Why AI is essential to securing software and data supply chains
Supply-chain vulnerabilities loom large on the cybersecurity landscape, with threats and attacks such as SolarWinds, 3CX, Log4Shell and now XZ Utils underscoring the potentially devastating impact of these security breaches. The latter examples of Open Source Software (OSS) attacks are a growing attack vector. In fact, nearly three-quarters (74 percent) of UK software supply chains have faced cyber attacks within the last twelve months.
Expect attacks on the open source software supply chain to accelerate, with attackers automating attacks in common open source software projects and package managers. Many CISOs and DevSecOps teams are unprepared to implement controls in their existing build systems to mitigate these threats. In 2024, DevSecOps teams will migrate away from shift-left security models in favor of “shifting down” by using AI to automate security out of the developers’ workflows.
Snowflake customers' misperceptions on who owns identity security in the cloud
Details are continuing to emerge daily on the hacking of Snowflake customers who have had their data stolen in what is shaping up to be one of the most significant attacks in years. So far, at least 165 of Snowflake’s customers, including household names like Ticketmaster, Santander Bank, and Advanced Auto Parts, have been identified as having their data impacted in this incident.
While initial reports indicated that Snowflake itself had been hacked, with some evidence pointing to a former employee’s demo account having been compromised, this attack was actually far more interesting because of what it tells us about the current state of security in the cloud.
Understanding data bias when using AI or ML models
Artificial Intelligence (AI) and Machine Learning (ML) are more than just trending topics, they’ve been influencing our daily interactions for many years now. AI is already deeply embedded in our digital lives and these technologies are not about creating a futuristic world but enhancing our current one. When wielded correctly AI makes businesses more efficient, drives better decision making and creates more personalized customer experiences.
At the core of any AI system is data. This data trains AI, helping to make more informed decisions. However, as the saying goes, "garbage in, garbage out", which is a good reminder of the implications of biased data in general, and why it is important to recognize this from an AI and ML perspective.
Infrastructure-as-code and its game-changing impact on rapid solutions development
Rapid solutions development has become the standard in the tech world, empowering organizations to be first to market and fast to acquire a return on their investment. However, achieving rapid development has become increasingly more difficult.
One of the main challenges to rapid development for today’s tech firms is the ever-increasing complexity of the tech world. New solutions must integrate with a virtually unending tech universe, and the factors that must be considered -- as well as the likelihood of conflicts -- have grown exponentially in recent years.
The real impact of AI on ransomware
Artificial intelligence is the biggest topic of 2024. While some are already tired of seeing AI constantly in the headlines, it will only become more prevalent. Keeping up with how it changes business practices is then critical. AI is undeniably disrupting most digital industries, including cybercrime.
As a result, it is important to cut through the hype and get to the facts about AI. A lot has been said about AI's potential impact on the global ransomware threat, but what is the real impact?
From application to zero trust: Identity security fundamentals to stay ahead of the threat landscape
Cybercriminals are not new, and often neither are their tactics. Despite this, phishing attacks, which incorporate social engineering in emails and messages to persuade people to perform an action that puts organizations at risk, continue to be highly successful. New technologies, such as GenAI, are improving these tactics further and companies must implement a strategic approach built on a solid foundation of identity security to minimize risks.
The most glaring vulnerability within an organization stems from human error. Mistakes such as using weak passwords, reusing credentials across multiple platforms, or falling victim to phishing attacks, can provide malicious actors with an easy gateway into secure systems. Social engineering exploits the natural human inclination to trust, deceive employees into divulging sensitive information or unwittingly granting access. Despite widespread awareness campaigns, these tactics continue to succeed, highlighting the gap between knowledge and practice, which presents a major risk to organizations.
DORA: A blueprint for cyber resilience in the U.S.
In today’s post-pandemic world, businesses are looking to shift back into the office while leveraging the learnings from the pandemic. Digital operations are going to be the new normal. With business innovations increasingly helping enterprises provide faster and easier-to-consume services to customers, the digital way of business is continuously creating a much larger digital footprint than ever before.
However, continuously increasing digital footprint also means possible targets of cyberattacks are also increasing equally rapidly. What is interesting to note is while investments in cybersecurity are increasing, so have the cyberattacks. According to CrowdStrike, attackers are moving faster within enterprises after an initial breach, with the average time it takes to hit patient 1 after patient 0 (the typical indicator of lateral movement) falling from 84 minutes to 62 minutes in the last year. Unfortunately, while many enterprises are continuing to invest in cyber security, far few invest in cyber defense, yet everyone wants the assurance of cyber resilience.
Land of hope, glory and e-waste: Brits are set to become the biggest contributors to electronic waste this year, but why?
