Cybersecurity ethics in an age of evolving cyber risk

May 20, 2024

18 3 minutes read

Untitled design6 — Untitled design 2024 05 20T160155.450.jpg

The evolution of cybersecurity threats is accelerating, posing a growing threat to even the most sophisticated defenders. The UK Government’s Cyber Security Breaches Survey 2024 highlights the impact of cybercrime, with UK businesses and charities experiencing approximately 7.78 million cybercrimes in the last 12 months.

In the face of the increasing number of attacks, deploying the best modern defences is essential for every organisation. However, in the rush to unlock the benefits of new technologies, such as AI, in the fight against cybercrime, it is also crucial to maintain ethical standards.

In other words, when facing new threats, it’s important that organisations scrupulously follow the good cybersecurity practices that set them apart from their competitors.

Threats at the frontier of cybersecurity

Disruptive technologies, such as blockchain, encryption, and AI, are transforming the threat landscape. AI models, for instance, are capable of discovering and exploiting vulnerabilities at a speed no human could ever match. Systems that were once impregnable can now be bypassed in a matter of days or even hours.

AI also enables attackers to learn from failures and automatically adapt to the nature of the defensive systems they are attempting to crack.

The sheer scale of the risk organisations face in an era of rapid innovation can appear intimidating. Yet in the face of a growing threat, it is important to remember that technological progress is not a zero-sum game. The emerging tech that is giving threat actors new ways to attack their targets is also equipping defenders with more effective tools to repel them.

As attackers develop and refine their skills, organisations are also levelling up their defences with flexible, intelligent security solutions.

Beyond static security

AI-driven security measures offer organisations the ability to move away from traditional defences based on static rules towards an automated model in which security systems anticipate and address advanced threats.

These models are invisible allies that work behind the scenes to respond to threats and provide a deep contextual understanding of risk whilst requiring less and less human interaction.

Digital twins are also emerging as key enablers of better cybersecurity, providing simulations of physical systems or environments to analyse and anticipate security threats without impacting actual systems.

When digital twins are fused with AI, the result is an advanced security system that not only can deal with known security threats and exploitation techniques but also zero-day vulnerabilities and novel, emerging attack types in a dynamic, fast-evolving cybersecurity landscape.

Balancing innovation and ethics

As the arms race between defenders and threat actors intensifies, it is fundamentally important to focus on the ethical deployment of new technologies. Take the example of AI models, which are trained on large datasets made up of sensitive user data.

This information must be handled in an ethical and compliant manner, because defending against attacks whilst violating relevant regulations represents a Pyrrhic victory at best—and a self-inflicted disaster at worst.

Data must be handled anonymously and carefully safeguarded to reduce the risk of leaks and breaches.

Additionally, even the most well-intentioned of engineers can inadvertently introduce bias into the models they build, leading to prejudiced, inaccurate, and unethical decisions about which users or activities are considered suspicious. Datasets can also contain hidden bias, so all the information used to train security systems must be carefully scrutinised to reduce the risk of future harm.

The roadmap towards a safer future must incorporate carefully designed guidelines to ensure better cybersecurity does not come at the cost of reduced data protections and other crucial ethical safeguards.