At the 2024 Cyber Security in Financial Services Summit held in London, Zygmunt Lozinski, the Global Lead of Quantum Safe Networks at IBM, shared his insights on the evolving cybersecurity landscape. Speaking with the gravitas befitting a leader in the field, Lozinski discussed the impact of artificial intelligence (AI) and quantum computing on cybersecurity, highlighting their opportunities and challenges.

The Rise of AI in Cyber Attacks

Artificial intelligence and machine learning are becoming increasingly prevalent in cyber attacks, particularly phishing. “If we look at the data from IBM’s X-Force, our proactive security operation, we see the biggest increase in attacks related to identity theft and information stealing,” Lozinski noted. “However, the use of generative AI by cybercriminals has not yet been deployed at scale.” Despite this, Lozinski warned that the potential for AI-driven cyber-attacks is substantial. “Cybercrime is a business like any other. While people are experimenting with generative AI, it hasn’t been widely used. But once it is, it will drastically reduce the time needed to craft phishing attacks from hours to mere minutes.”

Lozinski emphasized the importance of proactive monitoring to anticipate these future threats. “Enterprises should be monitoring for the adoption of generative AI by cybercriminals. Understanding the risk landscape and staying ahead of these developments is crucial,” he said. To aid this effort, IBM and other cybersecurity companies publish annual reports detailing emerging threats and best practices. “Our annual reports provide a comprehensive view of the evolving threat landscape, helping organizations to prepare and respond effectively,” he added.

One of the most alarming prospects of AI in cyber attacks is the ability to create highly convincing deepfakes. Lozinski recounted a case from Hong Kong where deepfake technology was used to deceive an employee into transferring 200 million HKD to a fraudulent account. “This incident shows how sophisticated and dangerous AI-driven attacks can be,” he explained. “Deepfakes and other AI-generated content can be incredibly convincing, making it difficult for individuals to distinguish between legitimate and fraudulent communications.”

The economic efficiency of AI-driven attacks is another concern. “Once cybercriminals master the technology, they will be able to generate phishing attacks much more economically than they can now,” Lozinski stated. “The reduced effort and cost will likely lead to an increase in the frequency and scale of attacks.” This shift necessitates a proactive and informed approach to cybersecurity. “Organizations must invest in advanced monitoring and detection systems to identify and mitigate AI-driven threats before they can cause significant damage,” he advised.

Lozinski also discussed the role of AI in defensive measures. “AI can be a double-edged sword,” he said. “While it poses significant risks, it also offers powerful tools for enhancing cybersecurity defenses.” By leveraging AI for threat detection and response, organizations can improve their ability to identify and neutralize threats quickly. “AI-driven security solutions can analyze vast amounts of data in real-time, identifying patterns and anomalies that may indicate a cyber attack,” he noted.

The rise of AI in cyber attacks represents a significant challenge for the cybersecurity community. As cyber criminals increasingly adopt AI technologies, the need for advanced, AI-driven defense mechanisms becomes more critical. “The threat landscape is evolving rapidly, and we must evolve with it,” Lozinski emphasized. By staying informed and leveraging the power of AI, we can protect our systems and data from the next generation of cyber threats.”

Best Practices for AI-Driven Cybersecurity

Lozinski highlighted several examples of best practices in cybersecurity, particularly within the financial services sector. “Companies that provide cybersecurity platforms and services are embedding AI technology into their products to enhance security,” he explained. This includes using AI for incident monitoring and user behavior monitoring. “AI can help classify millions of daily events such as uninteresting or anomalous, making it easier to identify potential threats.”

One practical application is user anomaly detection. “For instance, if someone logs in from an unexpected location, like Madagascar or Baghdad, AI can flag this as suspicious activity,” Lozinski explained. “Embedding AI into security solutions helps secure operational technology, customer handling systems, and personal information, ensuring these systems are not exploited.”

Lozinski further emphasized integrating AI into security protocols to handle vast data. “In today’s cybersecurity landscape, the volume of data generated is overwhelming. Manual analysis is no longer feasible,” he said. “AI-driven tools can sift through this data at incredible speeds, identifying potential threats that might be missed by human analysts.” This capability enhances detection and improves response times, enabling quicker mitigation of threats.

Another key area AI significantly impacts is the automation of routine security tasks. “By automating tasks such as log analysis and threat intelligence gathering, AI frees up valuable human resources to focus on more complex and strategic issues,” Lozinski noted. This shift makes security teams more proactive and less reactive, enhancing overall security posture. “Automation powered by AI is essential for modern cybersecurity operations, allowing organizations to stay ahead of threats,” he added.

