It is very cynical to think that no matter how bad things are, they can always get worse. But in some cases, it’s true: today, in addition to being exposed to misinformation and disinformation, we now have ‘malinformation’ to deal with, and it’s something that not just business, but society at large, needs to be more aware of.
For business in particular, though, it can’t just be ignored: businesspeople simply must wrap their heads around this potential threat, especially with the rise of generative AI (GenAI) that can be roped in to create all manner of malicious and convincing campaigns that target businesses.
Malinformation poses such a threat, Gartner predicts that by 2028, businesses worldwide will spend over $30 billion every year to fight it.
What is Malinformation?
Basically, malinformation is truthful information that is used to deceive, harm, or manipulate – often with the goal of making money. The nuance here is that unlike misinformation, which is inaccurate information shared without harmful intent, and disinformation, which is false information shared with the intent to pull the wool over people’s eyes, malinformation is based on truth but deliberately twisted to cause harm.
An example of malinformation in action
Imagine a scenario where a company releases accurate but selective financial information about a competitor to make people think it’s financially unstable. They might share real data about that company’s increased debt levels without also mentioning the corresponding growth in assets and revenue that came about as a result – things that any good businessperson knows would justify taking on additional debt.
This limited view of that company’s finances could feasibly lead to a drop in investor confidence, cause its stock price to drop, and harm the company’s reputation, even though the information shared was technically correct. Painting misleading pictures with selective use of facts and truth is what malinformation is all about.
The business impact
There are several reasons to be vigilant against malinformation. First, it can cause brand damage, which could cause customers to lose faith in your company and take their money elsewhere. It can also stir up trouble inside your organisation and lead to employee disengagement and conflict, especially if sensitive information is used.
And then there are the regulatory and legal challenges it could lead to if the malinformation campaign against you involves the misuse of data or breaches of privacy laws. None of these are things businesses want or need.
Gartner’s outlook on malinformation
Research firm Gartner has plenty to say about malinformation. They predict that by 2028, the spending to fight malinformation will eat into marketing and cybersecurity budgets, cannibalising them by as much as 10%. This is an indication of how scary the threat of malinformation is, and how seriously businesses need to take it.
Gartner also believes that by 2027, 45% of CISOs will see their roles expand beyond cybersecurity, and have them tackling issues like malinformation due to the inevitable regulatory pressures that will emerge as well as the expanded attack surface. If you’re a CISO or you play a similar role, expect the fight against malinformation to land in your lap.
Interestingly, Gartner anticipates malinformation to cause knowledge workers to unionise more, with a 1,000% increase in unionisation by 2028. They think the change will be due to the increased adoption of GenAI and the concerns it raises about job security and ethics.
Tackling the challenge
Oh, great, yet another thing to worry about, right? You will be happy to know that good advice on how to tackle this soon-to-be-scourge already exists, and it’s right out of the ‘effective cybersecurity’ and ‘cybersecurity best practices’ handbook.
- Lead Responsibly: Assigning a dedicated executive, such as the CISO, to oversee efforts against malinformation is a must. This role should encompass monitoring, prevention, and response strategies.
- Educate Employees: Raising awareness about the nature and risks of malinformation among staff is essential. Training sessions can help employees identify and report potential instances of malinformation.
- Beef Up Your Security: Reviewing and improving data security and privacy practices can prevent bad actors from accessing sensitive information that could be used maliciously.
- Monitoring and Response Plans: Be sure to encourage vigilance among staff, but also have a good and effective response plan in place in case the worst happens anyway.
- Keep Everyone Updated: Regular communication with customers, partners, and regulators about how the company is addressing malinformation can help maintain trust and transparency.
Preparation and understanding
As if business isn’t complex enough, we must now deal with malinformation as well. However, because it’s a fact that business increasingly relies on digital technologies, and the bad people who are out to make a quick buck at your expense are highly motivated to keep plying their trade, understanding and preparing for this relatively new risk is more important than ever.
By recognising the seriousness of the issue, leading responsibly, and putting effective counter-strategies in place, businesses can protect themselves against the damaging effects of malinformation.
And yes, it’s just another thing to add to the list of challenges facing businesses in the modern era, but maybe, just maybe, it will lead to more effective data privacy and protection strategies down the line, and we will one day look back on it all and have a laugh…
Maybe. But while it remains a contemporary threat, it will likely pay to be prepared.