A schedule of events for the Cybersecurity Insight Jam LIVE on December 5, the annual element of Solutions Review’s Insight Jam, an always-on community for enterprise technology end-users, experts, and solution providers.

What is Insight Jam?

Think of the Insight Jam as a continuous, ongoing, interactive tech event. The Insight Jam will always be here when you need answers to the questions that matter to your organization and your career. We’ve partnered with the leading industry experts, thought leaders, and analysts to live-stream a never-ending collection of Roundtable Events, Breakout Sessions, and Expert Podcasts. And Insight Jam is built on a community platform that powers unlimited discussions, posts, and polls that will bring you deeper into the enterprise technology conversation.

Your Insight Jam journey starts here and starts now. We encourage you to dive in, explore, share, and engage. Let’s challenge ideas, bring new perspectives and elevate our knowledge together.

Join the Fastest-Growing Enterprise Tech Software End-User Community

Solutions Review is the largest software buyer and practitioner community on the web. Our Universe of Influence reach is more than 7 million business and IT decision-makers, as well as C-suite and other top management professionals. Our readers primarily use us as an enterprise technology news source and trusted resource for solving some of their most complex problems.

Our collection of vendor-agnostic buyer’s resources helps buyers and practitioners during the research and discovery phase of a buying cycle. This critical stage of information gathering is where buyers narrow down the field of solution providers to a short-list they plan to engage. The mission of Solutions Review is to make it easier for buyers of business software to connect with the best providers.

Event Details: Cybersecurity Insight Jam LIVE on December 5, 2023

11:00 AM (EST): Executive Roundtable: Cybersecurity and The AI Executive Order, featuring Dwayne McDaniel of GitGuardian as moderator. This panel will examine the ins and outs of the AI Executive Order and how this affects the current and future landscape of cybersecurity. Panelists include: Brian Sathianathan of Iterate.ai, Daryan Dehghanpisheh of Protect AI, Josh Davies of Fortra’s Alert Logic, Luis Villa of Tidelift, and Mike Pedrick of Nuspire. Watch it on LinkedIn and YouTube!

12:00 PM (EST): Executive Roundtable: The Positive and Negative Impact of Generative AI on Cybersecurity, featuring Nima Baiati of Lenovo as moderator. This panel will examine the impact of Generative AI is having on cybersecurity… both the positive and the negative. Panelists include: Bobby Cornwell of SonicWall, Juan Perez-Etchegoyen of Onapsis, MacKenzie Jackson of GitGuardian, and Steve Winterfeld of Akamai Technologies. Watch it on LinkedIn and YouTube!

1:00 PM (EST): Executive Roundtable: Who Am AI? Identity Security in the Age of AI, featuring Dr. Mohamed Lazzouni of Aware as moderator. This panel will examine the world of identity security in the new age of AI. This includes deepfakes, authentication fraud, and other ways AI is being used by thieves. Panelists include: Alex Cox of LastPass, Carl Froggett of Deep Instinct, Nima Baiati of Lenovo, and Tim Callan of Sectigo. Watch it on LinkedIn and YouTube!

2:00 PM (EST): Executive Roundtable: Manipulating Generative AI Towards Malware and Other Malicious Behavior, featuring Nathan Vega of Protegrity as moderator. This panel will examine how exploitable Generative AI tools like ChatGPT really are, as hackers find new ways to generate new malware, phishing scams, and other malicious behavior. Panelists include: Anthony Green of OpenRep, Mike DeNapoli of Cymulate, Paul Laudanski of Onapsis, Ram Vaidyanathan of ManageEngine, and Dr. Ryan Ries of Mission Cloud. Watch it on LinkedIn and YouTube!

And that’s not all: Register for Insight Jam (free) to gain early access to all the exclusive 2024 enterprise tech predictions, best practices resources, and DEMO SLAM videos!

The post What to Expect at the 5th Annual Cybersecurity Insight Jam LIVE on December 5 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

For Cybersecurity Awareness Month, the editors at Solutions Review have compiled a list of comments from some of the top leading industry experts.

As part of Cybersecurity Awareness Month, we called for the industry’s best and brightest to share their comments. The experts featured represent some of the top Cybersecurity solution providers with experience in these marketplaces, and each projection has been vetted for relevance and ability to add business value.

A number of thought leaders were presented with this prompt: What are some overlooked cybersecurity best practices people take for granted/easily forget? Things that might be obvious to experts but not to the average enterprise user. Or best practices that are so obvious when you say them out loud, but are often forgotten.

