Why it's worth returning to Black Hat
I may not care for Las Vegas in the heat of August, yet I would come back as everything I need to learn and everyone I need to see face to face is at Black Hat.
Concentrated in one week, I meet customers, learn from their feedback, understand how they view the market, the security industry, what we are doing right and what we should change. With so much to talk about and so much to learn, you often leave the conference feeling like you have only just touched the surface. That being said, this year's discussions provided insights into the most critical sectors for the cybersecurity industry to remain resilient and continue to be ever evolving. If there are three things that were talked about, these are the most important to take away and bring back to your boardroom.
Why AI isn't just hype -- but a pragmatic approach is required
After all the headlines we have read about how amazing Artificial Intelligence (AI) is and how businesses would literally stagnate if they didn't have it, it was interesting to read this article in Forbes, who suggest that AI stock is showing 'bubble-like' tendencies and may soon experience a sharp correction as businesses struggle to operationalize AI. So, should we write off AI? Maybe not.
Perhaps the better plan is to accept that AI is at the top of its hype cycle, and, like any new technology, there will be some limitations to ChatGPT-style AI, which in its raw state can be subject to issues like hallucinations. We knew this anyway, as the CEO of the company behind it explained: "ChatGPT is incredibly limited but good enough at some aspects to create a misleading impression of greatness. It's a mistake to be relying on it for anything important right now."
Digital infrastructure: whose is it anyway?
A recent report was shared by McKinsey, 'the state of cloud computing in Europe', which highlighted not just low returns, but serious complications for businesses
implementing cloud as a basis for their digital transformation.
Embracing the digital workplace: IT's new role in driving productivity
Britain is plagued by sluggish productivity, with the Office of National Statistics (ONS) reporting UK productivity growth as 'anaemic' for the past 15 years. And things are getting worse, not better.
In London -- the country's largest and richest regional economy -- output per hour worked has fallen by 2.7 percent between 2019 and 2022. But what is the root cause of this underwhelming growth?
Key Bridge rebuild: leveraging artificial intelligence and machine learning for AEC projects
The collapse of Baltimore's Francis Scott Key Bridge sent shockwaves both nationally and internationally earlier this year. The city is now faced with the significant economic loss of a critical transport channel – and the challenging task of its reconstruction. Engineering and construction specialists anticipate that the rebuild effort could take up to 15 years. As a once-widely utilized structure, there is a deep sense of urgency to expedite the resurrection of the Key Bridge.
But current engineering and construction processes could wreak havoc on the possibility of an expeditious rebuild. The design and planning processes for large architecture, engineering and construction (AEC) projects, specifically critical infrastructure such as airports, bridges and ports, are historically rigid. Operating with a highly formalized approach derived from years of informed engineering practices, the volume of factors to contemplate around the build of a crucial transport structure is astronomical. Identifying and adhering to rigorous regulatory standards is only the first hurdle. Combine this with navigating other variables such as climate change, traffic implications and sourcing highly specialized materials, and suddenly a decade doesn’t seem like an unreasonable timeline for the construction of a major transport hub.
Multi-cloud, multi-challenge -- what's the answer?
With more business applications and data existing outside of the traditional network perimeter and across multiple clouds, organizations have a harder job than ever before to maintain security and reliability of critical services. This challenge is shared by the majority of IT leaders -- as 81 percent recently surveyed believe the increasing number of cloud applications is adding additional pressure on network performance.
This issue is heightened by the 44 percent of UK workers that now work remotely. Every new remote worker and device added to the organization's network, also expands its attack surface. In fact, 85 percent of IT leaders say remote and hybrid working has contributed to an increase in network security threats. Over two-thirds (69 percent) of UK organizations have experienced an increase in network security threats in the past 18 months.
Deepfakes: the next frontier in digital deception
Machine learning (ML) and AI tools raise concerns over mis- and disinformation. These technologies can 'hallucinate' or create text and images that seem convincing but may be completely detached from reality. This may cause people to unknowingly share misinformation about events that never occurred, fundamentally altering the landscape of online trust. Worse -- these systems can be weaponized by cyber criminals and other bad actors to share disinformation, using deepfakes to deceive.
Deepfakes -- the ability to mimic someone using voice or audio and to make them appear to say what you want -- are a growing threat in cybersecurity. Today the widespread availability of advanced technology and accessible AI allows virtually anyone to produce highly realistic fake content.
