The Future of AI, Security, & Privacy

Artificial Intelligence is a subject that is not just for researchers and engineers; it is something everyone should be concerned with.

Martin Ford, author of Architects of Intelligence, describes his findings on the future of AI in an interview with Forbes.

The main takeaway from Ford’s research, which included interviews with more than twenty experts in the field, is that everyone agrees that the future of AI is going to be disruptive. Not everyone agrees on whether this will be a positive or negative disruption, but the technology will have a massive impact on society nonetheless.

Most of the experts concluded that the most real and immediate threats are going to be to cyber security, privacy, political systems, and the possibility of weaponizing AI.

AI is a very useful tool for gathering information, owing to its speed, the scale of data it can process, and of course the automation. It’s the most efficient way to process a large volume of information in a short time frame as it can work faster than human analysts. That said, it can come with some detriments. We have started to see that its algorithms are not immune to gender and race bias in areas such as hiring and facial recognition software. Ford suggests that regulation is necessary for the immediate future, which will require continuing conversation concerning AI in the political sphere.  

AI-based consumer products are vulnerable to data exploitation, and the risk of that has only risen as we have become more dependant on digital technology in our day to day lives. AI can be used to identity and monitor user habits across multiple devices, even if your personal data is anonymized when it becomes part of a larger data set. Anonymized data can be sold to anyone for any purpose. The idea is that since the data has been scrubbed, it cannot be used to identify individuals and is therefore safe to use for analysis or sale.

However, between open source information and increasingly powerful computing, it is now possible to re-identify anonymized data. The reality is that you don’t need that much information about a person to be able to identify them. For example, much of the population of the United States can be identified by the combination of their date of birth, gender, and zip code alone.

With consent-based regulations such as GDPR concerning the right to digital privacy, it is clear that people want to know how their information is used, why, and how it can affect their lives. Furthermore, that they want control over how their information is used.

This article was written by Kristina Weber, Content Supervisor of Centry Ltd. For more content like this, be sure to subscribe to our blog, which updates every other Friday with articles related to the security industry!

Security Predictions for 2019

The predictions for 2018 that we shared last year seemed to land on the points of data protection and cyber security, while it strayed from others – most notably on the front of cryptocurrencies. BitCoin was a hot topic in 2017, surging to values that had people everywhere kicking themselves for not investing sooner. What unfolded after was an epidemic of articles predicting a global acceptance of cryptocurrencies. That balloon popped when the cryptocurrency market crashed in early 2018, and it seems that many have quietly reneged their cryptocurrency hype since.

Continuing the tradition, here are a few insights into the forecast for 2019:

Supply Chain Attacks. While these threats can occur in every sector of the economy as it pertains to supply chains, the industries that most commonly experience these attacks include pharmaceuticals, biotechnology, hospitality, entertainment, and media. Manufacturing operations are attractive targets to adversaries, due in part to having such a broad potential surface of attack. With increasing reliance on the supply chain, there is a wealth of information that could be obtained if organizations have not taken appropriate steps to secure themselves. For more information on cyber security in the supply chain, read our article here.

Further development of consumer privacy laws. Last year we saw the launch of the European Union’s GDPR, which marked the first big regulatory move toward protecting consumer information. Soon after, California passed a bill (Consumer Privacy Act of 2018) that seems to be the state’s version of GDPR – it is slated to go into effect at the end of 2019. A draft for a federal privacy bill for the United States may arrive early in 2019 after concerns over a number of privacy breaches.

Continuing adoption of artificial intelligence across wider society. From Alexa to politics, AI will continue to spread across industries and uses. Chinese companies have announced intentions to develop AI processing chips to avoid reliance on US-manufactured Intel and Nvidia. There is rising concern that AI technology could be increasingly used by authoritarian regimes for the purpose of restricting personal freedoms. As AI continues to spread its proverbial wings, we could see a move toward “transparent AI”, that is, an effort to gain consumer trust in the use of AI by being clear in how it uses human data and why. Of course there is always the worry that the rise of AI will create a jobless future for people, however Gartner suggests the opposite, that artificial intelligence will create more jobs than it will eliminate.