Here’s how they responded, along with some general responses from other experts and thought leaders, for Cybersecurity Awareness Month.

37 Cybersecurity Awareness Month Quotes from Industry Experts in 2023

Éric Leblond, Co-Founder and Chief Technology Officer at Stamus Networks

A frequently underestimated and sometimes undervalued component of enterprise security is the pivotal role of network detection and response (NDR) systems. Frequently, security teams opt to implement an endpoint detection and response (EDR) system as their initial enterprise-wide threat detection technology and later introduce (NDR) if and when budget allows. And while EDR can play a crucial role in detecting and responding to specific threats within an organization, it comes with some limitations including the inability to install EDR on every single endpoint, the ability for threat actors to evade endpoint agents, and the ability for mechanisms like DNS tunneling to remain concealed from endpoint detection systems.

Organizations should consider these limitations when implementing EDR solutions and should consider integrating EDR with NDR to unite endpoint-level data with network-level data to enhance the overall threat detection capabilities of both systems.

By combining endpoint telemetry with network traffic analysis, organizations can detect advanced threats that span across multiple devices and network segments. Additionally, the contextual information provided by both EDR and NDR enhances incident response capabilities, enabling faster and more accurate response to security incidents.

Sanjay Bhakta, VP of Solutions at Centific

One of the most often overlooked cybersecurity best practices is software updates and upgrades to IT systems, devices, and browsers. Consumers and businesses alike may benefit by updating and upgrading their browsers, system patches, operating systems, and applications. The infamous WannaCry ransomware is an example of the ramifications that could have been prevented with the software update made available weeks prior to the exploitation from the malware attack. Caveat emptor, regarding emails indicating compromised security vulnerability or URLs that automatically update their software across their devices by providing a simple login and password. Obviously, the latter is more of a phishing attack.

There’s an opportunity cost of updating software immediately or delaying the decision. Unfortunately, the average person deprioritizes updates, attributing a lower probability of occurrence for an attack. Updates are perceived as disruptive to the fabric of our daily routines, equating it to time, effort, and/or money involved. From experimentations, it appears only 17 percent of users on average install updates on the day they’re available, 53.2 percent install within one week, with the rate significantly declining after 102 days, while 35 percent of experts consider updates as one of the top three actions performed to stay safe.

Consumers and businesses may opt-in for automated updates, more importantly digital citizens should be educated on the sources and rational of updates, such as visiting CISA, MITRE ATT&CK, NCA, Norton, NSA, as well as subscribing to notifications or alerts from the state government(s), financial services provider, network provider, retailer, and/or telecom or mobile provider. Businesses should further institutionalize a rigorous SecOps practice, interleaving proactive tactics using AI and Gen AI for predicting security vulnerabilities, ethical hacking, and social engineering measures, solidifying their effectiveness.

Dan Draper, Founder and CEO of CipherStash

Very few companies actually protect data– they only protect the systems, such as databases and warehouses, where data is stored. The problem is that data never stays in one place for very long. Data science teams run reports, DevOps teams export and load data into multiple different systems, and eventually sensitive data ends up in a spreadsheet on an executive’s laptop. Because 82 percent of data breaches start with an attack on an individual, applying protections at the system level is quite simply not sufficient to prevent breaches. Protecting data directly using encryption-in-use technology ensures that access controls remain in place, even as data moves across the organization. It hasn’t been practical in the past but technology is now at the point where there are really no excuses for implementing data-level protections.

Igor Volovich, VP of Compliance Strategy at Qmulos

Compliance, often relegated to a retrospective check-box exercise, actually holds untapped potential as a real-time risk intelligence source. In the rush to adopt the latest cybersecurity tools, many organizations overlook the strategic advantage of leveraging the consistency and breadth of compliance frameworks. By embracing compliance automation, we can operationalize this function, bringing it in sync with real-time security operations and threat intelligence. This not only provides a holistic view of the organization’s security posture but also eliminates the subjectivity that often clouds security strategy decisions. It’s a simple truth: When we align compliance with our real-time cybersecurity efforts, we transform it from a mere regulatory obligation to a proactive, strategic powerhouse.

