Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Charlie Thomas of Deepwatch digs deep into cyber resiliency and why MDR is paving the way for the future of cybersecurity.

Is cybersecurity working?

The straight answer? Partially. It’s definitely helping, but it could be much better. The Splunk 2023 CISO Report released in October states that 96 percent of respondents experienced a ransomware attack, and 83 percent paid the attackers. I’m not an alarmist, but these numbers certainly grab your attention.

Having led a managed security provider for the last six years, providing cyber protection for hundreds of major enterprises across many industries, including finance, healthcare, manufacturing, retail, services, infrastructure, hospitality, and others, we have seen many approaches, including many successes and some shortcomings.

MDR: Paving the Way to Cyber Resiliency

Minding the Gaps

I continue to see gaps in the fundamentals of successful cybersecurity programs. These gaps include updating firewall configurations, auditing policies regularly, applying policies such as deep packet inspection, or updating firmware and system policies on edge devices.

As an industry, we’re good at protecting against older attack vectors, the known knowns. Still, as we advance and increasingly migrate to the cloud, where day-to-day maintenance is off-loaded to third parties, the industry is no longer as diligent about remaining legacy elements of its environment.

Here are some questions to consider with your existing cyber tools:

• Have you deployed the latest agent version available on your endpoint detection?
• Perhaps you intentionally delay installing the latest software version because you don’t want your business to be a beta customer. Understood. But how many revisions are you behind? Is this n-2 applicable across all of your agents for that endpoint?
• Same questions on your firewall – when did you last audit your existing firewall policies and active rules or cloud compliance policies?
• Do you have any vulnerability scanning gaps? Authentication issues for authenticated scans? Connectivity issues with network scans? Scanning external assets that aren’t part of your environment?

None of these are the interesting or innovative areas of cybersecurity, but in the same way we develop tech debt in the coding world, we also develop security debt.  As an industry, we look to cyber tools to solve the next big thing that drops. For example, generative AI and hyperautomation are changing how cybersecurity is managed and coordinated. However, these exciting new technologies cannot solve every issue, including the security tech debt mentioned above.

The new generation of cybersecurity will leverage language models to meld disparate systems to get more value out of the tools you have already acquired. Managed Detection and Response (MDR) has become the glue of advanced detection and response. Cybersecurity is working, but it could be more consistent and more effective. It requires discipline, rigor, automation, innovation, continuous learning, and inspection.  MDR will continue evolving and will soon become the platform and intelligence engine that can direct swift, accurate responses, verify capabilities, and communicate the tactical and strategic upgrades needed. The new generation of MDR will enable enterprises to become cyber resilient.

The Challenge of Defending Expanding Attack Surfaces

The transformation of corporate networks has ushered in a host of new vulnerabilities and complexities. The expansion of internal and external attack surfaces has been driven by the widespread adoption of cloud infrastructure, Software as a Service (SaaS) platforms, the exponential increase in endpoints, and the prevalence of remote work arrangements. IBM’s State of Attack Surface Management report highlights that a staggering 67 percent of organizations have witnessed the expansion of their attack surfaces in recent years, with 69% falling victim to compromises through internet-facing assets.

As if these challenges weren’t daunting enough, critical threats are multiplying, spurred by the surging ransomware industry. Ransomware attacks, in particular, have become more brazen and destructive. The persistent threat of information-stealing malware, the exploitation of internet-facing vulnerabilities, and the infiltration of open-source code demand ongoing vigilance from organizations.

Alarming statistics reveal that a staggering 26,447 software security flaws occurred in 2022, with the number of critical vulnerabilities (CVEs) rising by 59 percent compared to the previous year.

New threats continue to evolve at an alarming pace. The market has experienced significant surges in new malware designed to steal sensitive information and increased credential-harvesting websites. Notably, GitHub source code repositories have become increasingly attractive attack surfaces, while container files persist as common vectors for delivering malicious software through social engineering tactics.

We expect the exploitation of vulnerabilities to persist as the primary method for gaining initial access, closely followed by phishing and credential abuse.

Interestingly, the global cybersecurity community’s willingness to share security research and analysis inadvertently provides cybercriminals with insights into their adversaries’ tactics, techniques, and procedures.

The Pivotal Role of MDR

Modern MDR services have emerged as the linchpin in bolstering organizations’ resilience against these multifaceted threats. These services provide highly effective, efficient, remotely delivered, and human-led Security Operations Center (SOC) functions, seamlessly integrating with existing cyber tools, internal teams, and operations.

One of the primary advantages of MDR providers is their ability to deliver continuous 24/7/365 SOC coverage, eliminating the need for internal staff to work night and weekend shifts. This results in constant monitoring, proactive threat hunting, and swift detection and response capabilities. As a result, organizations can identify and remediate cyber threats before they inflict significant damage.

The growth of standalone security tools, including Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), and Extended Detection and Response (XDR), has placed a considerable burden on security teams. Managing an average of 76 cyber tools in an enterprise has become daunting. MDR services excel when operating in close partnership with a customer’s internal security operations team. This collaboration leads to a high level of automation, enabling faster detection and response actions through predefined and custom escalation workflows, thereby significantly reducing risk.

MDR providers offer expert guidance for prioritizing threats according to the appropriate response level. They have become experts in harnessing machine learning, artificial intelligence, and automated tools to detect and rank threats. MDR providers enhance threat hunting and enable real-time investigation and response coordination, ultimately elevating a company’s security posture.

One of MDR’s core strengths, distinguishing it from other solutions, is its turnkey Threat Detection, Investigation, and Response (TDIR) capability. If you had $100,000 to invest in protecting your company’s brand, data and reputation, how would you invest it?

• Defense (Identity, Endpoint, Cloud, SIEM, Vulnerability Management)
• Detection (Endpoint, XDR, MDR)
• Response (MDR, Incident Response)
• Backup (Storage)
• Recovery (MDR, Incident Response, Internal or External Cyber Team)
• Insurance (increasingly expensive and complicated to obtain)

All are important, and a compelling argument can be made for each. Most likely, you cannot support all of these within your budget. If you start with the assumption that a breach is inevitable, then your investment strategy might shift. Cyber resilience, the ability to respond, withstand, and recover from a cyber attack, rises to the top of any priority list.