Big data breaches will push companies to tighten login security. We might see a concerted effort of the security industry to replace username/passwords altogether, pushing toward an alternative solution as an industry standard. Biometrics – for example facial recognition or fingerprint logins – are certainly on the rise.

Digital skimming will become more prevalent. The trick of card skimming has moved to the digital world, where attackers are going after websites that process payments. The growth of online shopping has made checkout pages attractive targets. British Airways and Ticketmaster were two high profile cases of this. The British Airways case was particularly alarming, as airlines in general have access to a wide breadth of information ranging from birthdates, passport details, payment information and more. Although the airline was able to confirm that no travel data was stolen in the attack, it nonetheless remains as a cautionary tale.

This article was written by Kristina Weber. For more content like this, be sure to subscribe to Centry Blog for bi-weekly articles related to the security industry. Follow us on Twitter @CentryLTD and @CentryCyber!

2018 Year in Review

As 2018 comes to a close, we reflect on those moments throughout the year that defined the times yet to come. For Centry, 2018 was a year that brought us great joys like the opening of our new branch in Mexico City and establishment of the ASIS Ukraine chapter, but also times of mourning after our colleague, Mr. Rachid Boukhari, passed away in June. Above all, it has been a journey, and one we are grateful to undertake for the mark we make on this world.

From our Centry family to yours, we wish our readers love and joy over the holidays, and a happy new year!

In keeping with the tradition of our year’s end articles on Centry Blog, we put together a list of some of our most-read stories from 2018 below.

January

Centry’s GDPR Guide

Our GDPR guide breaks down exactly what the EU’s General Data Protection Regulation was all about. This article was highlighted on TWiT live in an interview with our CTO Dave Ehman!

February

The Next Gold Rush: Renewable Energy

The Renewable Energy industry just might be the next gold rush for businesses and investors alike. This time, we aren’t hiking into the Klondike for gold; individuals and organizations alike are turning their eyes toward the broader world, looking out for opportunities to make good on this booming initiative.

March

Hidden Sanctions Risk: North Korean ties to Africa

The connection between Namibia and North Korea stands as but one example among many similar stories. It began in the 1960s, when several African countries started the struggle for independence from colonialism. During this vulnerable time period, North Korea invested time and money in these revolutions, where the political ties eventually grew into commercial relationships.

April

Human Trafficking in the European Union

Over the course of the past two decades, the European Union has been making an increased effort to understand and address the heinous crime of human trafficking. The most recent publication of statistics from Eurostat concerning registered victims and suspected traffickers revealed that a number of non-EU nationals are trafficked into member states, primarily from Nigeria.

This week’s article on Centry Blog examines just a facet of this deep and complex issue through analyzing Nigerian campus cults, the international response, and global business reponses.

May

Fake Social Media Profiles and What To Do If You Are Being Impersonated Online

False accounts are prevalent across social media, mainly used for phishing purposes. Whether it’s a bot or malicious actor threatening your account, we put together an instructional guide for those moments that you notice you have a seemingly second profile, not of your own making.

June

Supply Chain Security Introductory Guide

Having a secure logistics supply chain can save your company millions in terms of assets and reputation, and here at Centry, we have the know-how to help you. This article serves as an introductory guide to security in the supply chain.

July

Typosquatters

Sometimes fat-finger errors can lead to more than just an autocorrect goof. Some scammers have figured out how to lay traps surrounding these common mistakes.

August

Common Security Dos and Don’ts

Our article on Common Security Dos and Don’ts covers what you and your business can do to prevent costly breaches of data and trust.

September

Golden Visa for sale! Now on special offer for the 1%

In some countries, you can buy your way to citizenship. European passports and Schengen visas are the most desired traveling documents in the world. Not only do they grant the most traveling freedom, they give access to a safe and stable living environment, with free speech, in a market that can fulfill all your needs. Many EU countries have taken advantage of this by offering entry in exchange for investment. This kind of activity is commonly referred to as a Golden Visa Program.