As technology evolves and becomes more accessible, providing new and exciting ways to make our lives easier, it’s easy to ignore the elephant in the room -- the huge amount of e-waste our appetite for consumption is causing. Ignorance has been bliss, but with research suggesting this year the UK could become the world’s biggest contributor to e-waste per head, transformative action is long overdue.
While our drive to have the latest technology is natural, we need to consider what happens to old devices when we upgrade.
A technical overview of Cisco IoT part 2: Hardware
The following article continues the Cisco IoT series, shifting focus to the essential networking hardware that powers IoT solutions. Part one of the series explored the foundational elements of IoT routing and switching, emphasizing the critical role these components play in ensuring seamless connectivity and robust data flow. Building on that discussion, this piece will outline the significant opportunities in IoT networking and security that Cisco supports through its innovative hardware offerings.
IoT is a rapidly expanding area of networking with increasing use cases. It impacts various sectors, including healthcare and retail, by providing valuable security or cost-saving benefits through new forms of sensors. These sensors enable new capabilities such as better inventory management and improved products.
7 steps for managing data in the AI era
AI will generate 10 percent of all new data in 2025, according to Gartner. This statistic has significant ramifications for business leaders in the digital age.
First, it hints at another substantial development: Overall data generation will skyrocket alongside advanced AI and machine learning (ML) tools. Statista predicts that humans will create, process and consume 180 zettabytes of data in 2025, up nearly 300 percent since 2020. This prediction foreshadows worsening data sprawl, a problem wherein organizations have more data than they can process or understand.
IT leaders challenged to close industry skills gap -- Human talent shortage leads to more automation and MSP outsourcing
Information technology leaders have long struggled to close a persistent skills gap, especially since the largescale shift to hybrid workforces and remote employees during the pandemic. To address the growing talent shortfall, many IT leaders are taking a strategic automation approach to outsource more IT functions. The use of automation can lighten the load to free up technicians for other pursuits such as streamlining network operations or learning new skills.
Auvik’s recent IT Trends 2024: Industry Report found that managed service providers (MSPs) and internal IT departments are deploying more automated systems today to address their staff shortages and resource constraints. Despite making some progress, nearly one-third of network and SaaS-related management tasks are still being done manually (29 percent), and 11 percent of IT professionals still perform their network documentation tasks completely manually.
Getting the most from your data: Five reasons organizations need a Chief Data Officer
Data is the heart of modern business -- the fuel powering organizations forward. However, many are still struggling to unlock value from the wealth of information they hold, with organizations across EMEA unable to use a third (33 percent) of their data effectively. For some, a primary reason for such ineffective use of data is the absence of a C-suite executive with accountability to modernize technology, author enterprise data strategy, and accelerate a data-driven culture: the Chief Data Officer (CDO).
Some believe the C-suite is already overcrowded and the thought of adding another position is unappealing, but in the contemporary business landscape, data is increasingly shaping corporate strategy. Without a CDO, the C-suite will miss key opportunities.
Balancing Large Language Model adoption with robust API security
The popularity of Large Language Models (LLMs) has prompted an unprecedented wave of interest and experimentation in AI and machine learning solutions. Far from simply using popular LLMs for sporadic background research and writing assistance, LLMs have now matured to the degree where particular solutions are being used within specific workflows to solve genuine business problems.
Industries such as retail, education, technology, and manufacturing are using LLMs to create innovative business solutions, delivering the required tools to automate complex processes, enhance customer experiences, and obtain actionable insights from large datasets.
Navigating the hybrid workplace: Balancing productivity, efficiency and security
In today’s digital workplace, we rely heavily on a wealth of collaboration solutions; in fact, these tools have become ingrained and part of our daily workflows. Despite hybrid working patterns and the return, for some, to a more traditional work environment, the continued reliance on collaboration apps remains strong. This presents opportunities and challenges for the IT teams tasked with onboarding and offboarding employees and effectively managing an ever-growing plethora of tools and apps.
Without a doubt, these collaboration tools have improved communication and made work easier andmore efficient. Applications such as Zoom, Teams, and Google Meet have become essential in the workplace. Each offers unique features and integrations, enabling employees to go about their daily work lives, regardless of whether they adopt the hybrid or fully remote working model.
Securing democratic integrity against cyber threats
This year is one of the biggest for elections around the world, with 64 countries heading to the polls. The UK government and the NCSC have already issued warnings that current geopolitical tensions may lead nation-state actors attempting to meddle in election results through various cyberthreats.
Beyond the threat of nation-state activity, this year marks the first large-scale election in the UK in the time of deepfakes and AI, which have the potential to spread misinformation and disrupt the integrity of the country’s democratic processes.
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.