02 November 2023

October 2023 marks the world’s 20th annual Cybersecurity Awareness Month, a globally recognised event with growing importance to the IT sector.

Businesses are adopting new technologies at lightspeed, however, the ability to secure the network against newly introduced vulnerabilities are struggling to keep pace.

According to the Department of Science, Innovation and Technology, 50% of UK businesses have a basic cybersecurity skills gap, and 33% have an advanced cybersecurity skills gap in 2023, with little improvement from 2022 or 2021. There is an estimated shortfall of 11,200 people to meet the demand of the cyber workforce.

“It is a time to underscore the importance of cybersecurity and engage with the broader organisation and the public on an important topic,” says Aaron Kiemele, CISO at Jamf. “Cybersecurity Awareness Month offers a platform for, collaboration and positive public relations, emphasising the critical role of cybersecurity in today’s complex digital landscape.”

“Cybersecurity Awareness Month also reminds us of the increasing threat of deepfakes,” adds Eduardo Azanza, CEO at Veridas. “Deepfakes occur when our digital identities are manipulated and misused, and they pose a significant risk to online security and trust.”

Indeed, AI-generated threats are the ‘talk of the cybersecurity town’ this year and the most pressing issue for Paul Inglis, SVP, EMEA at ForgeRock: “AI is being increasingly weaponised against businesses and consumers to conduct ultra realistic and highly targeted phishing campaigns. It’s increasingly difficult to spot what’s real from what’s fake. While we’ve seen some politicians and celebrities mimicked to cause reputational damage, many other deepfakes are being circulated to steal money or credentials. And all a hacker needs is an Instagram story or a TikTok video to create an audio and video likeness in a matter of seconds.”

After the 2023 Slovakian election - believed to have been swung by deepfake influence - and a recent cyberattack that compromised the UK’s Electoral Register, the dangers of deepfakes to our democracy is becoming significant. So significant, in fact, that the head of MI5 warned this month that deepfake AI could be deployed by Britain’s enemies to influence the coming general election, casting doubt on the integrity of our democratic process.

Matthew Moynahan, CEO of OneSpan, believes that safeguarding political process requires a fundamental shift in how we verify ourselves online – from individuals to governments to businesses.

“Disinformation has always been a problem, but the democratisation and availability of AI has made it an even harder one to solve,” says Moynahan. “Deepfake technology brings a whole new threat landscape for businesses, politicians, and everyday people alike, because it forces us to question the legitimacy of things we thought were once unquestionable. When your voice and image can be replicated to near 100% accuracy, how can you ever be certain that the person you’re dealing with is who they say they are?”

“Fraud continues to rise to new levels, enhanced over the last year by the impact of generative AI,” agrees Simon Horswell, fraud specialist at Onfido. “Fraudsters are using it to craft scams such as fake IDs, voice cloning, and deepfakes, and as bad actors adopt the latest technology for offensive means, identity verification companies have put in place many defences and are continuously monitoring and mitigating new fraud vectors.”

In the present fast moving threat landscape, enterprises must ensure security teams are up to date with the latest threats. Training is key to helping employees develop the skills needed to defend the business. Moreover, with organisations increasingly threatened by nation-state actors, Cybersecurity Awareness Month serves as a timely reminder to remain vigilant.