The cyber landscape is vast, intricate, and constantly evolving. CISOs today face an overwhelming challenge: they’re expected to balance priorities across business objectives, risk management, security imperatives, compliance demands, and regulatory mandates, all while contending with adversaries wielding asymmetric threats of escalating scale and complexity. In this high-wire act, consistency in executive decision-making often falls by the wayside, leading to reactive strategies and misaligned resource allocations. The prevailing focus on the latest security trends and the reactive nature of many strategies only adds to the quandary. However, what’s frequently overlooked is the comprehensive nature of compliance frameworks. These frameworks, if leveraged correctly, can cut through the chaos and provide a grounded, consistent lens to view and manage cyber risks. Transitioning from viewing compliance as just a historical reporting obligation to using it as a real-time enterprise risk posture analytics tool can be transformative. With compliance automation at the helm, CISOs can gain the clarity and insight they need for data-driven, proactive decision-making, and strategic alignment, easing their monumental balancing act.

Greg Ellis, General Manager, Application Security at Digital.ai

We are trained at work on phishing awareness, password hygiene, and other general security measures but then we fail to take similar measures in our home environments. Often these home environments, and sometimes even the home devices are being used to connect to enterprise networks when things come up quickly late at night or on the weekend. It is equally important to take good cybersecurity measure at home including such items as:

• using a password manager to regularly update and use unique passwords
• update firmware regularly on routers and WiFi devices
• partition a guest network separately from your home network on your WiFi
• think about whether smart devices (such as TVs) should be on your home network or a guest network
• regularly check for and apply firmware updates on smart devices
• regularly check for and apply updates to operating systems and applications (on both desktop and mobile) devices
• regularly back up your desktop and mobile devices to a separate drive or cloud system that is not connected all the time to your network (this helps reduce likelihood of random ware propagating to other drives)
• teach your family about phishing awareness and any children about internet safety

Again, many of us are exposed to this mindset in our enterprise environment but quite often fail to bring these best practices home.

Andre Slonopas, Cybersecurity Department Chair at American Public University System

Strong Passwords: Despite a simple rule, many users use weak or repeated passwords across platforms. If credentials are overused, this makes brute-force password decryption simpler for criminals and facilitates platform infiltration. For security purposes, users should use password management tools to generate and store complex passwords. Changing passwords frequently and employing a combination of letters, numbers, and special characters can protect data.

Multi-factor Authentication (MFA): MFA makes unauthorized access difficult by requiring two verifications. A malicious party could acquire the password, but verification would require a fingerprint, mobile device, or hardware token. MFA prevents fraudsters from targeting vulnerable accounts, thereby enhancing the security of the internet.

Patch regularly: People delay enhancements because they are unaware that they resolve security issues. Malware and other hazards can penetrate vulnerabilities that are not addressed. Installing updates promptly may prevent vendor-resolved software issues. Regular updates enhance the user experience and system security by enhancing system functionality and performance. Whenever possible, configure software to update automatically to avoid delays.

Hanan Hibishi, Assistant Teaching Professor at the Information Networking Institute at Carnegie Mellon University

Reusing passwords: People continue to reuse/recycle their old passwords, which is an intuitive practice if one relies on memorizing passwords. Many recent attacks take advantage of users reusing the same password for multiple systems (Colonial Pipeline is a good example). On the other hand, telling users not to reuse passwords seems to be impractical because there is a limit to how many passwords a human can recall from memory, and users typically have accounts on numerous systems (beyond a handful).

For a more practical approach, I recommend that users use password managers, software that organizes user accounts and passwords and generates stronger passwords for users. Filling out account credentials is now easier (with a click instead of typing long strings of text), and it is a more secure approach than memorizing passwords. In addition, users can leverage single sign-on when possible. Instead of creating profiles and accounts on many systems, choose to log in with existing credentials if that is an option when creating an account.

Kayne McGladrey, IEEE Senior Member

When CISOs work with go-to-market teams, cybersecurity transforms from a mere cost center into a valuable business function. This change is crucial in B2B interactions where robust cybersecurity controls offer a competitive advantage. A centralized inventory of cybersecurity controls, grounded in current and past contracts, helps businesses gauge the financial impact of these partnerships. This inventory also identifies unnecessary or redundant controls, offering an opportunity for cost reduction and operational streamlining. By updating this centralized list after the termination of contracts, the business can further optimize both its security posture and operational costs. This integrated strategy empowers the business to make well-informed, data-driven decisions that enhance profitability while maintaining robust security controls.

