Companies must secure their systems to mitigate vulnerabilities
*By Mário Gama
The advancement of Artificial Intelligence (AI) has brought opportunities and challenges to digital security. According to the Gartner, it is predicted that by 2027 AI will be responsible for 17% of cybercrimes. This scenario indicates that this new technology has increased digital threats, given the possibility of scanning networks for flaws in servers, emails and web pages in a more intelligent, accessible and less technical way. In other words, a simple incorrect configuration can expose sensitive data and compromise business security in a way never seen before.
In this context, even if companies invest in technological solutions innovative, not paying attention to the security of the environment can leave them vulnerable to increasingly sophisticated attacks with irreparable effects.
The new digital threat landscape
First of all, it is essential to recognize the market's behavior on the subject, in order to know how to act strategically. attacks Targeted attacks, which have specific targets, are widespread. However, the volume of automated attacks without a pre-defined target is still enormous. In this type of attack, criminals track systems and exploit vulnerabilities regardless of the sector or size of the company. This type of attack is especially dangerous because it affects any organization that presents minimal security flaws, often completely disconnected from this global context of escalating attacks.
Another point of concern is the increased exposure of biometric data. The popularization of the commercialization of this type of information, together with the lack of understanding of the risks involved and clarity about the objectives, exposes people even more to fraud, as this data can be used for authentication in various systems, such as banks, for example. It is common to see news about lines of people wanting to sell “their eyes” in Brazilian capitals such as São Paulo.
This becomes a fundamental point of attention for companies and their respective compliance areas. After all, an employee's decision to sell their biometric data can directly impact the company, even if done privately and outside of working hours. This is because this data, used for identification, authentication and authorization controls within the company, can end up in the hands of unknown groups. As a result, the company can become vulnerable, even with all systems under strict security control.
The power of “basics done well”
The biggest mistake many companies make when it comes to cybersecurity strategy is to focus on advanced solutions without first ensuring that the basics are implemented effectively. Identity management, vulnerability control, security awareness among business personnel, and continuous system monitoring are essential steps for any strategy to be sustainable over time.
The lack of integration between solutions is also an important issue when it comes to digital threats, as working with multiple vendors can create blind spots and make incident response difficult. To overcome this challenge, it is extremely important to identify partners that can offer integrated platforms and ensure proper visibility and efficiency in detecting threats.
No less important, compliance with standards such as LGPD, which provides for the protection of personal data, or PCI, a standard for protecting credit card data, is essential to establish security standards. However, its effectiveness depends on a solid organizational culture.
Artificial Intelligence in favor of the company
According to Microsoft Digital Defense Report 2024, the adoption of large-scale language models (LLMs) for security operations has accelerated threat identification and response by processing large volumes of data in real time. In addition to reducing the time to detect incidents, the technology can strengthen security teams by allowing a greater focus on prevention strategies.
Given this scenario, managing digital threats in the era of Artificial Intelligence requires a balanced approach, based on a solid framework of good security practices. It is not enough to simply invest in advanced solutions; it is essential to strengthen the foundation, and companies have invested heavily in this.
While AI amplifies threats, it can also be an ally in digital defense. The tool has proven to be valuable in analyzing spam patterns, preventing phishing attacks, and is also a powerful tool for predicting user behavior and automating real-time monitoring and responses.
The big challenge, therefore, is to ensure that companies and institutions are prepared to use this technology strategically and safely, anticipating risks and effectively protecting their entire operation.
*Mario Gama is Cybersecurity Practice Leader Latin America & Caribbean at SoftwareOne, a leading global provider of end-to-end solutions for software and cloud technology.
Notice: The opinion presented in this article is the responsibility of its author and not of ABES - Brazilian Association of Software Companies
EN 
PT 