Mastering tenant-to-tenant cloud migrations: Strategies for success
Tenant-to-tenant cloud migrations have become pivotal for organizations striving to boost operational efficiencies and seamlessly adapt to dynamic changes such as mergers, acquisitions, and organizational restructuring.
These migrations are about more than transferring data and applications between cloud environments. They also represent a strategic move towards greater scalability and improved resource management, enabling businesses to respond more agilely to market demands and growth opportunities.
Pool your cybersecurity resources to build the perfect security ecosystem
Cybersecurity has never been something to set once and leave running in the background -- it is a constantly evolving landscape. While the migration of data and applications to the cloud provides numerous business benefits, many organisations struggle to secure their networks against rapidly changing cyber threats. Ransomware attackers have understood the value of targeting smaller organisations and tailoring attacks to take advantage of businesses they believe will pay up immediately (and often with the backing of cyber insurance) rather than invest in defences.
Tight security for data and resources is now the difference between operations running smoothly or being disrupted to the point that businesses are forced to close entirely. But how can SMBs achieve comprehensive security management and threat intelligence on a budget? Partnerships and alliances provide the solution.
Recovering from a data breach requires an effective cyber resilience strategy
The exposure of an organization's sensitive data or personal customer records can be detrimental to a company’s reputation. It may also result in severe financial implications due to regulatory fines and associated legal fees. Therefore, organizations must enhance their cybersecurity landscape as cybercrime and ransomware attacks increase exponentially.
This is supported by findings from the recent UK Cyber Security Breach Survey 2024, which states that 50 percent of UK businesses reported to have suffered a cyber-attack or breach in the last 12 months. Equally concerning is the global average cost of a breach which reached up to $4.45 million in 2023 according to Statista.
Bridging the gap: innovations in AI safety and public understanding
The rise of artificial intelligence (AI) has brought immense opportunities and significant challenges. While AI promises to revolutionize various sectors, from healthcare to finance, the erosion of public trust in AI safety is becoming a critical concern.
This growing skepticism is fueled by factors such as a lack of transparency, ethical considerations, and high-profile failures. Addressing these issues cannot be overstated, as public trust is essential for the widespread acceptance and successful integration of AI technologies.
Lessons unlearned -- the cybersecurity industry is stuck in the past
People can make mistakes, well-intentioned or otherwise, in any walk of life or industry. It happens all the time.
Take the cybersecurity industry, for example. Just over two weeks ago, the well-publicized Microsoft outage caused by CrowdStrike's corrupted software update wreaked havoc across the world.
Azure outages should spark new urgency for a multi-cloud approach
July 19th 2024 will go down as a tough day for many IT teams, and the day started even worse for businesses using Microsoft Azure and its supported services. In addition to the widely publicized global outage caused by a CrowdStrike update, Microsoft Azure's Central US Region was down for five hours due to an unrelated failure, impacting millions of business users worldwide.
As if that wasn't enough, less than two weeks later, Microsoft Azure experienced another global outage lasting more than six hours. According to the company's service status page, it was Microsoft's 8th service status-related incident.
The C-suite conundrum: are senior executives the Achilles' heel of cybersecurity?
In today's digital landscape, an organisation's C-suite and senior executives hold the most valuable corporate data and sign-off authorities, representing the highest potential risk over email. Whether it's inbound spear phishing attacks or outbound mistakes resulting in a damaging data breach, the C-suite are vulnerable.
But what do cybercriminals want from these individuals, are breaches always a result of external actors, and what can organisations do to protect their top decision-makers?
It's time to get proactive about vulnerability remediation
Traditionally, the main concern security teams used to have about vulnerabilities was finding them. In the chaotic pre-cloud security years, identifying security issues on time was challenging, leading to gaps, blind spots, poor security hygiene and a growing attack surface. The introduction of cloud security posture management solutions that provide visibility and detection capabilities resolved these gaps but created new challenges -- an avalanche of alerts that overwhelmed security teams, frustrated engineers and created friction and noise, making remediation a costly, time-consuming task. Still today, many companies rely on these security posture management tools to indicate the existence of a vulnerability but react to these indications with a 'first come-first served' approach. Completely reactive, this approach means that teams are led by the events and alerts instead of controlling, managing and remediating them. Having a reactive approach means possibly missing the most critical alerts, lacking a proper organizational workflow to ensure the right people are addressing the right things, and ultimately negatively impacting your organization's security posture. It's time to get proactive about vulnerability remediation.
From following to leading
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.