Cyber Resilience in a Dangerous Digital World

As organizations grapple with the formidable challenges of recruiting, training, and retaining qualified security experts to confront the unprecedented spread of cybercrime, managed security services such as MDR have emerged as indispensable assets. They fill a critical need for cyber resilience in an increasingly risky digital world, helping organizations navigate cyber threats’ intricate and evolving landscape with confidence and effectiveness.

The post MDR: Paving the Way to Cyber Resiliency appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of December 7. This curated list features identity management and information security vendors such as Quorum Cyber, OneSpan, 1Kosmos, and more.

Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.

Identity Management and Information Security News for the Week of December 7

Quorum Cyber Selects Scott Burman as Head of Advisory

This week, Scott Burman joins Quorum Cyber, a Microsoft Solutions Partner for Security, as Head of Advisory. With over 25 years of experience in providing professional services and strategic advisory in cyber security, Scott has a rich and varied background in advising customers from different sectors on how to best prioritize and manage their cyber risk and resilience. As a Chartered Engineer, former Chief Information Security Officer (CISO) and Global Cyber Risk Advisor, Scott has considerable multi-sector experience enabling and advising global organizations and governments on improving and maturing their information security, enabling their growth and resilience. He has a strong heritage in board advisory in the Financial Services sector and was an inaugural Technical Advisory Panel member for the UK Cyber Security Council. Prior to joining Quorum Cyber, Scott held the position as the Global Head of Cyber Risk Advisory for NCC Group, was a Senior Advisor to the National Cyber Security Programme and led his own professional services consultancy company advising FTSE-100 clients.

Read on for more.

OneSpan Introduces New Partner Network Program

OneSpan, a digital agreements security company, this week announced the launch of a new partner network program that now provides a comprehensive set of benefits that will “drive growth and help OneSpan partners deliver seamless and secure customer experiences.” Members of the global partner network can expand their security and e-signature portfolio with “market-leading” solutions, financial incentives, training, and certification, along with technical, sales, and marketing support.

Read on for more.

DOD Offices See Post-Quantum Cryptography as ‘Mission Critical’

Officials at the Department of Defense shed light on their agency’s plans to modernize their encryption infrastructure ahead of the anticipated advent of a fault-tolerant quantum computer, discussing familiar policy goals like private sector collaboration and supporting warfighter operations moving into 2024. Wanda Jones-Heath, the principal cyber advisor at the U.S. Air Force ​​said that updating the department’s encryption from classical cryptographic schemes to a network armed with post-quantum cryptographic standards. She said that this migration is “mission imperative” for the Air Force to ensure its cybersecurity defenses can handle emerging threats. “If we had not started this two years ago, we would be even further behind,” she said in remarks on a panel on Tuesday hosted by General Dynamics Information Technology. “Now we are again [in] a sense of urgency…this is a national security issue.”

Read on for more.

1Kosmos BlockID Adds Passwordless Authentication to Amazon Cognito

1Kosmos, a passwordless solutions provider, this week announced it has completed the integration of its 1Kosmos BlockID platform with Amazon Cognito. As an AWS Advanced Technology Partner, 1Kosmos allows Amazon customers to add passwordless multi-factor authentication (MFA) to their accounts. Customers can deploy and directly procure BlockID from the AWS Marketplace to implement phishing resistant passwordless MFA on AWS Cognito that delivers a frictionless user experience through non-spoofable, live biometrics with verified identity. The BlockID cloud service is designed to prevent identity impersonation, account takeover and fraud while delivering a “convenient, frictionless login experience.”

Read on for more.

Expert Insights Section

Watch this space each week as our editors will share upcoming events, new thought leadership, and the best resources from Insight Jam, Solutions Review’s enterprise tech community for business software pros. The goal? To help you gain a forward-thinking analysis and remain on-trend through expert advice, best practices, trends and predictions, and vendor-neutral software evaluation tools.

AI in the SOC: Should You Hire a Bot?

Steve Benton of Anomali takes a closer look at AI in the SOC and asks the burning question: “Should you hire a bot?” The possibility of AI has been inspiring for everyone, and, as a result, we’ve seen a rush by both consumers and enterprises alike to adopt AI-powered tools and gadgets. CISOs have had little time to think about how to best use AI, educate their employees about its benefits and risks or create and implement the proper security guardrails and policies. As a former CSO for a large global organization, I understand the enormity of the challenge. Yet implementing a complete company ban on the technology is not the answer. Instead of becoming the “Ministry of No”, CISOs need to be the “Ministry of How”, which begins by treating AI as a potential new hire to make sure it is the right fit for your organization.

Read on for more.

The Threat of Quantum Computing

Zibby Kwecka of Quorum Cyber examines the current and future states of quantum computing, and the inevitable threat of a quantum attack. The threat of quantum computing is very real, today. As of July 2022, 25 percent of Bitcoin and 66 percent of Ether are vulnerable to quantum attacks (Deloitte, 2023). These can be secured with action, however, even if a small number of these currencies are stolen, the market disruption may significantly devalue assets. Quantum computers have the potential to solve certain complex mathematical problems significantly faster than classical computers. One of the most notable implications is their ability to break encryption algorithms that rely on the difficulty of factoring large numbers or solving logarithm problems. There are theoretical methods to crack our current encryption methods that would be possible on a conventional computer, however widely inefficient. Quantum will allow the cracking of keys thousands of times more efficiently, making it possible to break today’s encryption in just a few cycles. Thankfully, for now, scale remains a problem for quantum computing. Once quantum computers become a tool that’s commercially available and matured, it’s expected attackers will take advantage of this to break current encryption methods, creating a significant risk to the security of our sensitive data. Using this technology as a platform for an attack is a concern for organizations, not just on the cryptography front. The threat of quantum computing becoming part of an actor’s offensive toolbox is likely. Taking advantage of decryption techniques, forging certificates, or its potential ability of rapid machine learning, could vastly speed up network recon and eavesdropping, and forging identities.

Read on for more.

The post Identity Management and Information Security News for the Week of December 7; Quorum Cyber, OneSpan, 1Kosmos, and More appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Steve Benton of Anomali takes a closer look at AI in the SOC and asks the burning question: “Should you hire a bot?”

The possibility of AI has been inspiring for everyone, and, as a result, we’ve seen a rush by both consumers and enterprises alike to adopt AI-powered tools and gadgets. CISOs have had little time to think about how to best use AI, educate their employees about its benefits and risks or create and implement the proper security guardrails and policies.