Max Shier, CISO at Optiv

Because we all have a lot on our plate are moving fast to get everything done, it’s worth reminding employees they need to slow down when reading emails and text messages and when listening to voicemails. The social engineers who craft phishing, smishing and vishing attacks are banking on the fact people are busy and likely going to overlook red flags. Employees should be reminded if an attempted social engineering attack is received, they need to report the suspected attack to security as there may be others receiving the same messages.

Along the same lines, even though software and device updates always seem to come at the worst times, the importance of updating immediately cannot be overstated. Updates not only enhance features, but they also provide security patches to address known vulnerabilities. Every minute those vulnerabilities are left unpatched is another minute that threat actors have an open door onto the network.

Jerome Becquart, Chief Operating Officer at Axiad

One area security teams can overlook or tend to put less emphasis on is account recovery. When deploying MFA, organizations tend to focus their time and efforts mainly on the authentication experience. However, they do not spend enough time defining secure, user friendly account recovery workflows such as when a MFA method is not available or does not work for an end user. This typically results in not only a bad user experience, but also weaker security overall for the company.

Scott Gerlach, CSO and Co-Founder of StackHawk

With new technology, comes new attack vectors, new attack types, and new problems for security teams to learn, understand, and keep up with. With the speed and deployment of APIs growing insanely fast, and the historically unbalanced ratio of AppSec teams to Developers (1:100), to say it’s a challenge for security teams to keep pace with development is an understatement. Utilizing a developer-first philosophy that acknowledges the pivotal role software creators have with cybersecurity efforts, and bridging that gap between AppSec and engineering is critical to ensure the safe and secure delivery of APIs and applications to production. Bring the right information to the right people at the right time to help them make decisions!

Joni Klippert, CEO and Founder of StackHawk

Viewing security as either a hindrance or a reactive measure doesn’t promote the timely delivery of secure software. With organizations relying heavily on APIs to power their applications, recent research from ESG underscores how this dependency can exacerbate security risks. As development and release cycles for APIs continue to accelerate, we’ll see more challenges as feedback loops for fixes overload developers, and AppSec teams are unable to scale. Organizations need to focus on adopting the right security testing mechanisms and empower the teams that develop code to help prioritize the finding and fixing of security bugs before moving to production.

Manu Singh, VP of Risk Engineering at Cowbell

Bad actors are becoming more sophisticated and clever with their approach to using emerging technologies to launch cyberattacks. The evolving cyber threat landscape is making it more difficult for organizations to defend themselves against convincing phishing emails and malicious code generated by AI.

The most important thing that organizations can learn from Cybersecurity Awareness Month is to take a proactive approach to protecting their information assets and IT infrastructure. To do this, organizations should consistently educate and promote awareness of the latest threats and risks they may face. From there, this education should transform to best practices each employee can adopt to reduce exposure to a cyber event. This promotes a culture of security rather than placing the responsibility on IT or security personnel. Organizations as a whole have the responsibility to secure and protect against the cyberthreats they face.

Dan Benjamin, Co-Founder and CEO at Dig Security

Cloud data assets are a prime target for cyberattacks, but the legacy solutions can no longer cope with the variety and volume of fragmented data held by organizations on multiple cloud environments. Organizations need data security solutions that fit the speed of innovation in the cloud without impacting their business, to address time to detect and respond to an incident; reduce the amount of shadow data; and minimize the growing attack surface. To avoid data exfiltration and data exposure, today’s organizations must take a data first approach to cloud data security. This Cybersecurity Awareness Month, enterprises should prioritize adopting solutions that deliver real-time data protection across any cloud and any data store, in order to reduce data misuse, achieve compliance, and prevent ransomware attacks or data breaches.

Randy Watkins, CTO of Critical Start

Cybersecurity Awareness Month has traditionally focused on educating consumers, who are often susceptible as targets of opportunity, where there is a high likelihood of success, but a low yield. While some of the typical security reminders and best practices can transcend the workplace to create a culture of security, we should also use this opportunity to highlight additional areas of education:

• Board Level – A litany of cyber regulations has been proposed or approved on everything from breach disclosure to board membership. Educating the board on the organizations current cyber posture, impact on risk, coming regulations, along with the plans team to accommodate the regulation can help get buy-in early and show the value of security to the organization.
• End Users – Go beyond phishing education and inform your users of the people, procedures, and products that are being used to protect them. With the understanding of the investment made by the organization, others may look to see how they could be good stewards of cyber posture.
• The Security Team – It’s time for the teachers to become the students. While cybersecurity education programs target the “riskiest attack surface of the organization” (end users), it is important to obtain feedback from those end users on how security practices and technology could be more effective.

