The more a country digitalises, the more vulnerable it becomes to cyberattacks. This simple equation is one that many overlook.
Brian Zarb Adami, CEO of CyberSift, explains what people still get wrong about cybersecurity, how Cyprus can do better and why Generative AI is tipping the balance in favour of the attackers.
It’s striking that most of us lock our homes, cars and even bikes without a second thought, yet online we behave as if nothing bad could happen – until that illusion is shattered. “People think they’re not important enough to be hacked but a hacker can use their information to scam someone else or gain trust and build it into a fraud. Everything has value,” says Brian Zarb Adami, CEO of cybersecurity firm CyberSift.
In 2015, some 334,000 US households had personal information stolen, including social security numbers, which hackers used to file fraudulent tax returns. Identity theft, Adami stresses, is only one motive. North Korean groups target cryptocurrencies, while Russian actors treat hacking power plants and other critical services as instruments of war in Ukraine. “With everybody having a personal email linked to so many services, hacking your Gmail means they can probably own your entire digital life,” he explains.
Adami’s path into cybersecurity has been far from linear. Trained as a pharmacist, he drifted into IT as a hobby and later built ventures at the intersection of the two, back when coding meant dealing with a black screen of green text. In 1996, he founded Compunet, which grew into a well-established IT solutions provider. After the Maltese software group 6pm acquired it in 2011, he became CTO, spearheading RFID solutions that helped UK hospitals track equipment and patient files. A couple years later, the company launched Malta’s first Security Operations Centre (SOC) to safeguard the link between its offices and the hospitals. Soon after, the government came calling, wanting its own SOC, and 6pm won the tender. Such centres required large teams to monitor threats around the clock and, together with colleague David Vassallo, then completing a Master’s Degree in Information Security, he saw a chance to use machine learning to reduce the workload. The 6pm Board, focused on selling to Idox in 2016, wasn’t interested, so Adami and Vassallo founded CyberSift with proceeds from the sale. “When we started, nobody thought cybersecurity would become critical. Today, almost every week, you hear that somebody has been hacked or scammed. It’s a very different world,” he notes.
CyberSift is currently spread over eight countries - Malta, Estonia, the UK, Bulgaria, Poland, Italy, Lebanon and Brazil – and is now preparing to expand into Cyprus and Greece, with clients in Cyprus already lined up.
In 2023-24, nearly half of Cyprus’ businesses came under cyberattack. Universities and even the Department of Lands & Surveys were hit. To Adami, this came as no surprise: hackers chasing profit rarely waste time on giants like Bank of America, which spends hundreds of millions on its defences. They go after companies and countries that are only now catching up with digitalisation. The threat is hardly unique to Cyprus. In 2019, over a single weekend, hackers siphoned €13 million from the Bank of Valletta in Malta through a phishing campaign. It was not until the accounts department spotted some discrepancies that the bank realised that it had been breached. Now that Cyprus has had a rude awaking following the recent surge in attacks, Adami believes it needs to invest far more in cybersecurity. That, he argues, should mean incentives: public funds for penetration tests – ethical hackers paid to probe vulnerabilities – or grants for SMEs to buy stronger firewalls. “Yes, EU laws like DORA and the NIS2 Directive are pushing countries and companies to get their security organised. But they should do it for their customers’ safety, not just because a law demands it,” he stresses.
A typical 200-user network, say a mid-sized bank, can generate 50 million log events in a single month. Out of those, only 20 to 30 are likely to be genuinely dangerous on any given day. Sifting through that haystack by hand is unwise, so CyberSift’s flagship platform, which has found a sweet spot in fintech, banking and financial services, ingests data from across an organisation’s infrastructure – cloud, on-premises or hybrid – and uses AI to flag anomalies. Those signals are then cross-referenced against 29 threat-intelligence databases, like IBM’s X-Force and BrightCloud. “Obviously, you still need second- and third-line people, because eventually a human has to make the call,” Adami notes. “But by automating as much as possible, we make security operations manageable, both for us and for the customer.”
For companies with deep pockets, these defences work. For SMEs, which are the backbone of Cyprus’ economy, the picture is different. Budgets often stretch only to off-the-shelf packages that protect part of the business. They can’t monitor everything, from networks and PCs to brand misuse or leaked identities on the dark web. And in cybersecurity, the old adage holds that you are only as strong as your weakest link. “If I want to attack a government department or business, it’s easier to hack an employee at home, then move onto their work network,” Adami explains. A classic example involves LinkedIn, which in June 2012, found its main database stolen by a Russian group by compromising a system administrator’s personal blog and hopping onto his VPN. “We believe the SME market is not properly catered for,” he says. CyberSift’s next move is fine-tuning Tutela, an attack-surface management tool that consolidates multiple defences, for SME budgets. “We are trying to make all that functionality available for less than 60 times the price – something everyone can afford,” he adds.
Meanwhile, Generative AI is reshaping the cyber threat landscape in dangerous ways. According to IBM, one in six data breaches last year involved AI, and the technology also played a role in two out of five business-email phishing scams. Deloitte estimates that Generative AI-enabled fraud could cost the global economy US$40 billion by 2027, up from US$12 billion in 2023. The threat isn’t just theoretical. An AI researcher at US cybersecurity firm Cato Networks bypassed ChatGPT’s safeguards to generate malware, simply by convincing the model it was for a story. Similar risks exist with locally hosted LLMs, where controls can be removed entirely.
There’s another hidden danger: the data these models consume. “If someone uses a model – ChatGPT, Claude, Gemini and so on – to summarise a company’s annual report, that information is stored in the model’s memory. With enough patience, you can definitely retrieve it,” Adami says. “If it’s confidential, don’t use an LLM. You can’t know where the information will end up, Even more troublesome, threats are not limited to direct input. Anthropic, for example, is facing legal scrutiny for training its model on repeated ingestions of Reddit data. So, any information shared online could potentially become a vulnerability. On the question of whether Generative AI is a net positive or negative, Adami leans cautious. “Don’t trust, verify,” he says, advice that applies equally to scams, from pop-ups to suspicious texts.
A decade ago, researchers hacked a 2009 Chevy Impala to control tracking, brakes and acceleration. If they had wanted to, they could have turned cars into mobile weapons. Adami proposes another scenario: imagine a manufacturing plant where someone hacks the pumps adding preservatives to milk, upping the dosage tenfold, or tampers with water-treatment pumps, sending sewage back into the system. These systems are part of operational technology, which builds on and extends traditional information technology. The problem, Adami warns, is that even in the GenAI race – not to mention the imminent arrival of humanoid robots – cybersecurity is still largely treated as an IT issue. “We need to start thinking of it as operational technology. And after that, we can start thinking about the rest, like AI or robotics. So, we are not even maturing our cybersecurity fast enough,” he says, a stark reminder that defending the digital world remains a relentless race.
CONTACT INFORMATION
e-mail: info@cybersift.io
Website: www.cybersift.com
