Monitoring and predicting information security phenomena

Traficom actively promotes the cyber security and reliability of future mobile networks in collaboration with equipment manufacturers, telecommunications operators and information security researchers. In 2019 and 2021, we have gathered equipment manufacturers, representatives of the academic community, information security researchers and ethical hackers together to test and study the cyber security of the 5G technology in the 5G Cyber Security Hack events.

How will artificial intelligence (AI) affect and change cyber security? AI is already widely used, and more and more operators are interested in the opportunities it presents in different fields. However, many concrete services and applications are still at early stages of development. AI and different kinds of machine learning models can improve the cyber security monitoring of organisations, but they can also enable new types of attacks.

It is important to identify and manage the information security risks associated with AI and machine learning applications to make the use of AI technologies as safe and secure as possible and to enable the wider exploitation of the potential benefits offered by these systems. There are many risks associated with the use of machine learning, such as whether AI will function correctly as part of other systems and in collaboration with humans. The lifecycle of machine learning systems also includes stages that traditional information systems do not involve, such as the collection of training data and retraining machine learning models. The information security requirements associated with AI applications must be addressed at an early stage to properly deal with all aspects that may later prove problematic for information security.

In future, AI may also be employed to assist in cyber attacks and it may change the cyber threats we know today. AI and machine learning can be used to automate different phases of an attack or to make attacks more powerful.

Read more about the cyber security risks associated with AI applications and machine learning models and the related risk management measures in a report published by the NCSC-FI.

The NCSC-FI has produced possible scenarios for the future development of cyber security in the present decade. The work has been carried out in the framework of the Digital Security 2030 programme implemented by the National Emergency Supply Agency. In the scenarios, we have sketched possible and fictional future environments in the field of cyber security. The work involved cooperation with a wide range of NCSC-FI’s stakeholders and experts in our networks.

The scenarios take into account major trends affecting our operating environment, such as accelerating technological development, impacts of climate change and anticipated demographic changes. We have also taken into account certain drivers of change that are more difficult to predict because the direction of change is still unclear. These include geopolitical competition, the position of technology companies, the development of cyber regulation in the EU, consumer behaviour and cyber security competence. Based on these drivers of change, we have imagined three different scenarios for the future of cyber security.

The cyber security scenarios can help Finnish organisations anticipate different trends in a rapidly evolving and uncertain environment and to imagine different future states based on the world today. Organisations can also use the scenarios as a basis for testing and updating their contingency plans.