Darren Guccione, CEO and Co-Founder of Keeper Security

Let’s face it– it may be time to change the name of Cybersecurity Awareness Month to Cybersecurity Action Month. Sadly, individuals and businesses around the globe are already all too aware of the pain and damage that cyberattacks can inflict.

This October, organizations should take action by prioritizing adoption of solutions that prevent the most prevalent cyberattacks, including password and Privileged Access Management (PAM) solutions. These highly effective tools offer robust cybersecurity protections, and next-gen, cloud-based versions of these solutions are accessible to any-size organization, regardless of their budget or available resources. According to recent research, PAM products give 91 percent of IT leaders more control over privileged user activity, decreasing the risk of insider and external breaches.

In addition to prevention, organizations must prepare and secure their systems to mitigate threats and minimize the impact on systems, data and operations. The most effective method for minimizing sprawl if an attack does occur is investing in prevention with a zero-trust and zero-knowledge cybersecurity architecture that will limit, if not altogether prevent, a bad actor’s access.

John Gallagher, Vice President of Viakoo Labs

CISA chose a great theme with “Secure Our World”. The focus for anyone with network-connected IoT devices is on “Our” – meaning that IoT cybersecurity is a shared responsibility. Organizations can embrace the “Secure Our World” theme by creating an ongoing dialogue between the operators of IoT devices (the lines of business within a company) and organizations like procurement and IT who can help source IoT devices that are cyber secure and help maintain them.

It’s not “Secure Our Datacenter” or “Secure Our Computers” – it’s “Secure Our World”, which means organizations should be looking beyond computers and core applications to every network-connected device, such as IoT, and asking if that device has a plan and means to become and remain secure with the least human effort needed.

If I was to add one more word to this year’s theme it would be “Automatically”. “Secure Our World Automatically” challenges organizations to improve the speed of security operations and relieve humans of tedious tasks like patching, rotating passwords, and screening for phishing attempts. Rapidly closing the window of opportunity that a threat actor can operate in is key to securing our scaled out, geographically sprawled attack surfaces of IT, IoT, OT, and ICS.

Kris Lahiri, Co-Founder and Chief Security Officer of Egnyte

In today’s hybrid work environment, prioritizing cybersecurity is critical. Cyber threats are intensifying, with severe and long-lasting impacts on businesses. Yet, many organizational leaders still remain in the dark when it comes to protecting and managing their content. As we observe Cybersecurity Awareness Month, it’s important to remember that cybersecurity is not just about checking boxes. The frequency and scale of cyber attacks have continued to skyrocket, along with the financial toll and damage to brand reputation. Unfortunately, many organizations lack the proper tools to detect these attacks. Business leaders must also understand that the threat landscape is rapidly changing. Companies can improve their cybersecurity posture by combining foundational practices with cutting-edge technologies. Leveraging secure solutions doesn’t have to be complicated or robust to ensure safer data transactions and achieve unparalleled insights into content usage and access. Overall, businesses can avoid becoming a statistic and refine their data management strategies by making cybersecurity a team sport so that it is an integral part of their employees’ daily lives through education and prevention.

Paul Rohmeyer, Adjunct Professor of Information Systems at Stevens Institute of Technology

One of the challenges in maintaining cybersecurity awareness is that message repeated too frequently tend to have less and less impact, so we need to anticipate some of the most important messages will in fact be forgotten. We constantly hear about the importance of changing passwords and using complex passwords, but password audits routinely show continued use of weak passwords, and use of the identical password across multiple systems leading to a cascading effect if there is a breach. Another concern is clicking on links in emails, and falling victim to phishing and spearphishing. Phishing scams are based on the knowledge that, if sent to a large enough population, some number of recipients will in fact click on malicious links. This is often due to simply a moment of inattention by otherwise cyber-aware users, but even unsophisticated attackers can now leverage inexpensive but effective phishing platforms for low cost repetition of attacks that will unfortunately claims some victims. A third item is system updates. Despite the convenience of automated updates to Windows and Macs, users may postpone running the updates, leaving themselves vulnerable to known attacks. Change your passwords, use strong and unique passwords, don’t click on unknown links and apply system updates to all your devices– these are basics we’ve all heard but may not act upon as swiftly as we should.