As a former CSO for a large global organization, I understand the enormity of the challenge. Yet implementing a complete company ban on the technology is not the answer. Instead of becoming the “Ministry of No”, CISOs need to be the “Ministry of How”, which begins by treating AI as a potential new hire to make sure it is the right fit for your organization.

AI in the SOC: Should You Hire a Bot?

Create a Job Description for Your AI-powered New Hire

Today we are seeing the rise of Hybrid SOCs, where AI-constructed analysts are working alongside human analysts. Unfortunately, we are seeing a lot of organizations create specifications for AI on the fly, which increases the risk and reduces the value of their investment. Instead, think of that AI-powered tool as a new person joining the team and first put together a job description that answers the following questions:

• What do you expect AI to do?
• How will it operate?
• How will AI work with other human analysts and/or other technology?
• What will it allow my analysts to do better?
• What skills and experience does it need to have to be effective in the organization?
• How do you plan to handle privacy?
• How are you going to train it?
• How are you going to look after it?
• If something goes wrong, how will you rebuild it?

Now that you understand the role the technology will play in your SOC, test it. Whenever CISOs recruit human analysts into their SOCs, they often will give them actual technical exercises to perform to prove that they’re going to be an asset in the security operation for that business. Why wouldn’t you do that before adopting AI into your SOC? Once the AI technology is adopted, just like an employee, gather feedback on its performance and identify other training needs they might have. Be sure to put in place an effective feedback loop.

AI Will Not Replace Humans

While AI can help analysts manage and prioritize the alert “merry-go-round” and other tedious tasks, it doesn’t mean you should replace human analysts with racks of machines. AI is just freeing up the human analysts to deal with bigger problems and actually get out ahead of the security threats and make the security posture more dynamic so it can flex based upon the threats that are coming towards the organization. AI has the ability to process vast amounts of information beyond human capacity.

There is no doubt that every SOC is constrained by the limitations of data they can humanly process – the rest – the ‘Dark Data’ – holds the full picture of threats, which means that SOCs are only ‘solving what they can see’. But with advances in big data and AI, actionable visibility into this Dark Data bonded with the latest threat intelligence is possible at machine speed. The insight from this is a game-changer!

Yet no matter how good we may think AI is, it is not a replacement for a human being. A human has the ability to think outside of a box that’s been defined for it, to intuit, and to make a leap that an AI-powered analyst might not make. Keep in mind that the bad guys will continue to be bad guys, i.e. bad humans, and they will be using AI, of course, to assist them in flexing, morphing, and modifying their attacks. Yet our adversaries will always have humans involved in part of their offense, so we should not disadvantage ourselves by taking humans out of the equation on the defensive team.

AI should never be in a position to unilaterally affect operations, especially those that involve other human beings, and potentially their safety. It needs to be used alongside humans, and humans need to be involved in what’s happening, including any key decisions that it is proposing, unless you have completely satisfied yourselves that there is no threat to the organization or any of its employees or customers.

The Future of AI in the SOC 

It is still early days for completely understanding all the possible use cases of AI in the SOC. I expect we will learn more as we continue to see greater collaboration among AI technology providers, security practitioners, and customers, who are using the tools to defend against persistent, fast-changing adversaries. I’m optimistic – I already see a lot of positivity in how AI is earning its place in the SOC and becoming more applicable and trustable.

The post AI in the SOC: Should You Hire a Bot? appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Zibby Kwecka of Quorum Cyber examines the current and future states of quantum computing, and the inevitable threat of a quantum attack.

The threat of quantum computing is very real, today. As of July 2022, 25 percent of Bitcoin and 66 percent of Ether are vulnerable to quantum attacks (Deloitte, 2023). These can be secured with action, however, even if a small number of these currencies are stolen, the market disruption may significantly devalue assets. Quantum computers have the potential to solve certain complex mathematical problems significantly faster than classical computers. One of the most notable implications is their ability to break encryption algorithms that rely on the difficulty of factoring large numbers or solving logarithm problems. There are theoretical methods to crack our current encryption methods that would be possible on a conventional computer, however widely inefficient. Quantum will allow the cracking of keys thousands of times more efficiently, making it possible to break today’s encryption in just a few cycles. Thankfully, for now, scale remains a problem for quantum computing.

Once quantum computers become a tool that’s commercially available and matured, it’s expected attackers will take advantage of this to break current encryption methods, creating a significant risk to the security of our sensitive data. Using this technology as a platform for an attack is a concern for organizations, not just on the cryptography front. The threat of quantum computing becoming part of an actor’s offensive toolbox is likely. Taking advantage of decryption techniques, forging certificates, or its potential ability of rapid machine learning, could vastly speed up network recon and eavesdropping, and forging identities.

The Threat of Quantum Computing

The Development State of Quantum Computing

Just because quantum computing isn’t here yet doesn’t mean we shouldn’t be aware of the risk. Data may already have been stolen, or ‘harvested’, for later yield. While it may not be currently feasible to decrypt your data yet, once it becomes a viable and affordable measure through quantum computing, harvested data and communication traffic could be decrypted. This may be assisted by projects from Microsoft and IBM aiming to offer cloud-based multi-quantum computing facilities on a consumption model.

The National Institute of Standards and Technology (NIST) has been calling for the development of encryption methods that would remain resistant to the advantages of quantum computing, with the first four quantum-resistant cryptographic algorithms announced back in 2022 (NIST, 2022). There is a future of using quantum computers to vastly improve our digital security, but there’s a risk of being in a very dangerous limbo between the threats posed and the future of greater security. Currently, there are several limitations preventing development at scale, which may take years to overcome.

The Inevitable Threat of a Quantum Attack

The most likely quantum attack would involve breaking cryptographic systems of communication methods we use today. This isn’t just a future problem; however, it’s happening already. The widely known ‘Harvest Now, Decrypt Later’ operations store stolen information that will later be decrypted using advanced technology. This might be years away, but depending on the sensitive information, it could still enable extortion against organizations or individuals. It’s a compelling argument to encourage businesses to purge old data that’s no longer required.

Future cyber-attacks will involve hybrid approaches that combine classical and quantum computing techniques. Quantum computers are great at operating in parallel states, and thus, it would be natural to apply them to fuzzing systems and finding vulnerabilities. The added fuzzing ability of quantum computers could drastically speed up attacks aiming to penetrate a system. Fuzzing tests programs by using numerous randomized inputs, and could be a perfect use for quantum machines.