October

5 Basic Digital Privacy Tips for the Average Person

Digital privacy is for everyone. But it’s also a massive topic that can be very easy to get lost in, especially if you’re new to to it. However, you don’t need to be a security expert nor do you need any particular reason to want to bolster your privacy on the internet.

November

What is Social Engineering?

Social engineering is a growing threat to individuals and businesses alike. In this article, we look into what social engineering is, the ways it can manifest, and what you can do to protect yourself.

December

Cyber Security in the Supply Chain

Your company might have a rigorous Cyber Security policy, and thorough training on all its personnel. But what happens when the security vulnerability comes from a trusted source in the Supply Chain?

Security professionals must now consider not only the possible vulnerabilities of their own network, but their supplier’s network, and their supplier’s supplier network, and so on.

We hope you have enjoyed Centry Blog this year. For more content like this, be sure to subscribe and follow us on Twitter @CentryLTD! We will see you in 2019!

GDPR & Consent

GDPR and Consent (1)

The deadline for compliance with the General Data Protection Regulation (GDPR) is approaching fast: May 25th, 2018 is when enforcement will begin.

Be sure to read Centry’s GDPR Guide for a concise, easy-to-read breakdown of what GDPR is and important details of what you need to know about it.

For any questions or comments, feel free to contact us at info@centry.global or on any of our social media outlets. We’re here to help you!

 

Orbitz Data Breach

pexels-photo-91217

If you made travel plans with Orbitz or Amex Travel between 2016 to 2017, you might want to keep a close eye on your card statements.

This week, the Expedia-owned travel planning company, Orbitz, announced that it had discovered a potential data breach that may have compromised information tied to 880,000 credit cards. Hackers may have been able to access consumer data submitted between Jan. 1, 2016 to June 22, 2016 on the company’s legacy platform.

Partner platform Amextravel.com was also affected, linked to purchases made between Jan. 1, 2016, and Dec. 22, 2017.

The compromised data includes names, dates of birth, postal and email addresses, gender, and payment card information of customers who submitted such information in those specified time periods. Orbitz stated that they do not yet have any “direct evidence” that this information was stolen, but it was certainly put at risk. The company has said that it has been notifying customers who may have been impacted by the breach, and it is offering a free year of credit monitoring to affected U.S. customers.

In a statement, Orbitz described working with a forensic investigation firm, cybersecurity experts, and law enforcement once the breach was discovered, on March 1st, in order to “eliminate and prevent unauthorized access to the platform.”

In the meantime, Orbitz has set up a website for US customers to find out more about the breach and whether their information may have been compromised. Individuals that enter their name and email address into the form requesting additional protection will be directed to a confirmation page and emailed a redemption code from orbitz@allclearid.com. Orbitz asserts that the AllClearID website will be the company’s primary platform for communication on the protective services they are offering.  

If you are worried about your information being compromised, ensure that you review payment card statements carefully and call your bank if there are any suspicious transactions. Similarly, be aware of phone calls or emails that offer identity theft protection – these may be phishing scams to steal your information while you’re vulnerable.

For more content like this, follow us on Twitter @CentryLTD!

The Question of Privacy in the Smart-Tech Life

pexels-photo-267394

Smart-technology, wearable or otherwise, is undoubtedly a luxurious convenience. With products ranging from Fitbit for keeping track of your health to voice-activated vehicle consoles to home improvement and more, the market for this tech is seemingly limitless.

So how does this compromise your privacy?

Josh Lifton, CEO of Crowd Supply, said in a TechRepublic article: “…we’re entering this world where everything is catalogued and everything is documented and companies and governments will be making decisions about you as an individual based on your data trail…”

The European Union answered this question by issuing the new General Data Protection Regulation (GDPR), which bolsters the rights of individual data privacy, ensuring people have the right to know how, when, and where their personal information is used.

While it might not always be a bad thing for organizations to collect information about you, it’s important that those details don’t fall into the wrong hands.

