Cybersecurity blog header

How to make companies’ cybersecurity architecture more resilient

Companies’ cybersecurity architecture must adapt to the new threat landscape

Companies’ cybersecurity architecture is critical to preventing security incidents against a backdrop of a surge in AI-driven cyber threats

At the end of April, Google, one of the world’s largest technology companies, acknowledged that 75 per cent of the new code created within the company is now generated by AI. This figure highlights the paradigm shift that application development has undergone in recent years.

Nowadays, a large proportion of business applications are developed using artificial intelligence systems that enable development times to be reduced exponentially.

This technological revolution brings clear advantages for businesses: it reduces development costs, streamlines the process and enables professionals without advanced technical knowledge to develop software. However, it also puts companies’ cybersecurity architecture to the test.

What is a company’s cybersecurity architecture? Essentially, it is the set of policies, processes and technologies used to protect a company’s digital assets.

Thus, in the wake of the AI revolution, an issue that has always been central is regaining prominence: a company’s cybersecurity architecture must be robustly designed to detect vulnerabilities, reduce risks, prevent attacks, and respond successfully.

Next, we will analyse why it is important for organisations’ cybersecurity architectures to be more resilient in a changing and challenging environment such as the current one. Furthermore, we will highlight the key elements to consider when designing and managing organisations’ cybersecurity architectures.

The democratisation of application development can pose a security risk

As we have already noted, the use of AI solutions for application development is now firmly established. These days, no developer works without using AI to design applications and write code.

This new landscape is accelerating the digitalisation of businesses. Before the advent of AI, large companies were already fully digitalised, but medium-sized and small organisations had lower levels of digitalisation and were still carrying out processes manually or without applications to automate tasks.

All this has changed significantly in recent times. Thanks to AI, the number of Software-as-a-Service (SaaS) solutions on the market is multiplying, and small and medium-sized enterprises are also developing their own applications that are 100% tailored to their specific circumstances and requirements.

Added to this is the fact that users without extensive knowledge of application development can design software using AI systems – something that was previously the preserve of experienced developers with expertise in both development and resolving complex software bugs.

We also find that new developments generated entirely by AI are difficult for less experienced developers to understand; they therefore prefer to generate new versions whenever a new feature or a fix needs to be implemented, always generating the new code via the AI, without fully understanding the logic behind how it works, resulting in a «disposable» software process where understanding and control over the software’s functions are no longer as important as the speed of its production.

This paradigm shift brings with it the advantages we mentioned earlier, but also financial risks—such as developers spending vast sums of money on AI—and, above all, security risks.

Why? Many companies are rushing to design or commission applications without having an enterprise-wide cybersecurity architecture in place.

In other words, some companies which, until now, did not have a robust technological infrastructure have seen their level of cyber-exposure increase significantly without designing a cybersecurity architecture tailored to this new reality.

Furthermore, the fact that people without in-depth knowledge of cybersecurity are developing applications also means that such software lacks security mechanisms robust enough to guarantee the applications’ operational reliability and protect the information they contain.

The other side of the coin: Code developed using AI can be much more robust

On the other hand, experts also point to a clear benefit of developing using AI solutions: it is possible to build code that is more secure than ever before.

That said, when developing, it is essential to take into account companies’ cybersecurity architecture in order to implement a ‘cybersecurity by design’ policy with the help of Artificial Intelligence.

AI systems can not only ensure that the generated code is secure, but also test applications before they go live.

Cybersecurity experts are already pointing out that new products developed using AI already feature more robust code, which helps to reduce the number of vulnerabilities in applications.

Furthermore, they point out that we are entering a transitional period in which applications developed with AI-generated code will coexist alongside software whose code was generated entirely by hand.

Organisations’ cybersecurity architecture must take this reality into account and design security policies and mechanisms that can reduce risks and detect threats targeting AI-generated applications and previously developed software before they materialize.

Businesses need security strategies tailored to the challenges posed by AI

Best practices for developing applications and managing third-party software

There is no secret formula for designing a company’s cybersecurity architecture.

However, cybersecurity experts and companies have methodologies for creating and adapting a company’s cybersecurity architecture. For example, the cybersecurity framework from NIST, a US agency focused on technological standards.

Furthermore, they play a key role in the construction and continuous improvement of a company’s cybersecurity architecture, identifying and implementing security best practices.

Thus, a resilient cybersecurity architecture depends, first and foremost, on following best practices when developing applications, using digital assets, and auditing them to detect vulnerabilities and malicious activity.

In this regard, it is important to recognise that, although the challenges are different, ever-changing and increasingly complex, companies’ cybersecurity architecture must continue to be underpinned by traditional pillars, and implementing best practices in cybersecurity is one of them.

