Hola, mis amigos, otra vez! This one crossed my desk a while ago and given my love of all things Spanish, it tickled my sense of humour although it’s a huge red flag for security and trust in general, so it’s worth a quick note.
An image appeared on the internet of the Pope decked out in Balenciaga, a luxury Spanish clothing brand. The internet nearly broke at the very thought of this. For about a 24-hour period, before a press release was issued stating that the image was fake, everyone lost their marbles over how dapper he appeared, with others commenting that the church had gone literally “to hell in a hand cart, “just as they expected”. Yikes.
As indicated, in the end, it turned out (not unsurprisingly) to be an AI-generated image by a company called “Midjourney” basically to demonstrate, very ably, the advances in artificial intelligence over the last 12 months.
What lessons can we learn from this? Well, lots of things really, but I think the biggest is this: If it takes a full 24-hour news cycle to get to grips with the unlikely nature of the Pope bedecked, head to toe, in Balenciaga, how much more effective will these AI methodologies be in the 0.5 seconds between an email arriving in your/your staff’s mailbox and you/them making the decision whether or not to open it.
We discuss phishing nearly constantly these days as it represents, by far, the biggest risk of data loss and the entrance of ransomware into your business. Some people, maybe a bit like me, are deeply sceptical of everything. Probably not a bad prima facia view for a security-minded person, but many of your users have the instincts of a chameleon catching a fly when it comes to opening mail in their inbox. I have run tests in the past, even against our own staff at times with the amount of time spent examining email before opening borders on pre-cognition.
Building your human firewall and a healthy degree of scepticism in staff is a top priority. Maybe just as big of a problem is identifying the users who need some re-education.
Drilling into staff the ideas of:
This last one is probably the biggest single item. We are often afraid of looking like an idiot but trust me when I tell you that there is little more likely to make you look like an idiot than not checking first. You need to tune your sensors to follow your gut. Often, you sort of knew but went ahead anyway.
It is becoming more common to have “End User Awareness” training for your staff to help them practise and fail in a safe environment. I like to think of this in terms of training your gut, as I feel many users lack this element. It also has the benefit of allowing you to focus attention on those who are repeat offenders and focus your efforts on them. Feel free to reach out if you think you and your staff are in need of some security training by emailing solutions@nitec.com or calling 028 9442 7000.