The AI-Assisted Evolution of Post-Quantum Cryptography

Current RSA encryption relies on 2048-bit numbers. In 2019, quantum computers were only able to factor a 6-bit number. In 2022, that number only increased to 48-bits under a highly specialized environment (Swayne, 2022). There is the expectation within the next 10 years we could be at a point where current encryption methods are at risk. The current development is exponential (Deloitte, 2023). A recent mandate from the US Congress declares a 2035 deadline for quantum-resistant cryptography to be implemented (Executive Office of The President, 2022), but it could be sooner.

The exponential development of artificial intelligence (AI) underway may, at some stage, support scientists in solving some of the challenges currently faced. For a quantum computer to undertake a task the problem statement must be translated into a format a quantum computer can actually work with first. This is a laborious task, and hence apart from the high cost of entry to the quantum computing attacks because of the hardware costs, there is an even higher ongoing cost associated with translating targeted problem statements into something that can be tested. This is why cryptographic use cases are currently prevalent when quantum is discussed. They are repetitive, as we only use a handful of cryptographic algorithms to secure the digital world. However, AI will one day enable us to rapidly create translations of human-readable problem statements, and software to be tested, into the code that can be processed by a quantum computer, and this is when the full capabilities of this technology will be reached.

Preparing Yourself for the Quantum Future

There are several actions that should be considered:

• Stay aware of those impending cryptography-related risks and actively monitor quantum developments
• Review cryptographic management processes
• Maintain and update cryptographic algorithms
• Develop a roadmap for changes to cryptographic mechanisms required to keep organizational data safe
• Consider purging or taking off-line historical data where its main protection relies on encryption
• Consider user and machine authentications in the space where quantum computing is available on-demand.

Final Thoughts

To start using quantum machines to solve real-world problems, we feasibly need a machine capable of at least 1 million stable qubits (Microsoft, 2023). Currently, the qubits in existence suffer at scale for several reasons, one of which is quantum decoherence making each qubit only available for a short period of time. As far as research goes, we’ve only just reached over 100 qubits (Ball, 2021). Until these challenges are overcome the use of quantum computing is limited.

The post The Threat of Quantum Computing appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

A schedule of events for the Cybersecurity Insight Jam LIVE on December 5, the annual element of Solutions Review’s Insight Jam, an always-on community for enterprise technology end-users, experts, and solution providers.

What is Insight Jam?

Think of the Insight Jam as a continuous, ongoing, interactive tech event. The Insight Jam will always be here when you need answers to the questions that matter to your organization and your career. We’ve partnered with the leading industry experts, thought leaders, and analysts to live-stream a never-ending collection of Roundtable Events, Breakout Sessions, and Expert Podcasts. And Insight Jam is built on a community platform that powers unlimited discussions, posts, and polls that will bring you deeper into the enterprise technology conversation.

Your Insight Jam journey starts here and starts now. We encourage you to dive in, explore, share, and engage. Let’s challenge ideas, bring new perspectives and elevate our knowledge together.

Join the Fastest-Growing Enterprise Tech Software End-User Community

Solutions Review is the largest software buyer and practitioner community on the web. Our Universe of Influence reach is more than 7 million business and IT decision-makers, as well as C-suite and other top management professionals. Our readers primarily use us as an enterprise technology news source and trusted resource for solving some of their most complex problems.

Our collection of vendor-agnostic buyer’s resources helps buyers and practitioners during the research and discovery phase of a buying cycle. This critical stage of information gathering is where buyers narrow down the field of solution providers to a short-list they plan to engage. The mission of Solutions Review is to make it easier for buyers of business software to connect with the best providers.

Event Details: Cybersecurity Insight Jam LIVE on December 5, 2023

11:00 AM (EST): Executive Roundtable: Cybersecurity and The AI Executive Order, featuring Dwayne McDaniel of GitGuardian as moderator. This panel will examine the ins and outs of the AI Executive Order and how this affects the current and future landscape of cybersecurity. Panelists include: Brian Sathianathan of Iterate.ai, Daryan Dehghanpisheh of Protect AI, Josh Davies of Fortra’s Alert Logic, Luis Villa of Tidelift, and Mike Pedrick of Nuspire. Watch it on LinkedIn and YouTube!

12:00 PM (EST): Executive Roundtable: The Positive and Negative Impact of Generative AI on Cybersecurity, featuring Nima Baiati of Lenovo as moderator. This panel will examine the impact of Generative AI is having on cybersecurity… both the positive and the negative. Panelists include: Bobby Cornwell of SonicWall, Juan Perez-Etchegoyen of Onapsis, MacKenzie Jackson of GitGuardian, and Steve Winterfeld of Akamai Technologies. Watch it on LinkedIn and YouTube!

1:00 PM (EST): Executive Roundtable: Who Am AI? Identity Security in the Age of AI, featuring Dr. Mohamed Lazzouni of Aware as moderator. This panel will examine the world of identity security in the new age of AI. This includes deepfakes, authentication fraud, and other ways AI is being used by thieves. Panelists include: Alex Cox of LastPass, Carl Froggett of Deep Instinct, Nima Baiati of Lenovo, and Tim Callan of Sectigo. Watch it on LinkedIn and YouTube!

2:00 PM (EST): Executive Roundtable: Manipulating Generative AI Towards Malware and Other Malicious Behavior, featuring Nathan Vega of Protegrity as moderator. This panel will examine how exploitable Generative AI tools like ChatGPT really are, as hackers find new ways to generate new malware, phishing scams, and other malicious behavior. Panelists include: Anthony Green of OpenRep, Mike DeNapoli of Cymulate, Paul Laudanski of Onapsis, Ram Vaidyanathan of ManageEngine, and Dr. Ryan Ries of Mission Cloud. Watch it on LinkedIn and YouTube!

And that’s not all: Register for Insight Jam (free) to gain early access to all the exclusive 2024 enterprise tech predictions, best practices resources, and DEMO SLAM videos!

The post What to Expect at the 5th Annual Cybersecurity Insight Jam LIVE on December 5 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of November 17. This curated list features identity management and information security vendors such as Concentric AI, Securonix, SonicWall, and more.

Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.

Identity Management and Information Security News for the Week of November 17

Concentric AI Announces Partnership with Cohesity

Concentric AI, a data security posture management (DSPM) solutions provider, this week announced it has partnered with Cohesity, an AI-powered data security and management company, to integrate its Semantic Intelligence solution. This integration will benefit joint customers by making Concentric AI’s data security posture management capabilities readily available on the Cohesity Data Cloud.

