In an interview with Systems Contractor News (SCN), Jessica McDowell, senior vice president of Business Development & Security Strategy at TD SYNNEX, said phishing remains a top threat, as cybercriminals use deceptive emails, messages, and calls to trick people into providing sensitive information or downloading malicious software. She notes that artificial intelligence can be a double-sided coin, offering enhanced security on one side and the potential for mishandling data on the other. TD SYNNEX provides industry training via its Enablement Portal TDS University and the Security Practice Builder.
It seems the security landscape changes daily. What are you seeing as the latest threats?
Phishing continues to remain the top threat, as cybercriminals use deceptive emails, messages, and calls to trick people into providing sensitive information or downloading malicious software.
Increasingly, we’re seeing these attacks involve extorting money from victims, most commonly through ransomware. Those attacks are continually evolving in sophistication as hackers find new ways around restrictions. They’re even using generative AI and machine learning to efficiently spin off new, more enhanced, and effective vectors of attack.
Long-term and highly sophisticated cyberattacks by nation-state threat actors remain a concern for government agencies and large corporations. And while finance and healthcare continue to be the top targeted industries, we’re now seeing the largest number of attacks on manufacturing as cybercriminals focus attention on Operational Technology (OT).
OT accounted for nearly 40 percent of cyber-attacks in 2022. While IT attacks steal data, OT attacks focus on industrial control systems. Criminals seek to make a physical impact as well as a monetary one.
From an integrator’s perspective, everything is now on the network, so everything must be protected. Networked audio and video also add potential threats through holes created in the network. So, it’s critically important to consider security in every application and in every vertical market.
How does AI factor into the security landscape? And where does AV fit in?
AI is a two-sided coin.
On the one hand, we believe AI could potentially enhance security solutions through automation. AI can help identify and respond to threats in real time, potentially detecting and preventing attacks more effectively. AI can do this by learning to recognize normal usage and network interactions and behaviors by analyzing vast amounts of data very quickly and accurately. The resulting reduction in false positives and negatives in threat detection means better detection of abnormal activities—both from the inside and from skilled outside attackers.
And AI can help to automate some security tasks, which reduces the workload on security teams, allowing them to focus on more complex security issues. This is particularly important to resource-constrained organizations.
Conversely, AI also presents security risks. With AI comes the need for access to large amounts of data, which raises concerns about data privacy and the potential for mishandling personal information. In addition, AI-fueled attacks have the potential to be highly sophisticated, leading to challenges in defending against them.
We’re seeing a rapid expansion of AI within the audiovisual segment. For example, AI-powered video analytics can be used for security and surveillance by analyzing camera feeds for potential threats or incidents. AI algorithms can also detect and flag inappropriate AV content, which helps platforms maintain content standards and safety.
From a physical security standpoint, an increasing number of features are getting built into cameras that allow users to monitor and track a variety of details.
With growing concern about AV devices creating security risks on the network, it’s important for AV teams to coordinate with network administrators closely, explain the purpose of the hardware being put on the network, and work with them to configure the network in a secure but functional way.
A good first step for AV integrators is to change the default passwords on devices and not use the same one on multiple devices. Good password management is a great start to any security best practice.
How is TD SYNNEX continuing to enable AV partners who want to expand their security practice?
Our services team has been incredible at helping augment our partners' capabilities in terms of delivery and support." Sandi Stambaugh, senior vice president of product management at TD SYNNEX
TD SYNNEX provides industry training via our Enablement Portal TDS University and through our Security Practice Builder. Our product business management teams serve as thought leaders throughout various technology segments by creating content and delivering information about the industry and specifically how our vendors and value-added services address industry trends.
Our Next UP team is focused on new and emerging vendors. In addition to enabling our partners to sell specific vendor offerings, they offer line card consultations to help our partners identify where they may have a gap in their offerings or where they may need to beef up their offerings in a particular segment.
In fact, our services team has been incredible at helping augment our partners' capabilities in terms of delivery and support. We continue to offer complimentary Security Assessments, and more partners than ever are taking advantage of those. In addition, we recently launched a self-service portal with five assessments for partners to take with or on behalf of their customers, providing a guided plan based on the report findings.
In summary, our value to our partners is simplified into four key pillars: We help you learn, we solve for the technology ecosystem's complexity, we deliver technology solutions with versatility, and we help you evolve.
For more information, you can reach us at cybersolv@tdsynnex.com.