Mathieu Cousin does not like to be surprised. As a threat anticipation specialist, he has dedicated much of his career to monitoring potential threats, helping companies like AXA avoid being surprised by a threat that could impact its operations.
Recently, Mathieu joined AXA XL’s Cyber Risk consulting team in a newly created role as Cyber Proactive Customer Service Manager and is supporting AXA’s Cyber Center of Expertise as well. The Cyber Center of Expertise leverages AXA’s collective cyber knowledge and skills to build strategies, tools, and services to help mitigate cyber threats and navigate the complexities of the digital landscape.
Mathieu brings a wealth of cybersecurity knowledge and experience to his new role. By sharing insights and best practices on threat mitigation, he is intent on empowering our cyber insurance teams and our clients to step up cyber vigilance and preparedness. Here, Mathieu explains his new position and what cyber threats he’s watching to help AXA's cyber insurance clients prepare for what’s ahead.
How will you use your experience in threat anticipation in your current role?
MC: In my previous roles, including the last five years at AXA, I focused on identifying current trends, recent developments, and weak signals to provide insights into how existing threats could evolve and what emerging threats might mean for AXA's operations.
In this new position, the focus is primarily on cyber risks and threats. I will be examining trends in ransomware, new techniques employed by malicious actors, and the motives behind these attacks. Understanding the structure and organization of these groups will help us and our clients forecast their next moves.
Cyber threats are interconnected with various global factors, including fluctuating geopolitical tensions. The increasing regulation across numerous sectors also provides insights into how we can anticipate future requirements concerning security, data protection, and resilience.
Cybersecurity is also intricately tied to an extensive supply chain, often international, which faces its own set of geopolitical tensions and regulatory challenges. My team and I will analyze these factors to understand their implications for our clients.
Based on your insights on AXA’s Security team, which emerging cyber risks do you believe will be most significant for AXA and its clients in the near future?
MC: One significant risk is the interconnected nature of organizations within an ecosystem of numerous partners and suppliers. The global landscape has shifted drastically, especially in recent weeks. The integrated approach that many organizations adopted in managing their IT operations and cybersecurity is becoming increasingly problematic in a world that is no longer as interconnected.
For instance, operating in China has become increasingly challenging due to restrictions on U.S. technology, and similarly, European countries are pushing for "sovereign technologies." This shift indicates that cybersecurity maturity will vary significantly across countries due to technological access, local expertise, and the diverse solutions deployed throughout their infrastructures.
Another critical issue is the tendency to overlook fundamental cybersecurity practices in favor of chasing the latest trends. While there is a strong focus on advanced technologies like AI, basic cyber hygiene remains crucial. Organizations often experience incidents because they neglect fundamental security measures, such as unpatched systems or employee training lapses.
Lastly, organizations are rightfully excited about adopting new technologies, yet they must recognize the fragile foundations upon which these advancements rely. Simple coding errors and disruptions to critical infrastructures can severely impact the functionality of these technologies and, by extension, business continuity and resilience strategies.
While there is a strong focus on advanced technologies like AI, basic cyber hygiene remains crucial. Organizations often experience incidents because they neglect fundamental security measures, such as unpatched systems or employee training lapses.
With the increasing use of AI technologies, what potential risks do you foresee, particularly concerning cyberattacks leveraging AI for exploitation?
MC: AI presents both opportunities and challenges in the realm of cybersecurity. Here are four challenges that I see and will continue to watch as AI-supported cyber threats continue to take shape:
- Accessibility of Cyberattacks: AI has lowered the barrier to entry for launching cyberattacks. While complex attacks still require expertise, AI-powered tools allow anyone to initiate basic attacks easily.
- Enhanced Phishing Campaigns: AI improves the quality of phishing attacks. For instance, language barriers that once made phishing emails obvious can now be overcome through advanced AI translation, making it easier for attackers to craft convincing messages.
- Targeted Attacks: AI can be utilized to gather detailed information about specific individuals, enabling highly targeted attacks that are difficult to detect.
- AI-Driven Cyberattacks: While the concept of AI autonomously launching attacks is still in experimental phases, the potential for such events in the future poses a significant risk. The speed of these attacks would outpace human response capabilities.
One cyber threat that you’ve anticipated is vulnerabilities in internet infrastructures. What steps can organizations take to safeguard against potential disruptions in connectivity?
MC: Addressing vulnerabilities in internet infrastructure is complex. Most organizations cannot deploy backup undersea cables or launch their own satellites as safeguards. Instead, it's essential to focus on resilience and preparedness.
Organizations should evaluate their contingency plans for potential connectivity disruptions. Questions to consider include the acceptable downtime for operations, the adequacy of their business continuity plans, and the support available from current service providers. Proactively addressing these issues ensures that organizations are not caught off guard when connectivity challenges arise.
Given the rising threat of cyberattacks, what measures do you recommend for raising awareness among employees about their role in preventing cyber threats?
MC: The key to effective security awareness is relevance. Cybersecurity training should be tailored to the specific needs of different employee populations, from leadership to technical staff. While mandatory training is essential for compliance, it is often insufficient in a landscape where threats are rapidly evolving.
AXA is developing targeted security awareness programs for different groups, ensuring that employees understand the importance of cybersecurity in their roles. Additionally, employees must be aware of how their personal online activities can inadvertently affect organizational security. Engaging with government and national programs that provide free resources on cybersecurity trends and attacks can further enhance awareness and preparedness.
How do you envision collaboration between the Cyber Center of Expertise and other departments at AXA to address emerging threats effectively?
MC: At AXA, we’ve made significant strides in cybersecurity maturity, attracting top talent and developing robust practices to manage security operations. In my role, I aim to leverage this wealth of expertise and insights for the benefit of all AXA entities and our clients.
We are prioritizing knowledge sharing across teams, focusing on both successes and challenges in managing cybersecurity. This collaborative approach will strengthen our overall resilience against emerging threats.