Read on for more.

Securonix Appoints Scott Sampson as Chief Revenue Officer

This week, Securonix, a leader in SIEM solutions, announced the appointment of Scott Sampson as Chief Revenue Officer. With more than 30 years of client-focused leadership experience at global enterprise software companies, Sampson has a proven track record of driving profitable growth. He most recently served as the Chief Revenue and Commercial Officer at DailyPay, Inc., a leading on-demand pay solution provider. Prior to joining DailyPay, Sampson was the Senior Vice President of Worldwide Sales at 8×8, leading unified communications as a service (UCaaS) and contact center as a service (CCaaS) provider. Sampson was responsible for 8×8’s global mid-market and enterprise sales, and led its field organization and sales operations. In addition to serving as Chief Revenue Officer of NewVoiceMedia through its acquisition by Vonage, Sampson spent 10 years at IBM in North American and global enterprise sales leadership positions.

Read on for more.

SonicWall Acquires MSSP, Solutions Granted, Inc.

SonicWall, a global cybersecurity leader, this week announced the acquisition of Solutions Granted, Inc. (SGI), a top Managed Security Service Provider (MSSP). The acquisition reinforces SonicWall’s commitment to its valued partners and extends its portfolio to include U.S.-based Security Operations Center services (SOCaaS), Managed Detection and Response (MDR), and other managed services that are tailor-made for MSPs and MSSPs.

Read on for more.

Cloudflare Set for Back-to-Back Spotlights with Solutions Review

Network security solutions provider, Cloudflare, is set to appear in Solution Review’s Spotlight Series for back-to-back events, starting Monday, November 20th. Both events will be focused on different aspects of the HTTP/2 Rapid Reset DDOS attack.

Read on for more on the November 20th event.

Read on for more on the November 21st event.

Expert Insights Section

Watch this space each week as our editors will share upcoming events, new thought leadership, and the best resources from Insight Jam, Solutions Review’s enterprise tech community for business software pros. The goal? To help you gain a forward-thinking analysis and remain on-trend through expert advice, best practices, trends and predictions, and vendor-neutral software evaluation tools.

The Importance of Increased Visibility in the Cloud-First Era

Dave Stuart of Laminar Security, a Rubrik Company, shines a light on the importance of increased visibility in the cloud-first era. Put simply: you cannot protect or manage data that you don’t know exists. And staying in the dark about that data isn’t an option—not when regulations are tightening on what feels like a daily basis, and the costs of a data breach continue to soar. Like termites or black mold, data blind spots can wreck your operations from the inside before you’ve even become aware of the problem.

Read on for more.

The post Identity Management and Information Security News for the Week of November 17; Concentric AI, Securonix, SonicWall, and More appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Dave Stuart of Laminar Security, a Rubrik Company, shines a light on the importance of increased visibility in the cloud-first era.

Many businesses today are stranded in a perilous transition phase. They’ve invested heavily in a “cloud first” approach — dispersing their data across multi-cloud, SaaS, and on-premise elements — and have reaped the benefits that that model affords in terms of flexibility and analytical firepower. But this dispersal, coupled with the sheer scale of data most businesses are dealing with today, has come at the expense of visibility and security. As data proliferates at an unprecedented rate, businesses are struggling to get a handle on precisely where — or what — that data is and how they can protect it.

Put simply: you cannot protect or manage data that you don’t know exists. And staying in the dark about that data isn’t an option—not when regulations are tightening on what feels like a daily basis, and the costs of a data breach continue to soar. Like termites or black mold, data blind spots can wreck your operations from the inside before you’ve even become aware of the problem.

Accordingly, in 2023, discovery and classification processes are non-negotiable for cloud-first or hybrid businesses. These processes allow for the kind of comprehensive, 360-degree visibility into sensitive data risks, without which businesses will always be vulnerable.

The Importance of Increased Visibility in the Cloud-First Era

Data Discovery and Data Classification: A Quick Definition

Data discovery and data classification boil down, respectively, to the “where” and the “what” of a business’ far-flung data arrangements. Together, they yield the kinds of crucial contextual information that keeps data safe.

Again — and this cannot be overstated — it is the data you don’t know about that should concern you most. A proper data discovery process shines a light on every corner of your cloud operation, illuminating your public clouds, your warehouses, your SaaS applications, your cloud file shares, and your on-prem storage. This light reveals not just where the data is — important enough in and of itself — but, crucially, who has access to it and who is using it.

Once all of that data is identified, the classification process begins. This process goes deeper: now you will be determining what all this data is and generating judgments as to its sensitivity.

The insights that can be gleaned from this two-pronged process are manifold. For one thing, businesses can locate and tag their most sensitive data — like credit card numbers, social security numbers, and PII — while keeping careful track of how often it’s accessed and by whom. Most importantly, it can provide a desperately needed sense of the risk posture of your most sensitive data, allowing businesses to make security decisions that are both better controlled and more precisely targeted.

Why Data Discovery and Classification Matter

The damage — reputational, financial, and regulatory — that follows from improperly leaked data can be disastrous for a business. At the same time, no business can afford to spend all of its time on defense, and overzealous security measures can have the counterintuitive effect of slowing internal operations down and frustrating employees.

This is part of why data discovery and classification are so important— they allow businesses to set strict policies and erect guardrails around that data that needs to be protected. The contextual insights generated by data discovery and classification ensure a stronger security posture, better regulatory compliance, and enhanced privacy for both your business and its customers. And it’s important to note that this isn’t an abstract concern: in fact, 68 percent of security professionals say shadow data represents the biggest security risk facing businesses today.

Why Current Approaches Fail Businesses

Before detailing the benefits of automated data discovery and classification, it is worth outlining the shortcomings of some of the approaches currently in use to achieve the same ends.

There is, most commonly, the manual approach, in which security professionals are required to liaise across teams and departments to get up-to-date information on data usage. Twenty years ago, this approach might have been feasible. In today’s complex cloud environments — in which data proliferates exponentially, minute by minute — such an approach is completely untenable: it simply cannot scale at the pace required. In 2023, data classification and discovery are processes that far exceed the abilities of even a large, well-resourced IT team.

Homegrown data mapping tools have also proven popular to date, but these present their own problems, not the least of which are the valuable engineering resources squandered on building (not to mention maintaining) these tools. Time that could be better spent handling mission-critical tasks is instead wasted on configuring APIs. And cloud-provider options are generally no better, with their usefulness extending only to the borders of their own cloud: lacking passports into the clouds of other providers, they can only see part of the overall picture.

