Trend Micro’s annual free-for-all cybersecurity conference made a triumphant return to face-to-face with the theme “Decode 2023: Resilience Rising”.
Over 700 attendees from various organizations and universities across the metro participated in the event held recently at Edsa Shangri-la Hotel in Mandaluyong City.
The event featured multiple track sessions, panel discussions, and hands-on activities. Participants were also able to engage with cybersecurity experts on the topics of threats, data and privacy, skills and processes, and new technologies.
Given the back-to-back cybersecurity issues faced by various organizations and businesses in the country in recent months, here five key takeaways on cybersecurity as shared by experts:
1. Hackers are progressively getting more creative
With the rapid innovation and evolution of technology, hackers are upgrading and evolving their strategies as well.
One example is a virtual kidnapping scam wherein criminals take advantage of the easy access to audio, video, and images made available on social media. These are strategically timed for when the kids are at a daycare or school, and parents would receive video calls with their child’s face and voice, pleading for them to pay the ransom.
Should they try to call them, the line would already be rerouted directly to the criminals utilizing AI-powered voice cloning tools to pose as their kidnapped child.
To combat such innovative crimes, cybersecurity firms and professionals are also working on upgrading their systems and upskilling the workforce to build their resiliency.
Jay Yaneza, director of managed detection and response at Trend Micro, mentioned during the Decode panel discussion how companies and organizations are also maturing in their attitude towards cybersecurity.
In acknowledging the risks and consistently adapting to the threat landscape, businesses and cybersecurity firms will better be able to stand their ground, no matter how ingenious the approach of threat actors.
2. Artificial intelligence can be our friend or foe
With the emergence of artificial intelligence (AI), many are divided on whether it truly benefits society. AI can definitely be a helpful tool depending on how you utilize it, but that means that it can also be helpful for cybercriminals.
Robert McArdle, director of Forward-Looking Threat Research at Trend Micro, mentions in his keynote how there are already numerous forums among criminals dedicated to learning AI.
With this, lower-level threat actors can easily move up to mid-level threat actors, and so on up the ladder until elite-level criminals eventually become finely-tuned criminal machines.
So, while cybercriminals — criminal novices to expert hackers — are already exploring the capabilities of AI for their advantage, cybersecurity firms and professionals are also doing the same to ensure that AI-assisted threats are detected early and are immediately addressed.
3. Our convenience is their convenience
While biometrics was initially believed to be a secure and innovative alternative to passwords, the internet has now become a platform for many to permanently leak their voices, faces, and fingerprints on a regular basis.
While time has proven that businesses can make their processes easier through biometrics and facial recognition, it also brings in multiple security risks for users.
Through stolen biometric data, many threat actors can easily access personal and private data of daily consumers, revealing sensitive information such as bank accounts, addresses, and more.
In an age where your data defines who you are, it is crucial to be discerning regarding what apps and services have credible and trustworthy protection, and whether or not lending images of your face or even hands is worth the potential risk of a criminal stealing your fingerprints… or even your identity altogether.
4. Schedule that update for tonight — or ASAP
In a case study presented during the track session entitled: When Good Intentions Fall Short: Top 5 Cyber Resilience Failures, it was discussed how an organization experienced a ransomware attack that went undetected for 21 entire days, all because of an outdated security system.
Most software that we use in our day-to-day life, from the system software of our phones and laptops to the software of our printers and graphics/multimedia applications, are consistently updated by developers.
These updates aren’t just for show but for the very purpose of keeping up with the threat actors and building up your resiliency from attacks. This added protection and security is useless however if users don’t constantly update their devices and applications.
Yaneza shares “The attacks that we’re seeing are a little bit faster nowadays… we used to be counting days, but now we’re counting hours.”. So, stop holding off that update and schedule it for as soon as possible!
5. While we can’t predict the future, we can prepare for it
Cybersecurity has evolved significantly in recent years. In McArdle’s keynote entitled Cybersecurity Threats in 2023, the top cybersecurity trends from the years 2016 to the present were discussed to better set the scene for what we can expect in the coming years.
Cyber threats have evolved from simple email scams intended to get bank credentials and passwords to data breaches affecting the biggest organizations and institutions worldwide.
These organized and complex crimes that once attracted media coverage for weeks at a time have now become so frequent, happening on an almost weekly basis today.
The good news is that since most criminals focus on short-term and easy executions, cybersecurity professionals and security tools can use trends and predictions from reports like Trend Micro’s Mid-year Cybersecurity Threat Report, to always be two steps ahead of the game.
Registered users on decodeph.com may view the different track sessions and discussions held at Decode 2023: Resilience Rising on the website.