: Explore how age-old wisdom about trusting actions over words transforms contemporary cybersecurity in light of rising AI-driven threats. Learn why behavioural telemetry could be the key to protecting your identity in a digital landscape increasingly marked by deception.
Image: Ron AI
With World Password Day being observed last week, a modern cyber security crisis looms large, driven by the rise of AI-powered threats.
Interestingly, amid the technological whirlwind, age-old wisdom still reigns supreme: the idea of assessing actions rather than just words finds surprising relevance in today’s cyber landscape, according to Anna Collard, Senior Vice President of Content Strategy and Chief Information Security Officer advisor for KnowBe4 Africa.
In the ever-evolving realm of cyber intrusion, the notion of password obsolescence is misleading.
“The password isn’t dead, but the industry has gravitated towards a ‘Zero Trust’ model,” Collard said.
She said that a singular set of credentials no longer suffices for access, especially given the alarming trend where criminals exploit exposed credentials through means like phishing or data leaks.
“Most modern breaches rely on these stolen credentials, where cybercriminals impersonate users without complex technical hacks,” Collard said.
It might be high time for businesses and individuals alike to return to an almost quaint yet poignant piece of advice: trust the actions over the words.
Lessons from Grandma, Collard posed a philosophical question for our digital age: How do we recognise a loved one on the phone?
“We don’t merely listen to their voice, which can be cloned with alarming accuracy via AI,” she explained.
Instead, we rely on their cadence, vocabulary, and shared memories, all of which create an intricate tapestry of trust that’s hard for AI to replicate.
Consider the concept of behavioural biometrics.
Unlike conventional methods of verification, it dives deeper into a person’s unique interaction patterns with devices.
By seamlessly monitoring how a user navigates their digital environment, such as typing speed, habitual work hours, and even mouse movements, organisations can develop a comprehensive digital fingerprint that stands as a barrier against both automated bots and human adversaries.
Many may be familiar with reCaptcha, those pesky prompts tasked with distinguishing humans from bots through image identification.
However, what many overlook is that this mechanism is also scrutinising micro-movements of the mouse as part of its verification process.
“By advancing from a single checkpoint to ongoing verification, the potential for ensuring trust increases exponentially,” Collard said.
This continuous authentication embodies the true essence of the Zero Trust model.
"Imagine an employee logging in consistently at 9am from their office. Should an unexpected login occur at 11pm from an unfamiliar location, modern security systems are primed to flag that anomaly. We need to ensure that trust is a dynamic process, adapting with each user interaction," Collard added.
Identity and security, in a world increasingly intertwined with AI and technology, protecting employee identity is fast becoming an essential corporate asset.
“Identity acts as the connective tissue between human behaviour and security risk,” stated Collard.
In this new ecosystem, the identification of subtle deviations in user activities could very well surpass the conventional importance placed on static credentials.
Collard further said, “We are moving towards continuous authentication, where systems not only check your ID at the door but actively monitor your behaviour while you’re inside.”
Follow Business Report on Facebook, X and on LinkedIn for the latest Business and tech news.