Joe Regensburger, Vice President of Research Engineering at Immuta

AI and large language models (LLMs) have the potential to significantly impact data security initiatives. Already organizations are leveraging it to build advanced solutions for fraud detection, sentiment analysis, next-best-offer, predictive maintenance, and more. At the same time, although AI offers many benefits, 71 percent of IT leaders feel generative AI will also introduce new data security risks. To fully realize the benefits of AI, it’s vital that organizations must consider data security as a foundational component of any AI implementation. This means ensuring data is protected and in compliance with usage requirements. To do this, they need to consider four things: (1) “What” data gets used to train the AI model? (2) “How” does the AI model get trained? (3) “What” controls exist on deployed AI? and (4) “How” can we assess the accuracy of outputs? By prioritizing data security and access control, organizations can safely harness the power of AI and LLMs while safeguarding against potential risks and ensuring responsible usage.

David Divitt, Senior Director, Fraud Prevention & Experience at Veriff

We’ve all been taught to be on our guard about “suspicious” characters as a means to avoid getting scammed. But what if the criminal behind the scam looks, and sounds, exactly like someone you trust? Deepfakes, or lifelike manipulations of an assumed likeness or voice, have exploded in accessibility and sophistication, with deepfakes-as-a-service now allowing even less-advanced fraud actors to near-flawlessly impersonate a target. This progression makes all kinds of fraud, from individual blackmail to defrauding entire corporations, significantly harder to detect and defend against. With the help of General Adversarial Networks (GANs), even a single image of an individual can be enough for fraudsters to produce a convincing deepfake of them.

Certain forms of user authentication can be fooled by a competent deepfake fraudster, necessitating the use of specialized AI tools to identify the subtle but telltale signs of a manipulated image or voice. AI models can also be trained to identify patterns of fraud, enabling businesses to get ahead of an attack before it hits.

AI is now at the forefront of fraud threats, and organizations that fail to use AI tech to defend themselves will likely find themselves the victim of it.

James Hadley, CEO and Founder of Immersive Labs

Cybersecurity awareness month has good intentions. But, if organizations are focused on awareness alone, they’re losing. Awareness is not enough for organizations to achieve true cyber resilience. Resilience means knowing that your entire organization has the knowledge, skills, and judgment to respond to emerging threats, backed by data. Businesses need proof of these cyber capabilities to ensure that when an attack inevitably happens, their organization is prepared to respond.

Outdated training models and industry certifications that organizations have traditionally relied on have failed to make them safer and instead have created a false sense of security — which is why nearly two-thirds of security leaders now agree that they are ineffective in ensuring cyber resilience.

Continuous, measurable exercising across your entire workforce — from the store room to the board room — provides businesses with the insights they need to understand the current state of their cyber resilience and where their weak points lie. It also creates a more positive cybersecurity culture that encourages reporting rather than punishing employees when a breach does happen. With top-to-bottom cybersecurity education, organizations are moving beyond awareness and can ensure that their data is secure.

Yariv Fishman, Chief Product Officer at Deep Instinct

This Cybersecurity Awareness Month is unlike previous years, due to the rise of generative AI within enterprises. Recent research found that 75 percent of security professionals witnessed an increase in attacks over the past 12 months, with 85 percent attributing this rise to bad actors using generative AI.

The weaponization of AI is happening rapidly, with attackers using it to create new malware variants at an unprecedented pace. Current security mechanisms rooted in machine learning (ML) are ineffective against never-before-seen, unknown malware; they will break down in the face of AI-powered threats.

The only way to protect yourself is with a more advanced form of AI. Specifically, Deep Learning. Any other NL-based, legacy security solution is too reactive and latent to adequately fight back. This is where EDR and NGAV fall short. What’s missing is a layer of Deep Learning-powered data security, sitting in front of your existing security controls, to predict and prevent threats before they cause damage. This Cybersecurity Awareness Month, organizations should know that prevention against cyber attacks is possible– but it requires a change to the “assume breach” status quo, especially in this new era of AI.

Nick Carroll, Cyber Incident Response Manager at Raytheon, an RTX Business

As cyber threats continue to quickly evolve, organizations are being challenged to act just as fast in counter defense. This rush to keep up can often lead to the harmful practice of organizations skipping the foundational basics of cyber defense and failing to establish a general sense of cyber awareness within the business. Without a solid security culture at the foundation, security tools, such as expensive firewalls or endpoint detection and response (EDR), will ultimately become ineffective in the long term. It’s imperative to build cybersecurity awareness among employees and third parties that work with the business, as well as determine the ways in which security will be integrated into the organization’s culture and operations. Once these steps are taken, organizations will be better positioned to build off of a solid organizational footing that will be most effective for cyber defense initiatives in the long run.

