Skip to content

An in-depth understanding of ourselves – our thinking mind, AL and security

    By Sunny Sun

    We have come out, for the past three years, of the disrupted world changed and adopted to the new norm whether in the workplace or our close-knit families. We learned to appreciate normality and to co-exist with viruses like we always do for the millions of years on this planet. And our mind follows the same logic to the virus in the complex cyberworld we operate. The threats are spreading faster than we could detect, we learn to shield our vulnerabilities and manage the threats.

    With an understanding that our organization’s vulnerabilities are more exposed, due to continued advancing technology and deepened inter-connection, our mind starts the process of thinking, we ask ourselves, what and why we think the way we are?  

    Thinking is a complicated matter, a general understanding is you receive the signals from the surroundings, absorbed what you have been stimulated and duplicated the contextual images in cerebrum, constructed, reconstructed, after all the feedback loops, consciously or unconsciously, true or false, to form our thought and understanding.  Unfortunately, the line of reality and constructed could be blurry or deceiving sometime.  With the over saturated social media posts, we receive more information than we could absorb or digest, and sometime be expanded by our own perception, understanding, and experience.  This leads to the line of the true reality and fabricated one could be undistinguishable. What to trust?  In our security world, the theory and practice of Zero Trust, never trust but always verify the source of the information.  Authentication is the tool to utilize.

    Why to think and behave the way we are? Our mind’s visible functions are its viable thinking, and how our thinking is being formed, in one way or the other shaped by the world we live in, whether it is the natural habitat or the social structure. Our experience in it creates our unique self, like the DNA built in our self.  It says we are the product of our environments, as we live, grow, and learn during our limited time on this planet to have collected wisdom, awareness and understanding.  Our thoughts are a powerful energy flow, like a firing bolt of interactions among the neurons at a lightning speed.  However, these impacts can sometimes be negative or damaging if the interactions are on the wrong path by our outer environments. 

    Where to look, to be secure? We now live in the digital world, spend more time in this virtual space, for work, for information and knowledge, and for entertainment as well.  Not exaggerate to say, we spent 80 -90% of our daily hours on the computer, on the phone, and online to interact with each other.  We are all one way or the other being spammed via email, phone or text, how to be sure we are safe in this space that the identity could be hidden and manipulated is to verify, verify, and verify.   Starting from https “A secure URL should begin with “https” rather than “http”,  The “s” in”https” stands for secure, which indicates that the site is using a secure sockets layer (SSL) certificate,  This lets you know all your communication and data is encrypted as it passes from your browser to the website’s server”  I am sure there are many practical menus to use as a reference to secure in the space you have the most activities.  The key is to have a safe lock simply like the one of the residences you live in to prevent unnecessary intruders. 

    What to do, to be productive vs layers of security to slow down the productivity? We humans have been striving for productivity since the stone age to learn how to use tools, and increased our capacity to live in the wildness, reforming and shaping the landscape to our own needs and comfort, outperformed and differentiated ourselves from the animal’s kingdom. Our tools have been becoming more and more advanced.  Complexity is what we have built for our world we live in, especially from the recent decades the digital world we submerged in, and the cyberspace we carved to protect and ensure all productivity and efficiency to function.   

    However, there is always a counter-balance force that nature has instilled in us, the complexity created the safety issue, and one tiny misstep or error or intrusion will tip off the balance of the equation being built into the system, triggering off the collapse of the foundation we build on.  Therefore, the necessary security measures will purposely slow down the speed of the system, how to remain balanced is the key, for a long-term holistic efficiency.  In Chinese old saying, all things need to be in moderate. Moderation should be a way of life.

    What are the critical cybersecurity threats in 2023?   According to the VEF report, it is an AL-enabled virus that could evade defense systems or even detection of various systems and organizations.  The top one is listed as the rise of automotive hacking, then potential of Artificial Intelligence. We create a machine to think, a step up forward when ChatGPT comes out of its shell.  I am going to try to ask this question to the AI-based intelligent man-made think tank.   

    Pretty quickly I received an answer:

    “As an AI language model, I don’t have access to future events or data, so I cannot predict specific cybersecurity threats that may emerge in 2023.’  However, based on current trends, a few potential cybersecurity threats that may continue or emerge in the near future, such as,  Ransomware attacks; IoT-based attacks; Phishing and social engineering attacks; Cloud-based attacks; Insider threats; Nation-state attacks; Supply chain attacks”.  The ChatGPT’s answer is comprehensive, but my human mind surfaced a question: how we could differentiate Al machine generated content from the human’s written response.   I would say you could detect from the machine’s robotic consistence vs the human’s creative deviations and critical thinking if pay much attention.

    Based on the Verizon DBIR, In 2022, “ransomware has continued its upward trend with an almost 13% rise–an increase as big as the last five years combined.” The human element continues to drive breaches. Whether it is the use of stolen credentials, phishing or simply an error, people continue to play a large part in incidents and breaches alike.

    Source: https://www.verizon.com/business/resources/reports/dbir/2022/summary-of-findings/

    In addition, Gartner has projected the risk-based VM market sector to reach $639 million through 2022. Other analyst firms have estimated the broader VM market, depending on how it is defined, as having passed the $2 billion mark in that timeframe. IDC estimated the device-based VM market at $1.7 billion in 2020, with a growth rate of 16% per year to bring that to approximately $2.2 billion for 2022.

    Source: https://venturebeat.com/security/top-10-risk-based-vulnerability-management-vm-tools-for-2022/

    “Sophos reported that among Infrastructure-as-a-Service (IaaS) users at small- and medium-sized businesses (SMBs), 56% experienced an increase in the volume of attacks on their organization when compared with last year — and 67% were hit by ransomware”

    Source: https://www.scmagazine.com/news/cloud-security/over-half-of-smbs-using-the-cloud-faced-more-attacks-in-the-past-year organizations must maintain strict segmentation across all their network environments and not leave any unauthorized access open.”

    It concludes the CISO’s priorities are Identity and Trust Services, Protect, Detect Respond, Risk & Governance, Compliance & Privacy, and Operational Resilience.

    In the world of speed, efficiency, advanced technology, we need to think ahead of the potential threats and vulnerabilities, be prepared, and ready to fight the fight, if necessary, bear in mind, human elements are and will always be the key component.

    Plus, I add a word of caution from the ChatGPT’s: “As AI becomes more prevalent in our lives, it is increasingly important to consider the potential security risks associated with its use. For example, autonomous vehicles must be designed with robust safety features to prevent accidents, while AI-powered financial systems must be protected from hacking and other forms of cybercrime.”

    Leave a Reply

    Your email address will not be published. Required fields are marked *