre.
Some AI-assisted security risk assessment (SRA) tools are publicly available; for example, an iPad version of one particular SRA tool can be downloaded from the Apple App Store. AI systems can also support the security management process by speeding up mitigation and remediation.
For raw or unstructured data, machine learning can help identify, collate and prioritise information to be protected and at specified levels.
How effective will AI systems be in preventing cyber attackers from stealing and/or altering data?
Currently, AI-enhanced systems can probably just increase the detection rates of such attacks. However, such AI systems are typically guided by skilled human operators, while cyberattacks are initiated and guided by human intellect. The balance will hence continue to shift. It is still not clear if AI technology can evolve to such an extent that it can supersede human intellect.
Hackers could potentially use AI to develop malware. How should Singapore and Singapore businesses step up investments in AI to better counter these threats?
The complexity and sophistication of cyber threats today make the isolation of security technologies a thing of the past; the situation warrants closer collaboration and cooperation, even among the security vendors in the industry.There should be more opportunities and funding support for collaborative research among universities, research institutes and businesses to better counter AI-based threats.
What innovations in cybersecurity do you see emerging?
With the advent of Internet of Things devices, innovations could include a distributed security framework that would complement the existing defence-in-depth model. There could also be emerging innovations in hybrid AI, big-data analytics technology, and secure software development paradigms and standards.