Page 230 - Cyber Defense eMagazine RSAC Special Edition 2025
P. 230

Precision-targeted cyber attacks

            With the help of AI, cyberattacks are becoming more targeted. They can analyze vast amounts of data,
            such as social media activity and network behavior, to craft highly personalized phishing emails that are
            much  harder  to  recognize.  For  example,  an  AI-generated  phishing  email  might  reference  a  familiar
            contact, a recent online purchase, or even adopt the writing style of a trusted colleague. This level of
            customization makes it easier to trick individuals into clicking malicious links with infected attachments or
            handing over sensitive information — dramatically increasing the success rate of cyber scams.



            Defending against cyber threats with AI

            Cybercriminals are adopting AI at a growing rate, making it imperative for defenders to do the same.
            Organizations should adopt AI-powered threat intelligence solutions to strengthen their security strategies
            to stay ahead. According to IBM, companies that consistently use AI and automation in cybersecurity
            save an average of $2.2 million, compared to those that don’t.

            One approach to applying AI to defense is via AI-driven anomaly detection, which continuously monitors
            systems and analyzes behavior to identify real-time threats. For example, it can flag suspicious activity,
            such as abnormal spikes in entropy within software code, helping security teams respond faster and more
            effectively.



            Physical network segmentation


            Software-based  security  measures  play  a  crucial  role  in  any  cybersecurity  strategy.  However,  to
            effectively  protect  data  and  systems,  businesses  should  adopt  a  hardware-focused  approach  like
            physical  network  segmentation.  This  is  a  new  approach  to  protecting  networks  in  today’s  highly
            interconnected, “always-on” world.

            Physical  network  segmentation  works  by  dividing  a  network  into  isolated  sections  using  dedicated
            hardware. Think of it like creating separate, self-contained networks within your larger network. Each
            section operates independently, limiting the impact of any security issues to just that specific area. This
            isolation  should  be  a  core  security  practice,  protecting  sensitive  data  and  systems  by  preventing
            unauthorized access and containing potential breaches.

            Disconnecting  digital assets  from  the  internet  when  they’re not  in use  drastically  reduces  the attack
            surface. This offers a much higher level of security — especially for sensitive infrastructure, operational
            technology, and research data that don’t need to be constantly connected.

            In the event of an attack, this segmented approach helps contain the damage. If one part of the network
            is compromised, threats can’t quickly spread, and disruption is minimized by cutting off access before
            the situation escalates. Physical network segmentation acts as a defense-in-depth strategy, making it
            significantly harder for cyber threats to move across an entire network and target high-value systems.







                                                                                                            230
   225   226   227   228   229   230   231   232   233   234   235