The Importance of Cloud-native Data Discovery and Classification Tools

Cloud-native data discovery and classification tools function much differently. The full, continual visibility they provide matches the dynamic nature of the cloud— and serves as an essential foundation for all cloud data security, governance, and privacy efforts.

On every front we’ve discussed so far—from heightened security posture to stricter regulatory compliance—cloud-native data discovery and classification technology provide superior functionality. Through autonomous and continuous scanning and fine-grained, AI-enhanced categorization, it allows businesses to proactively monitor the highest-risk data and do so at scale. It can seamlessly guide hardening or remediation efforts, thus drastically reducing the risk of breach or data exfiltration.

And that’s not to mention the fact that shadow data, more often than not, contains redundant, obsolete, and trivial (ROT) data, such as abandoned backups of discontinued applications. Cloud-native data discovery and classification technology automatically flags this ROT data and streamlines the disposal process. While this might seem less urgent than security or governance, it can actually be just as significant for your bottom line, with storage costs becoming an increasingly major expense for most businesses.

If data discovery and classification were once something “nice to have,” they have since firmly transitioned to the realm of must-haves. Businesses cannot afford to dwell in darkness, given that just a single blind spot can now wreak incalculable damage on a business’s bottom line, public reputation, and long-term prospects.

In the cloud era, full illumination is the only way forward— and automated data discovery and classification tools are the only way to get there.

The post The Importance of Increased Visibility in the Cloud-First Era appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Vaidotas Šedys of Oxylabs walks us through open-source intelligence: the essentials, monitoring threats from the dark web, and supplementing cybersecurity.

Interconnected digital technology advances at a rapid pace, and so do the tactics and strategies employed by malicious individuals, criminal groups, and even nation-states. The World Economic Forum predicts global cyber-crime will reach $10.5 trillion by 2025, forcing businesses and governments to look for next-generation solutions against emerging digital threats.

Unfortunately, deliberate criminal activity is only part of the challenge in this data-driven era. Costly leaks of sensitive data might happen due to simple human errors— in September, Microsoft’s data was leaked two times, not only disclosing the company’s plans for the next-gen Xbox but also exposing private employee data. As we already know, at least one of these events happened due to an accidentally misconfigured URL link.

Raising public awareness, educating employees, and implementing standard security measures (such as data encryption, multi-factor authentication, or routing traffic through VPNs) are good recommendations for increased organizational security. However, they are hardly enough today if one does not employ open-source intelligence.

Microsoft Data Leaks and the Importance of Open-Source Intelligence

What is Open-Source Intelligence?

Open-source intelligence, or OSINT, defines the efforts of collecting, analyzing, and utilizing information from publicly available web sources, including forums, libraries, open databases, and even the dark web. Though OSINT can be used to gather commercially important business information and perform market analysis, at Oxylabs, we usually use it in the context of cyber threat intelligence.

Cybersecurity companies that employ open-source intelligence crawl through thousands of sites, forum messages, and dark web marketplaces, looking for stolen personal credentials and other confidential information, such as source code or trade secrets. Monitoring these sources also helps identify insecure databases and domain squatting.

It might sound counterintuitive, but organizations often do not suspect that some of their sensitive data is lurking somewhere in the open cyberspace. As such, OSINT helps organizations find both unintentional data leaks and criminal data breaches. It can also aid in identifying insecure devices and outdated applications.

The breakthrough that OSINT brings to the cybersecurity landscape mostly comes from the fact it uses publicly available information, releasing cybersecurity organizations of a legally troubling necessity to scour through classified or restricted sources looking for criminal evidence. Moreover, modern data scraping solutions, combined with artificial intelligence (AI) and machine learning (ML), allow them to pull and analyze raw cyber intelligence in real time.

OSINT “Starter” Pack

To gather cyber threat intelligence, cybersecurity providers must scan thousands of URLs looking for specific client data— it can be corporate email addresses or phone numbers, company names, employee information, and technical details, such as access tokens or IP addresses. The company can be instantly alerted whenever compromised data becomes available in the public domain or the dark web.

It is important to note that companies might monitor not only data directly related to their business and employees but also their client data, alerting them in case their passwords or other sensitive information has been breached.

The biggest challenges here are those of scale and anti-scraping measures. First of all, the global “surface” web hosts about 6 billion websites, which is only the tip of the iceberg. The deep web, which isn’t indexed by search engines, is estimated to be 400 to 550 times as large. Scraping at such a scale requires powerful automation and ML-driven solutions to structure otherwise a massive mess of unstructured data that comes in various formats and languages.

Furthermore, threat actors today are technically advanced professionals, employing anti-bot measures that can include anything from honey-pots serving erroneous data to IP blocking that compromises real-time data flow. It means that cybersecurity companies have to employ resilient proxy networks together with adaptive scraping solutions to circumvent the blocks. With this in mind, it is well worth leaving OSINT efforts for cybersecurity professionals, especially if it involves monitoring the dark web.

Diving into the Dark

The dark web is a part of the deep web that is inaccessible to ordinary browsers and hidden by multiple proxy layers. Although there are legitimate actors that use this part of the internet, e.g., investigative journalists, law enforcement actors, and intelligence agencies, the dark web is mostly employed by criminals. This is where stolen private data, intellectual property, confidential information, drugs, and illegal weapons are sold.

As in the case of the surface web, dark web monitoring is performed with the help of custom crawlers and scraper bots. Surveilling the dark web is a valuable source of information about fresh data breaches and new cyber attack methods and vectors. It enables a faster incident response, closing the time gap between the data breach and the moment an organization becomes aware of it. For cybersecurity researchers, dark web monitoring also allows deep-diving into the newest cybercrime strategies.

However, even if your organization suffered a breach, it is definitely not recommended to scour the dark web looking for that data yourself — firstly, the dark web is difficult to navigate without prior experience. Secondly, even if you’re armed with proxy servers and VPNs, the risk of exposing your organization to malware and cyber attacks is still high. Therefore, it is always recommended to use “burner computers” for such tasks instead of devices connected to your corporate network.

Final Recommendations

Powered with modern scraping solutions and ML technology, open-source intelligence today allows cybersecurity companies to take a proactive approach to incident management and prevention. OSINT speeds up the detection of data leaks, cyberthreat hunt, and research on the newest criminal strategies.