Olivier Gaudin, Co-CEO & Founder of Sonar

This Cybersecurity Awareness Month (CAM), a message to business leaders and technical folks alike: Software is immensely pervasive and foundational to innovation and market leadership. And if software starts with code, then secure or insecure code starts in development, which means organizations should be looking critically at how their code is developed. Only when code is clean (i.e. consistent, intentional, adaptable, responsible) can security, reliability, and maintainability of software be ensured.

Yes, there has been increased attention to AppSec/software security and impressive developments in this arena. But still, these effort are being done after the fact, i.e. after the code is produced. Failing to do this as part of the coding phase will not produce the radical change that our industry needs. Bad code is the biggest business liability that organizations face, whether they know it or not. And chances are they don’t know it. Under their noses, there is technical debt accumulating, leading to developers wasting time on remediation, paying some small interest for any change they make, and applications being largely insecure and unreliable, making them a liability to the business. With AI-generated code increasing the volume and speed of output without an eye toward code quality, this problem will only worsen. The world needs Clean Code.

During CAM, we urge organizations to take the time to understand and adopt a ‘Clean as You Code’ approach. In turn, this will stop the technical debt leak, but also remediate existing debt whenever changing code, reducing drastically the cybersecurity risks, which is absolutely necessary for businesses to compete and win– especially in the age of AI.

Doug Kersten, CISO at Appfire

First and foremost, whether an employee has been at an organization for 20 days or 20 years, they should have a common understanding of how their company approaches cybersecurity; and be able to report common threats to security.

It’s been refreshing to see security come to the forefront of conversation for most organizations. It was rare 20 years ago that cybersecurity awareness was even a training concern unless you were at a bank or regulated institution. Today, it is incredibly important that this heightened interest and attention to security best practices continues. With advancements in technology like AI, employees across industries will face threats they’ve never encountered before – and their foundational knowledge of cybersecurity will be vital.

Employees today should be well-trained on security standards and feel comfortable communicating honestly with their security teams. Even more important, security leaders should ensure their organizations have anonymous alternatives for employees to report their concerns without fear of retaliation or consequence. By combining education and awareness into the foundation of your organization’s security framework, and empowering employees, the odds of the realization of a threat decrease exponentially.

James Lapalme, Vice President & GM for Identity at Entrust

While we can recognize Cybersecurity Awareness Month, it’s important that we prioritize cybersecurity all year round. Threat actors are constantly threatening organizations in unique and rapidly evolving ways, and business leaders need to remain nimble to ensure that their systems and teams are prepared for these evolving risks.

As we’ve seen in the news in recent weeks, spear phishing and social engineering attacks have become a common way for bad actors to create realistic scams that can slip by even the most knowledgeable employee. And, with the advancements in generative AI, adversaries can accelerate the potential impact of these attacks to gain access to sensitive data. The reputational and monetary losses these organizations and their customers experience can be felt for years to come.

Organizations have become so reliant on credentials that they have stopped verifying identity, so to get access or reset access, all you have to do is to give a code or answer a secret question. While that is convenient from a productivity perspective, it leaves the door open to cyber-attacks, which is why we’ve seen these spates of compromises.

Rather than rely on individuals who are frequently too caught up in day-to-day tasks to notice the subtle nuances of these scams, organizations need to evolve their technology response and look to phishing-resistant identities. Methodologies to achieve a high assurance level of Identity verification are Certificate-based authentication for both user and device verification, risk-based adaptive set-up authentication, and implementing ID verification as part of authentication process (or as a high assurance authentication strategy) for high value transactions and privileged users are all ways for businesses to build out their Zero Trust, explicitly Identity verified strategies and ensure the security of users even as new threats continue to emerge.

It’s important to understand that cybersecurity awareness is never really over. Good enough is not good enough. With the ever-evolving threat landscape, it’s essential for organizations to stay ahead of the curve and continue to keep evolving their technology to protect and future-proof their businesses against the ever changing threat landscape.

Steve Stone, Head of Rubrik Zero Labs

Artificial Intelligence, in particular generative AI (GAI), has dominated cybersecurity discussions in 2023.  As we look at how we can think of this technology in the context of Cybersecurity Awareness Month, there’s three topics worth our time.