The classic fundamentals remain essential when designing a company’s cybersecurity architecture

Alongside best practices, we find the other key pillar for designing a company’s cybersecurity architecture and continuously adapting it to new challenges, such as the use of AI to prepare and execute attacks against corporate applications. Which pillar are we referring to? The classic fundamentals of cybersecurity, of which two stand out in particular:

  • Security by design and throughout the entire lifecycle. All applications developed within organisations must be built on the principle of security by design. As noted earlier, AI can help to ensure this security at the code level. Furthermore, security must be a priority whilst an application is in use. It is therefore essential to detect vulnerabilities and mitigate them as soon as possible, prioritising them according to their criticality. Similarly, using obsolete applications that no longer receive security updates runs counter to this basic principle of corporate cybersecurity architecture.
  • Zero-Trust. There is no such thing as total security. That is why companies must design their cybersecurity architecture based on the zero-trust philosophy. This involves establishing robust security mechanisms, such as multi-factor authentication for accessing applications, implementing the principle of least privilege in corporate software, segmenting corporate networks to limit lateral movement by malicious actors, and restricting the ability to download applications or documents onto corporate devices.

If a company’s cybersecurity architecture is built on these foundations, its ability to detect weaknesses, rectify them in good time and successfully deal with security incidents will be greater.

The benefits of having a robust and comprehensive cybersecurity architecture

Indeed, designing a company’s cybersecurity architecture and ensuring that all assets are managed in accordance with security policies and mechanisms provides critical benefits such as:

  • A robust cybersecurity posture, tailored to the risks and covering the entire technological infrastructure.
  • A greater ability to detect weaknesses before they are exploited and to prioritise the remediation of the most critical vulnerabilities based on the business model.
  • The assurance that applications are not developed with inherent security flaws, and that there are no obsolete applications or those with exploitable weaknesses.
  • An immediate and seamless incident response, thanks to every professional knowing their role.
  • Ensuring business continuity by limiting the impact of security incidents, safeguarding critical assets and processes, and reducing the time needed to return to normal operations following an incident.
  • Efficient management of the financial, technical and human resources allocated to cybersecurity.
  • Greater assurance regarding compliance, ensuring that security policies and mechanisms are aligned with current regulations.
  • Adaptation to new threats and to changes in production and technology.
Companies’ cybersecurity architecture must adapt to new risks and challenges

How to implement and optimise a company’s cybersecurity architecture

When it comes to developing, documenting, periodically assessing and updating a company’s cybersecurity architecture, certain critical cybersecurity services play a fundamental role, as one would expect:

  • Security risk assessment. This enables organisations to identify the risks, threats, and weaknesses in their infrastructure and to design a cybersecurity architecture tailored to their needs.
  • Security in development processes, where vulnerabilities can be detected at every stage of the code lifecycle, enabling critical vulnerabilities to be mitigated early in development and in post-design phases. In short, implementing an SDLC cycle and analysing the code statically (SAST), dynamically (DAST), and the libraries it comprises (SCA) to prevent potential flaws introduced by both human developers and AI.
  • Supply chain security to prevent the exploitation of vulnerabilities present in third-party software.
  • Continuous security audits to identify vulnerabilities in digital assets before they are exploited by malicious actors. This type of cybersecurity service is key to detecting weaknesses in application business logic that automated tools cannot identify.
  • Vulnerability management. A company’s cybersecurity architecture must include effective management of vulnerabilities affecting all its assets. This type of service enables organisations to assess the health of their corporate infrastructure, continuously monitor it, implement a plan to detect and remediate vulnerabilities, and ensure compliance with current cybersecurity and data protection regulations.
  • MDR services. MDR services combine proactive threat detection with an immediate response to any security incident. These services are key to a company’s cybersecurity architecture because they enable threats to be identified before they manifest, allowing the architecture to be adapted to the modus operandi of malicious actors. Furthermore, they enable preparatory measures to optimise a company’s cybersecurity architecture and orchestrate an agile, effective incident response, minimising the impact of incidents and ensuring business continuity – an essential objective for any cybersecurity architecture.

In short, the emergence of AI and its widespread use in developing business applications is significantly increasing organisations’ cyber exposure, regardless of their size or sector.

To address this growing cyber exposure and the increased offensive capabilities of AI-enabled malicious actors, it is critical that all organisations have a cybersecurity architecture tailored to the risks they face and the resources at their disposal.

Designing a company’s cybersecurity architecture has become a strategic task for any business. Organisations that lack a comprehensive cybersecurity architecture that accounts for all assets and processes are highly exposed to threats and may suffer security incidents, causing severe financial, legal and reputational repercussions that could bring the organisation down.