However, it is important to stress that, although becoming an imperative for cybersecurity, OSINT cannot and shouldn’t replace standard security measures. Businesses should first of all ensure their sensitive data is actually safe. Removing unused access, updating passwords, using multi-factor authentication, working with reliable proxy and VPN providers, and periodically educating employees is the best way to make sure that your business data doesn’t end up as a Black Friday deal on some dark web marketplace.

The same applies to the recent hype around monitoring the dark web. Without denying the opportunities, the dark web surveillance opens up for professional cybersecurity researchers and threat hunters, for ordinary businesses out there, pulling valuable information from the surface web and integrating digital security best practices and standards into daily operations might be a more rewarding path to follow.

The post Microsoft Data Leaks and the Importance of Open-Source Intelligence appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. William Agadzi, advisor to Noname Security, serves as our guide through the digital storm with best practices for cybersecurity training in the new era.

Imagine the shockwaves reverberating through Retool, a developer platform, when they discovered a few weeks ago that they had been breached through an SMS-based phishing attack, impacting 27 of their cloud customers. The operational impact was significant; the reputational, financial, and legal impacts loom. Another recent example is the breach at Okta, where cyber-criminals used a stolen credential to access their support case management system, impacting some customers.

These incidents, amidst the turbulent waves of the shifting cybersecurity landscape, are far from isolated. Many organizations, relying on vendor-provided training modules, find themselves grappling with real threats that evolve faster than their defenses – and their training – can keep pace.

Navigating the Storm: A New Era of Cybersecurity Training and Defense

Email Threats in the Workforce

While the dangers of email phishing are well-acknowledged, the speed and sophistication of current threats can surpass the training content supplied by vendors. Only organizations that make it a priority to consistently update and adapt their training programs, using in-house or vendor-provided materials, have a shot at keeping abreast of the persistent threats. Such efforts often focus on the rank-and-file, teaching them how to be resistant to social engineering.  But that misses a key area: the need for specialized cybersecurity training for company software developers and engineers who run and maintain the company’s infrastructure. Their coding expertise may be superb but their security awareness and ability to avoid introducing security vulnerabilities, can be uncertain.  It is essential to ensure they are armed with the latest cybersecurity best practices, and that their own performance in adhering to those practices is monitored, measured, and fed back to them to achieve a cycle of continuous improvement. Thus, security training must include their supervisors if the full benefits are to be realized.

Let’s focus for a moment on email as a mechanism for social engineering attacks.  Owing to the pervasive nature of phishing, leading email service providers have bolstered their defenses with tools to detect and quarantine malicious content. Implementations like Domain-based Message Authentication, Reporting, and Conformance (DMARC) have become key in authenticating email sources, presenting hurdles for attackers attempting to spoof addresses. But to work, DMARC requires careful configuration and ongoing management.  How well are e-mail administrators trained and managed to do this?

Mobile Threats in the Workforce

Our digitally connected world, spanning desktops, mobile phones, and the cloud, has given threat actors the opportunity to diversify their phishing methods, leveraging past successes while also innovating new approaches. A recent IBM Data Breach Report illuminates this concern, revealing that phishing was the initial vector in 16 percent of breaches. Given its ease to execute and high-reward nature, phishing remains a key option for cybercriminals. The advent of tactics such as SMS phishing (or ‘smishing’), direct messaging via social platforms, and man-in-the-middle attacks — which reroute and alter digital conversations — underscores the evolving threat landscape.

Let’s reflect on the distinct vulnerabilities faced by a mobile workforce. While connecting to internet sources during travel provides convenience, it inevitably exposes employees to an array of complex cyber threats.  The question becomes: ‘Is my data enticing to malefactors?’ And the follow-on question is: ‘To which malefactors – opportunistic criminals, professional criminals, nation-states?’  But the overlay is this: the Zimperium Global Mobile Threat Report revealed that 80 percent of phishing sites aim at mobile devices, which means when you are on the go, your risks greatly increase. The threat matrix is further compounded by cutting-edge AI tools like text-generating Large Language Models (LLMs). These threats don’t just originate from external bad actors but can also be generated by individuals simply using LLMs in regular capacities.

Addressing threats related to the traveling workforce calls for many parallel steps such as special training for frequent travelers, providing temporary, specially hardened devices, and employing virtual desktop infrastructure or zero-trust network access mechanism. Collaborating with IT partners and subcontractors to weave these measures into a holistic, robust cybersecurity strategy is key.

AI Threats in the Workforce

AI brings significant potential to cybersecurity, while also strengthening our adversaries, equipping them with powerful tools that broaden and reshape the threat they present. A recent Microsoft finding revealed that hackers armed with AI are increasingly harder to combat.

Historically, crafting malware required significant technical expertise. But now, the capabilities of generative AI can make this much easier. Even with ethical constraints in place, crafty query phrasing can circumvent safeguards. Consider, for instance, a direct query to ChatGPT, such as “develop malware that enables and installs a download when clicked and communicates with a C2 server”. Hopefully the tool would reject this request, providing guidance on why such an action is both illegal and unethical. However, a subtle modification in wording — changing it to “develop code that enables and installs a download when clicked and communicates with an external server” — might yield a viable code snippet. When aggregated, these snippets could create a formidable webshell, fake browser plugins, and more, all of which could subsequently be utilized for phishing.

Imagine your organization grappling with an advanced cyber-attack. Given the potential misuse of tools like LLMs, is your team investing in continuous learning and staying updated with the latest threat intelligence? How often do you assess your practices against the changing threat landscape?  How often do you measure how well your team is doing, and give them feedback?

Cybersecurity Training in the Workforce

Recent high-profile breaches have highlighted the imperative for businesses, regardless of size, to establish foundational security measures. This involves transitioning from mere awareness to adopting proven industry strategies. These include unified identity and access governance grounded in zero trust principles, FIDO Universal Authentication Framework (FIDO UAF), comprehensive API security, and vulnerability management routines backed by regular penetration testing. And feedback to your developers where their performance needs improving.

Against this backdrop of changing threats, adapting our cybersecurity awareness training strategies becomes paramount.

