October is Cybersecurity Awareness Month and the question for IT departments around the globe is whether it will have been “trick” or “treat” when the clock strikes midnight on the 31st.

Such is the nature of the cybersecurity world where organizations are constantly under attack and the threat landscape continues to grow. Throughout the year, the rise of generative artificial intelligence has dominated enterprise computing, and experienced security practitioners are realistic when it comes to assessing the technology’s impact.

“Generative AI is going to cause a massive amount of attacks,” said Steve Kenniston (pictured), senior cybersecurity consultant at Dell Technologies Inc. “Just like generative AI can help you scale your business from a security standpoint, to be able to put tools in place and actually monitor what’s going on and have all of that be automated…so can the threat actors. The threat actors can now scale.”

Kenniston spoke with Dave Vellante, industry analyst for theCUBE, SiliconANGLE Media’s livestreaming studio, and they discussed best practices for organizations to follow in protecting against scaled-up attacks. (* Disclosure below.)

Building solid foundation

During his exclusive interview with theCUBE, Kenniston described how security researchers have noticed phishing attacks with deliberate misspellings of words commonly mangled by a potential victim’s boss. It’s a more powerful way to ensure the believability of a seemingly innocuous email. The expectation is that generative AI will ultimately strengthen security tools for enterprise IT, but there are still important steps organizations should be taking to protect critical systems and data.

“I don’t know a lot of vendors that have put a lot of generative AI into their solutions yet,” Kenniston said. “But the real question then becomes: do you have a solid foundation in your environment, a solid infrastructure to be able to have a secure environment? It’s things like being able to detect and respond to threats, or recover from a threat. Those are some of the basic foundational building blocks to being able to make sure you have a secure environment.”

Those foundational blocks include a focus on creating a zero-trust framework where no one is assumed to have right-to-access until proven otherwise.

“There’s a list of things you can do to help reduce your attack surface, but a lot of them start with just implementing a zero-trust environment,” Kenniston said. “Capabilities like multifactor authentication are being laid out and used a lot these days and I think it’s very helpful. There are things like role-based access and getting consistency among who has access to what and what privileges do they have when they’re in there.”

The challenge confronting many organizations is where to start with implementing a zero-trust framework for a widely distributed computing network with many users and equipment in far flung regions of the world. Kenniston advises a step-by-step approach and Dell has recently provided a new service to help clients on the journey.

“These frameworks are very big, they can be very intimidating to some customers, depending on your size and depending on the skillset that you have inside your company,” Kenniston said. “We’ve gone a step further at Dell and we’ve announced Project Fort Zero at Dell Technologies World. That’s a way to basically one-stop shop purchase of a zero-trust infrastructure and put behind it the capability you are going to need to be able to secure.”

Architect for recovery

Despite the best laid plans, breaches still occur. This places special emphasis on having a strong recovery plan in place to safeguard critical data, according to Kenniston.

“The first thing I always tell customers is to stop architecting for backup, start architecting for recovery,” Kenniston said. “Today we have solutions that can backup a petabyte of data in an evening. Big deal. If I can’t get back the two-terabyte database I need that runs my business, I don’t care how much data I backed up last night.”

The Dell executive advised firms to begin thinking about the critical systems that run the business and then employ a set of best practices to enable rapid recovery of data in the event of an intrusion.

“Things like snapshotting, snapshot backups, replicated backups, backups to vaults…these all make sense depending on the data type that you have,” Kenniston noted. “The other nice thing about having solutions that allow you to do things like instantaneous recovery is testing. Remember in the disaster recovery world you used to say you didn’t have a disaster recovery plan if you didn’t test the plan. The same thing happens with your cybersecurity plan.”

During Cybersecurity Awareness Month, Dell will be releasing a series of whitepapers, infographics, podcasts and blog posts built around key messages that reinforce how to keep threat actors out, how to detect and respond when breached and how to recover from cyberattacks.

“What this allows us to do is to really just provide a great educational platform for folks,” said Kenniston, in discussion of the month’s activities. “It’s not necessarily to talk a lot about products and solutions, but talk about things you need to be paying attention to within your environment.”

Watch the complete video interview below, and be sure to check out more of  theCUBE and Dell’s ongoing exploration of data protection for modern multiclouds.

(* Disclosure: Dell Technologies Inc. sponsored this segment of theCUBE. Neither Dell nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE