Lights and Technology
22 September 2021

Thinking that only Big Companies are the Target of Attacks is a Mistake

How to prevent attacks more efficiently? Read the opinion article by Nuno Cândido, IT Operations, Cloud & Security Associate Director, at Noesis, to Exame Informática, about Cybersecurity and AI

Cybersecurity is one of the tremendous current challenges all organizations face, regardless of their profile, sector of activity, or size. Artificial Intelligence will be one of the essential tools to prevent attacks more efficiently.
By Nuno Cândido, IT Operations, Cloud & Security Associate Director
With the consequent massive adoption of remote work, the pandemic has demystified some old prejudices related to cybersecurity, namely the idea that only large companies need protection.  This massive workforce movement to a remote model has increased cyber exposure and points of failure and vulnerabilities in networks and environments. 
It is essential to reinforce the message that the need to adopt cybersecurity solutions cuts across companies of all sizes, profiles, and industries. All companies run risks and are subject to suffer an attack that can compromise their activity and, in the limit, interrupt a company's operation temporarily or even permanently. With businesses more exposed, and with the growing increase in cyber attacks that has been seen since March of last year, companies' awareness of the risks of lack of security has also grown. 
This reality poses a considerable challenge to IT departments and has undoubtedly been a major impetus for a change not only in mindset but also in prioritization and investment when it comes to cybersecurity.
On the other hand, the technological evolution and sophistication of attacks are increasing, and there are more and more attacks. In 2020, there was an increase in incidents of more than 150% over the previous year in Portugal. Machine-to-machine (M2M) attacks, silent attacks, highly personalized attacks, phishing attacks, among others, caused damage worth millions of euros. 
These are financial losses but also reputational damage, from which many organizations never recover. This growing number of attacks and the public visibility that some cases have assumed has contributed to cybersecurity being more and more at the center of the concerns of those responsible for companies and their CIO's. Proof of this is the growing investment already noted in Portugal. According to the most recent IDC study - Security Market in Portugal, 2020 - it is estimated that spending on information security will exceed 197.3 million euros in 2024, which corresponds to average annual growth of 6.3% between 2019 and 2024.
Another lesson that remains from this pandemic is the recognition of the inevitability of digital transformation in organizations. In a few weeks, the technological leap in Portugal took on the pace and dimension that, in a normal era, would take at least five years. And these changes have also contributed to a greater perception of the importance of cybersecurity for business. 
The issue of security is fundamental and must be at the center of any digital transformation strategy. This conviction is reflected in Noesis' strategy, which, for a few years now, bets on developing an offer of technological solutions to support digital transformation processes, including security as an essential part. 
Our Cloud & Security unit has been increasingly betting on the specialization of its teams and the use of technological solutions that are at the forefront of cybersecurity and offer differentiating approaches, such as the reference partnership we have with Darktrace, world leader in AI & Cybersecurity solutions. 
In essence, the fundamental message is that organizations should focus on creating or strengthening a robust security architecture, an idea that also translates into one of today's biggest challenges. 2021 is a year in which organizations should reevaluate their IT ecosystem and seek to empower themselves in a structured way with cutting-edge technologies and services that allow them to safeguard themselves against these threats. 
Among these cutting-edge technologies, Artificial Intelligence (AI) is one of the key 'pieces' in the architecture of organizations. The use of AI in cybersecurity solutions allows organizations to protect themselves and prevent possible attacks more efficiently, since it can analyze data and visualize the organization's network, outlining security models, in real-time, besides also being based on predictive models, monitoring and analysis, using Machine Learning (ML) and Behaviour Analysis. 
Based on AI and ML models, this kind of assistance will be the future of organizations that want to keep at the forefront of technology with security, and the forecasts for the next decade point towards the consolidation of this vision. 
At Noesis, our bet is to provide advanced security, monitoring, observability, and automation solutions, which prove to be more efficient in terms of threat detection and resolution, and cancellation.
When malicious attacks are increasingly sophisticated and creative (also using AI tools), business systems must be up to the challenge. The significant advantages are essentially the analysis capacity that AI adds to the systems, being also an answer to the limits of human capacity. Analyzing information and eventual anomalies without overloading human resources is one of the perspectives that the vision of assisted intelligence allows to achieve. 
With little effort, it becomes possible to monitor networks thoroughly and, therefore, act in real-time on external or internal threats that affect organizations. This is a paradigm shift from traditional solutions because these solutions focus on looking for abnormal behavior instead of focusing on looking for malicious behavior. 
AI-based solutions use technology that allows you to analyze behavior patterns on any network, device, or user in an organization, regardless of scale. Through AI and Machine Learning algorithms, it is possible to detect any change in the pattern with high levels of effectiveness and thus identify potential threats much faster. 
Artificial intelligence is undoubtedly a strong ally at the service of cybersecurity and an essential investment to increase security in organizations and to equip IT teams, removing much of the effort of analysis and allowing them to focus more on what is critical to the business and the goals of the organization.
Published (in Portuguese) in Exame Informática.