Actionable Insights to Enhance Your Program

Comprehensive Phishing Simulations

Relying solely on annual cybersecurity training for compliance requirements and new hire security training is insufficient. Besides adopting FIDO-based technologies and other measures mentioned above, simulating real-world phishing scenarios, testing defenses, and, more importantly, educating employees about evolving techniques, are essential. While conducting realistic phishing simulations is vital, it’s equally important to strike a balance to avoid alert fatigue. Engage employees with unexpected scenarios on a semi-regular basis, rather than frequent, predictable tests. This approach ensures that each simulation offers fresh, insightful learning experiences, preserving both its shock value and educational impact. The approach should encompass a spectrum of potential threats, from email phishing to smishing.

Along with conducting phishing training for new hires, simulations should be done at least quarterly, and users who fail must be counseled to ensure they understand what they did wrong; recidivists may need management intervention. Simulated smishing tests should also be performed, specifically targeting mobile devices utilized for accessing enterprise accounts and data. Streamline phishing reporting by implementing, for example, a one-click reporting mechanism within email clients or mobile devices to motivate full and consistent user reporting.

Motivating User Engagement

Security training can be dull for employees– an unfortunate fact of life. It’s essential to adopt a user-centric approach, blending crucial security protocols with engaging usability. Fortunately, numerous vendors offer a range of training modules, all emphasizing brevity and engagement. Opt for training sessions that employ game-playing techniques, ensuring that each session doesn’t exceed a comfortable interval (usually around a half an hour).

From the author’s firsthand experience through years of implementing security awareness training, a clear trend has emerged. Participation in the training more than doubles during the first week of its rollout when attendees are given a chance to win incentives, such as gift cards or gadgets if they complete the training early or get especially high marks. However, in the absence of tangible rewards or a system that ties training completion to annual reviews, the burden of ensuring compliance can come to rest on the security team when it should reside on the supervisors of the employees, who are accountable for subordinate compliance in all areas of corporate policy. Why should information security be treated any differently?

The culture of cybersecurity is also molded by leadership actions, especially at the C-level. Consider the widespread impact of a CEO saying that he is holding his own subordinates accountable for ensuring compliance with the upcoming annual cybersecurity awareness training. When the head of the organization says that this topic is on his or her radar, that should send a powerful message.

Promoting Ethical AI Usage

AI technologies, while promising transformative benefits, also introduce serious ethical challenges, and especially regarding cybersecurity. In this domain, AI can, for example, craft highly believable phishing emails or other social engineering strategies. Addressing these concerns demands a clear understanding of AI ethics among employees. This includes direct education about AI’s responsible use and the potential repercussions of misuse. To champion ethical AI practices, organizations might consider establishing AI ethics committees. Comprising members from various departments, these committees would oversee adherence to ethical standards and facilitate regular workshops.

Moreover, implementing a robust AI use policy, similar to acceptable use policies for other IT resources, provides a foundational guideline for ethical conduct. Within a comprehensive cybersecurity awareness strategy, conducting regular audits on how AI tools are used can help ensure their ethical and secure application. Such checks can highlight areas where training modules might need enhancement, guaranteeing a workforce adept at using AI both safely and ethically. It’s imperative to cultivate an organizational culture that not only recognizes AI’s potential and associated risks but also promotes its secure and ethical utilization.

Looking Ahead

The evolving threat landscape is rife with challenges, but it also brings with it advanced tools and strategies for better defenses. As threat vectors diversify and strengthen, the importance of cultivating a security-first mindset becomes paramount. This mindset is not just about erecting barriers; it’s about ensuring our training and awareness strategies adapt to shield and provide real security benefits to businesses.

Building a cyber-aware culture is not a destination; it’s an ongoing journey that demands the right tools, commitment, and agility. By adopting techniques like continuous phishing simulation, user incentives, and ethical use of AI tools, organizations can not only protect their assets and reputation but also ensure that their security strategy seamlessly integrates with their overarching business vision.

In this fast-paced digital era, we must ask: Is your organization simply reacting to cybersecurity threats and incidents, or proactively fortifying its defenses? In cybersecurity, mere defense isn’t enough; we must stay steps ahead. By adopting the strategies outlined here, you can elevate your organization from secure to cyber-resilient.

The post Navigating the Storm: A New Era of Cybersecurity Training and Defense appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Expert Roundtable with Dig Security and Cohesity is entitled: How AI Impacts Cloud Security.

What is an Expert Roundtable?

Solutions Review’s Expert Roundtables are exclusive webinar events for industry professionals across enterprise technology. Since its first virtual event in June 2020, Solutions Review has expanded its multimedia capabilities in response to the overwhelming demand for these kinds of events. Solutions Review’s current menu of online offerings includes the Demo Day, Solution Spotlight, best practices or case study webinars, and panel discussions. And the best part about the “Expert Roundtable” series? They are free to attend!

Why You Should Attend

Solutions Review is one of the largest communities of IT executives, directors, and decision-makers across enterprise technology marketplaces. Every year over 10 million people come to Solutions Review’s collection of sites for the latest news, best practices, and insights into solving some of their most complex problems.

With the next Expert Roundtable event, the team at Solutions Review has partnered with Dig Security, Cohesity, and data strategy consultant David Loshin to explore how AI impacts cloud security.

Speakers

Moderator:

• David Loshin – Data Strategy Consultant @ Knowledge Integrity

Featured Speakers:

• Dan Benjamin – CEO @ Dig Security
• Greg Statton – Office of the CTO – Data & AI @ Cohesity

About

Knowledge Integrity is globally recognized as a leader in the business value assessment of information and data. We are trusted by our clients to devise programs supporting all aspects of the data and information lifecycle, including analytics, data science, data governance, metadata management, data quality, master data management, and business intelligence practices.

Dig Security is a cloud data security startup that provides real-time visibility, control, and protection of data assets. Monitoring and detecting data exfiltration and policy violations has become a challenging problem with few, fragmented solutions as enterprises transition to complex settings with dozens of different database types across clouds.

Cohesity is a data management company that manages, protects, and extracts value from enterprise data. The provider’s flagship tool, Cohesity DataProtect, safeguards a wide range of data sources on a single web-scale platform. The solution can be deployed on-premises on qualified platforms in the data center, public cloud, and on the edge.

FAQ

• What: How AI Impacts Cloud Security
• When: Tuesday, November 7, 2023, at 12:00 PM Eastern Time
• Where: Zoom meeting (see registration page for more detail)

Register for Solutions Review’s Expert Roundtable FREE

The post What to Expect at Solutions Review’s AI Expert Roundtable with Dig Security & Cohesity on November 7 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.