Arabic Arabic Chinese (Simplified) Chinese (Simplified) Dutch Dutch English English French French German German Italian Italian Portuguese Portuguese Russian Russian Spanish Spanish
| (844) 627-8267
0

AI powered cybercrime — here’re some guidance on how businesses can protect themselves | #cybercrime | #computerhacker


The Indian Computer Emergency Response Team (CERT-In) in its advisory dated May 9, 2023 has sounded a precautionary alarm against the possible adversarial threats that may arise from the use of AI language-based applications such as ChatGPT and Bard.
As per the ‘Cost of a Data Breach Report 2023’ released by IBM, the average cost of a data breach globally is pegged at US$4.45 Million while in India, it is estimated to be US$ 2.18 Million. The use of AI has made cyber-attacks easier to implement, scaled their volume and increased their complexity.

As a result, businesses today find themselves at an unprecedented risk of losses occasioned by cyber-attacks. There is accordingly a strong need to safeguard against such losses through appropriate regulatory compliance, internal policies, and specialised clauses in contracts.

Protecting Businesses

 

Here are some key regulatory areas where the businesses can implement effective measures to protect themselves from the dangers of potential cyber attacks.

  • Security standards compliance:
  •  

  • AI usage polices:
  • Use of AI by businesses involves data security and privacy concerns. Some of the risk mitigation techniques for organisations suggested by CERT-In include filtration and moderation techniques to prevent dissemination of malicious content generated using AI-powered tools, frequent security audits and system assessments and multi-factor authentication (MFA) usage to regulate employee interaction with AI-based tools. Business should consider formulating and implementing AI usage policies; sensitising employees on AI ethics and best practices; and ensure regular monitoring and auditing of AI usage for timely identification and rectification of potential threats.

  • Adequate contractual protections:
  • Businesses need to ensure that their contracts with custodians of their data as well as with their clients in relation to data protection have well-tailored clauses in relation to disclosure, insurance and indemnity. Lack of adequate cyber protections by data custodians could result in huge liability for businesses in case of data breaches, which must be adequately insured and indemnified.

     

    Conclusion 

    The self-learning nature of AI translates into an ever mutating and evolving threat of cyber-attacks. It is accordingly critical for businesses to review, adapt and upgrade their data protection measures to align them with the prevailing security standards. The Coming AI Wave is here, and it would be advisable for businesses to be prepared for it.

     

    The authors, Alina Arora and Lakshya Gupta, are Partner and Senior Associate respectively at legal firm Shardul Amarchand Mangaldas & Co. The views expressed are their personal. 

    ——————————————————–


    Click Here For The Original Source.

    Translate