The main concern among security experts when it comes to smart devices like Amazon Echo and Google Home is the degree to which they’re listening. Obviously, they are listening for the voice-activated commands the user might say. But if you own Alexa and have ever had it interrupt you when you weren’t intentionally speaking to it, you might wonder about what else it’s listening to?

Recently, an array of Bluetooth flaws that affect Android, iOS, and Windows devices were discovered in millions of AI voice-activated assistants, including both the Amazon Echo and Google Home.

The Blueborne Exploit is the name that has been given to the attack that takes advantage of these vulnerabilities, allowing external entities to run malicious code, steal information, and otherwise assume control. What is more threatening about this is that it does not require targets to click any links or fall for any other phishing scams; it can just assume control. Moreso, once an attack seizes one bluetooth device on a network, they can infect any other devices on the same network.

While both companies have since released patches and issued automatic updates for their products, it certainly serves as a cautionary tale to be mindful of what you say and do around these devices.

Wearable smart watches like Fitbit and jogging apps on smartphones run into their own security issues, which readers may have observed recently in the news, after a heat map of jogging and cycling routes released by Strava identified dangerous details of US soldier in war zones in the Middle East.

Overall, as much as it can be a minor inconvenience to do so, it is important that users don’t blindly press ‘accept’ on privacy terms for these apps and gadgets, and instead take the time to review how their information is collected and used. Such insight could lead to foresight that would ensure turning the relevant devices off in situations where that is appropriate.

This article was written by Kristina Weber, Content Supervisor of Centry. For more content like this, follow @CentryLTD on Twitter!

2018 World Economic Forum Highlights

davos_2018_2018125112752

Each year, world leaders, economic experts, industry leaders, celebrities, and other keynote speakers gather to meet in Davos, Switzerland for the annual World Economic Forum. The official program lasts for five days and features more than four hundred sessions, which center discussion around key issues of global relevance, such as globalization, markets, international conflict, environmental issues, etc.

As of today, January 26th, the 2018 forum just wrapped up.

With the immense volume of information, it can be difficult to get a handle on everything that was discussed. As such, we’ve put together some of the big bullet points here for your leisure:

  • India’s Prime Minister, Mr. Narendra Modi, listed his three greatest threats to civilization: terrorism, climate change, and reactionary backlash to globalization.
  • The German Chancellor, Ms. Angela Merkel, stated that global multilateralism has come under threat, as populist movements sweep through countries.
    • Upon this point, Mr. Emmanuel Macron, the President of France, voiced his enduring support for Europe, stating that France would not succeed without greater European success.
    • Although Brexit may come to mind on the point of Ms. Merkel’s statement of deteriorating multilateralism, the UK Prime Minister – Ms. Theresa May assured attendees of Davos that the United Kingdom would remain an advocate of global trade, with plans for bilateral deals with countries worldwide.
  • United States President, Mr. Donald Trump, discussed the state of the US economy, saying that “America First does not mean America alone,” in the context of the thought that as the United States grows, so too will the rest of the world.
  • Alibaba founder Jack Ma spoke about the IQ of love – a subject that we have discussed previously on Centry Blog.
  • The International Monetary Fund raised its forecasts for global crown in 2018 and 2019 to 3.9%, in the wake of the impact of the recent US tax reforms. These new estimates are 0.2 percentage points higher than the IMF’s previous projections in autumn of 2017.
  • Google CEO Sundar Pichai emphasized the importance of artificial intelligence, saying that despite the risks, the potential benefits of it could not be overlooked.
  • China’s three big movements for the future, as outlined by Mr. Liu He, will be: alleviating poverty, preventing major financial risks, and reducing pollution.

In light of the Davos forum, the WEF released this year’s risk report, outlining ten significant risks in terms of likelihood and impact. See Figure 1 below.

It should be noted that within the top 5, just behind natural disasters, the threat of cyberattacks and data breaches pose a remarkable risk to individuals and organizations worldwide. For an additional perspective on the landscape of geopolitics on the cyber field, be sure to read our article on how Cyber is the New Cold War, written by Centry CTO Dave Ehman.

For more content like this, follow @CentryLTD and @CentryCyber on Twitter!