KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
The past weeks again have demonstrated that cybersecurity and geopolitics are inseparable. Cyber attacks have become a common element in geopolitical crisis as an additional vector for concrete attacks, but also for MDM (Misinformation, Disinformation, Malinformation). This also means that CISOs nowadays must take a broader perspective beyond technology. Geopolitics impact the cybersecurity of organizations, and organizations must adapt to this, both by adjusting their organizational structures and cybersecurity spendings as by extending their risk management approaches in a way that also helps in assessing the concrete cybersecurity impact of geopolitics.
The past weeks again have demonstrated that cybersecurity and geopolitics are inseparable. Cyber attacks have become a common element in geopolitical crisis as an additional vector for concrete attacks, but also for MDM (Misinformation, Disinformation, Malinformation). This also means that CISOs nowadays must take a broader perspective beyond technology. Geopolitics impact the cybersecurity of organizations, and organizations must adapt to this, both by adjusting their organizational structures and cybersecurity spendings as by extending their risk management approaches in a way that also helps in assessing the concrete cybersecurity impact of geopolitics.
So talking about politics at event always is a bit more challenging because the risk of putting your feet foot into something or tapping on someone's feet is relatively big. My, my focus will be a bit more on, on really aspects that are also about why do we in cybersecurity need to care about geopolitics? And I'd like to start with this MDM term. So it's not mobile device management or something like that, or, or master data management in that case also MDM both in, in their abbreviations, it's misinformation, disinformation, malformation. And it is a global challenge nowadays.
And so I look for some definitions and I think these are quite good definitions here. So misinformation is false, but not with the intent or at least not with the clear intent to harm any person or group. This information, on the other hand, is intentionally false and meant to cause harm and malformation is true, but used out of context or at a vulnerable point for the malformation target. So sort of bringing something up trust ahead of about a politician trust ahead of an election can go into malformation where the right information is presented at a very specific point in time.
And especially when this information for, for instance, has been out for or known for a year or so and it comes up just ahead of the election, then it falls into this category. And I think this is a bit important to understand and the thing we, we, I think at the end of the day need to be most concerned about is this information.
So the, the information that is really meant to cause harm. But the also the out of context thing is something we must underestimate out of context is we have seen it in the past years around pandemics and other areas where things are used in a put in a to a wrong, wrong context. And I think malformation for instance, could also be sharing a video about actions in a war that are not from that war. They are put into context to trigger a measure. And I think we all know, we've seen quite a ton of these things in the past months and years and weeks.
So one very specific area here is clearly the state driven disinformation. There interestingly are not that many sources for, for numbers and this one is a bit outdated that we could say from 2020, but where does this information come from? And this always goes up and down a bit, so depending also on what is currently happening.
But yes, there are clearly nations which are more active in spreading disinformation because it is, it has become, and I think we are all aware of that it has become a political weapon and it's meant to impact politics. It's meant to impact voting, elections, everything. It is something we just need to be aware of. And I think this is also the point from my perspective where it becomes relevant to organizations because there is the approach of impacting entire economies and or targeting selected organizations.
So this is something we, we see, we see happening and there are many different types of that. So when we look at this, I took this from a source in, in the internet because I think it, it's a quite, quite good summary of, of the different types of misinformation or disinformation. So there's clearly sat satir or, or parity, which is fine. And I'm definitely a very big believer in good parody and good satir and all these things, you know, things also that are politically very incorrect.
I, I like this, but I have the advantage. I grew up in a, in an age where politically correctness of what that that's rated that high as it is today. So it does probably is, is is a bit of a thing here. So it has the potential to harm even while it's not specifically meant to because a lot of people don't understand the sat ironic aspect of it and something we must not under underestimate.
We have misleading content, which is a very different thing already, which is really using content to cause harm to organizations, to individuals where the content might at the end be relatively but put out of, and which goes then to the other thing to false context out of context. And this false context thing is a very important one as well.
So, so just taking snippets of something, take a speech. So in many speeches you'll find things where you can take a sentence and if you take that sentence and quote it isolated of the context, it may tell something totally different than was intended and was done with the speech. And this is something which I would dare to say happens very frequently nowadays. So impose the content when, when the source is attributed to someone else, when someone is impersonating, so to speak. This fabricated content, I think in the opening keynote we had a sample of that.
So it is or manipulated where you can use AI nowadays for all the fake video things, et cetera can create a lot of things. You can create videos that look a bit where you just change the words and it still looks like that person has said this and it didn't. And so there, there are a ton of options here and this is increasingly used because AI at the end of the day helps us doing these things, more false connections, et cetera.
I think this is something we also see frequently in the news where when, so you read, you read the headline, you read the article and say, hey, okay, why this headline? Okay, it reads good, you, you look at it, it attracts your attention. But even I have to say is even in, in many very sort of good at the end of the day, overall very serious newspapers you find is that the, the headline not necessarily fits with it.