Lozinski also discussed the importance of continuous learning and adaptation in AI-driven cybersecurity systems. “AI models must be regularly updated with new data to remain effective against evolving threats,” he stated. “Continuous learning ensures that AI systems can adapt to new attack patterns and techniques, providing robust protection.” He advised organizations to invest in systems that support ongoing learning and improvement. “Your AI tools should evolve alongside the threat landscape, ensuring they remain relevant and effective,” he emphasized.

In addition to technical measures, Lozinski highlighted the need for a strong cybersecurity culture within organizations. “Technology alone cannot solve all cybersecurity challenges,” he said. “It is crucial to cultivate a culture of security awareness and vigilance among employees.” Training and educating staff about potential threats and best practices can significantly reduce the risk of breaches. “Employees are often the first line of defense, and their awareness and actions are critical in preventing cyber incidents,” he noted.

Lozinski also underscored the importance of collaboration and information sharing among organizations. “Cybersecurity is a collective effort. No single entity can combat these threats alone,” he explained. Sharing threat intelligence and best practices can enhance the security posture of the entire industry. “Collaboration between companies, industries, and governments is essential for creating a resilient cybersecurity ecosystem,” he concluded.

In summary, integrating AI into cybersecurity practices offers significant advantages in detecting, responding to, and mitigating threats. By leveraging AI technologies, automating routine tasks, fostering a culture of security awareness, and encouraging collaboration, organizations can enhance their defenses against the ever-evolving cyber threat landscape. “The future of cybersecurity lies in the intelligent application of AI and the collective efforts of the global cybersecurity community,” Lozinski affirmed.

Preparing for Quantum Computing

Turning to his area of expertise, Lozinski discussed the implications of quantum computing on cybersecurity. “Quantum computing poses a significant risk to current cryptographic methods,” he said. “With a powerful enough quantum computer, it would be possible to break the encryption that secures our identity management, private data, and software integrity.” This potential threat necessitates a proactive approach to updating cryptographic standards and practices.

To mitigate this risk, a global effort led by the National Institute of Standards and Technology (NIST) is underway to develop new cryptographic algorithms that are secure against both classical and quantum computers. “We have the task of updating the cryptography used in core banking systems, payment terminals, and other critical infrastructure to be quantum safe,” Lozinski explained. “This process has already started, with new standards being developed and tested to ensure they can withstand the power of quantum computing.”

Lozinski emphasized the importance of early adoption and planning. “The federal government in the U.S. has set a timeline for updating cryptographic systems by 2035, and it’s essential that organizations start preparing now,” he said. “Updating cryptographic infrastructure is a multi-year task that involves overhauling everything from network protocols to software applications.” He urged organizations to transition as soon as possible to avoid future vulnerabilities. “Starting early allows for a smoother transition and ensures that all systems are updated before quantum computing becomes a widespread reality,” he added.

The financial sector, in particular, is taking significant steps to prepare for the quantum era. “The Bank of International Settlements has conducted pilots to secure interbank payments, and other central banks are following suit,” Lozinski noted. “These initiatives are crucial for ensuring that financial transactions remain secure as quantum computing advances.” He also mentioned that the Financial Conduct Authority and other regulatory bodies are guiding to help institutions navigate this complex transition. “Regulatory support is key in driving industry-wide adoption of quantum-safe technologies,” he stated.

In addition to updating cryptographic algorithms, Lozinski highlighted the need for a holistic approach to quantum safety. “It’s not just about changing the algorithms; it’s about ensuring the entire ecosystem is quantum resilient,” he said. This includes securing data in transit, at rest, and during processing. “Organizations must consider all aspects of their IT infrastructure and how quantum computing could compromise their security,” he emphasized.

Lozinski also addressed the timeline for quantum computing’s impact on cybersecurity. “While we are confident that useful quantum computing for applications like chemistry and material science will arrive before cryptographically relevant quantum computers, the latter is still a significant concern,” he said. “Planning and preparing now is the best course of action.” He reassured that the roadmap laid out by IBM and other industry leaders is designed to keep pace with the development of quantum technology. “We are closely monitoring advancements and continuously updating our strategies to ensure we stay ahead of the curve,” he added.

In conclusion, preparing for the advent of quantum computing requires a comprehensive and proactive approach. By updating cryptographic standards, engaging in industry-wide collaborations, and adopting a holistic view of quantum safety, organizations can safeguard their systems against future threats. “Quantum computing will revolutionize many fields, but it also poses new challenges for cybersecurity,” Lozinski concluded. “By starting now and planning meticulously, we can ensure that our systems remain secure in the quantum era.” This forward-thinking approach will be critical in maintaining the integrity and security of digital infrastructures worldwide.