And I think it's important to understand there are so many ways, and I think we have all seen many of these and this all has to also to do with cybersecurity at the end of the day. And this is where like to look at the other side of it and then bring this sort of join these things or map these things. The cyber attacks, we all know, and I don't want to go to too much detail here that we, that they are sort of ubiquitous cyber attacks. They are everywhere. They're happening permanently against everywhere, one around the globe.
And there when you, when you start looking for that, you'll find a couple of websites where you can see some current picture of the state of cyber attacks. I I dare to say all of them are a bit snippets because when you look at two or three of them at the same point in time and look at so to speak, the same type of data, specific types of attacks, originate, originating countries, destinations, et cetera, still you have a bit different results. So none of these is probably complete, but when you look at, at a couple of these, then you get a, some sort of a picture.
And we all know these attacks are used for, for, for a range of things. Like we have this, this standard automated attacks that are running more or less consistently. Some of you may have set up a ho honeypot maybe at some point in time and we all know if you do set up such a honey pot, it'll be found pretty quickly and attacks will start pretty quickly. And not only for the last few years but probably for more than decade.
I remember at least 10 years ago or so read something about, I believe it was Symantec setting up a honeypot sort of that claimed to be a, a waterworks somewhere in California to test how long it takes until the attacks starts. I think it was in the 15 minute range or so until the first automated attacks appear.
Then yes, we have tools for finding these like showan et cetera. So, but we have also the targeted part which is espionage, which is really trying to attack an organization, trying to bring down critical infrastructure, colonial pipeline, et cetera, financial fraud and all the other things. So we have all these attacks and what we must be aware, and this is where why, where and why I believe MDM is a subject, a CISO and a cybersecurity organization must care about that is there's a link between that and this is what what I, I'd like to talk about a bit in the remaining time.
So the one link I want to make is from MDM to the human to a cyber attack. So we have this informational mal information which is used to attract audience, at least audience in a certain bubble. So these things usually work quite well in certain, let's call it bubbles to certain audiences depending on what you do. So whatever, when you write about the the about vaccination and vaccination risks, et cetera, then you will probably be most read in a certain bubble when you write about certain types of political things, it's another bubble, et cetera.
So I think everyone knows it, everyone can imagine this. When there are current crisis things always go up. And I think this is also something we have observed over the past years when there's a crisis, a ton of information is spread on the web with some of that being real news, some of that being fake news, some of that being factually malformation or mis disinformation, misinformation, malformation. And this is really where things become relevant because a lot of this is at the end of the day not only used to to to create a political impact of human decision making. That's one part of it.
So elections, et cetera. It's also used to spread malware with every crisis you always have a peak of using information that is spread to spread malware, to bring people to click on a link, to open something to spread this to to, to deliver malicious content. And this is then what results in cyber attacks and specifically surely on these countries which are targeted with this specific type of content. So what is factually happening is when there's a crisis, there is MDM used to run attacks, both attacks in the context of politics and just cyber crime both.
It happens and it's the thing we need to be aware of. So we need to, to educate people or our employees when something like that happens to be super careful. I think a part of a good cyber security awareness training is also to educate about every crisis will increase the risk of falling trap to something and we need to be even more cautious and conscious in this case. There's another also this business impact thing, we can use it or not. We hopefully it can be used to have an impact on human opinion making targeting individual organizations.
Even when you, when you share wrong information or information or wrong context about an organization, then there is this impact potentially on the reputation on the business. It may be on the share price devaluation or just causing fear, uncertainty, doubt about a business. So that can be things around whatever noncompliant supply chains that it can be things about how the production works, et cetera.
I remember when, when I was young, there was always, in Germany this is not happening just no Germany, there was always this, this story about, oh there has been a tooth of red be found in a hamburger at one of these very well-known chains. No one knew whether it's correct or not. It was spread over years and it was made to, at the end of the day to damage that organization, that business.
So it's not a new thing, but it's happening and it's happening regularly and it also can go the other way around or isn't a link the other way around as well, which is there are cyber attacks and then MDM is used to disgrace the real source. Others are accused of being guilty. So you can use it the other way around as well.
This is specifically when, when you have more the nation states things, I, I think that when you, when you look at for instance this, the destruction of this pipeline, the tic sea, everyone accused everyone else more or less already about this and figuring out what if this is in the MDM part and what is the real part is potentially impossible, but it can cause damage so it can be used the other way as well. And so we, we need to be aware of that and this has consequences specifically with letter two points are really things that are relevant to our business because this impacts the business.
And so from my perspective, the future role of the CSO must encompass analyzing the bidirectional impacts between MDM and cyber risks and tackling the resulting consequences. It must be part of what CSO is doing, understanding what is happening, what does it mean, are we under attack? This goes up to to for instance, monitoring the dark net about what are attackers sort of chatting about. Is your organization mentioned there? Are you currently in scope? This is what I think is very important to understand and we, we need to think broader. So it's not just IT and internal it anymore.
There's an impact of geopolitics and the more prominent you're an organization, the more interesting your IP is, et cetera, the bigger the risk is. Thank you.