First, GAI can demonstrably increase the capability and bandwidth of defense teams which are typically operating at beyond capacity.  We should seek out the right types of automation and support GAI lends itself well to so we can then reinvest the precious few cycles we have in our defense experts.  Let’s provide those skilled practitioners the ability to leverage their capabilities in the most impactful ways and transition years of legacy workflow to increased automation delivered via GAI.

Second, what are the inevitable shifts in defense needed as threats pivot to using GAI as well.  Traditionally, cybersecurity has leaned on attacker bottlenecks in our defensive posture.  At a minimum, we used these bottlenecks to classify threat types based on resourcing and capability.  GAI is undoubtedly going to shift these years-long expectations.  If any attacker can quickly use GAI to overcome language limitations, coding gaps in knowledge, or quickly understand technical nuances in a victim environment, what do we need to do differently? We should work to be ahead of these pivots and find the new bottlenecks.

Third, GAI doesn’t come with a zero cost to cybersecurity.  Even if we move past using GAI, the presence of GAI leaves us with two new distinct data elements to secure.  The first is the GAI model itself, which is nothing more than data and code.  Second, the source material for a GAI model should be secured as well.  If the model and underlying data are left undefended, we could lose these tools or have them leveraged against us in different ways all without our knowledge.

Michael Mestrovich, CISO at Rubrik

Monetization of data theft drives the cyber crime business. Modern cybercrime revolves around stealing data from organizations or denying them access to critical data. It is imperative that we maintain a security-first corporate culture and that a security mindset permeates everything that we do.

So how do we achieve this? A culture change starts with simple behavior shifts. When you walk away from your computer, do you lock it? When you’re using your laptop in public, do you have a screen guard on? When entering corporate buildings do you badge in and make sure no one is tailgating you? These sound like small things, but they are the practical day-to-day activities that people need to understand that help cultivate a security-first culture.

Arvind Nithrakashyap. Co-Founder & CTO of Rubrik

On the occasion of the 20^th Cybersecurity Awareness Month in 2023, it’s interesting to reflect on all that has changed in cybersecurity over the last two decades, as well as the surprising number of things that haven’t changed.

Let’s start with three dramatic differences.

1. The mobile revolution. The iPhone wasn’t introduced until 2007. Today, there are more than 4.6 billion smartphones worldwide, according to Statista. Add the more than 14.4 billion Internet of Things devices – connected cars, smart appliances, smart city technologies, intelligent healthcare monitors, etc. – and you have a threat landscape that few could have imagined 20 years ago.
2. Digital payments. The growing popularity of digital payments over cash is not only changing how people interact with money, it has opened up new opportunities for phishing scams, card information theft, and payment fraud. And, cryptocurrency, which didn’t exist until the late 00s, accounts for the vast majority of payments to ransomware attackers.
3. AI. Everyone is talking about artificial intelligence in 2023, but that wasn’t the case two decades ago. Now, AI is giving cybercriminals a powerful new tool to execute attacks while also turning out to be an effective weapon against hackers.

 And yet the more things change, the more they remain the same. Three examples:

1. On prem data. Despite the rise of cloud computing, many companies continue to house critical data in their own private databases and servers. This means protecting on-prem data remains, then as now, a key part of the security equation.
2. Public infrastructure. “By exploiting vulnerabilities in our cyber systems, an organized attack may endanger the security of our nation’s critical infrastructures,” said the White House’s “National Strategy to Secure Cyberspace” in 2003. The nation still worries a great deal today about how to defend energy systems, dams, and other assets from cyberattack. 
3. Security infrastructure. The cybersecurity industry used to focus on infrastructure security solutions involving the network, the applications, the end points, the cloud, the logs, etc. It still does. Those solutions remain core to a solid security strategy, though there is growing awareness that newer data security frameworks like Zero Trust are needed for fully realized defenses.

Viewed another way, much of the language one hears to describe the importance of data — “crown jewels,” “an organization’s most precious resource,” and the like — has changed little over the last 20 years. That’s because it’s still so true. Data is everything.

Joe Hall, Head of Security Services at Nile

One commonly overlooked aspect of cybersecurity is getting back to the basics. Don’t know where to start? First– it’s crucial to identify and comprehend the assets you need to protect. As larger organizations transition into hybrid cloud environments, the scope of what needs safeguarding can grow rapidly, which can be challenging for organizations struggling to keep pace with this expanding ecosystem. It’s vital to ensure that systems are not only secured but also designed to trust traffic only as needed, as failing to do so can leave vulnerabilities in the security infrastructure. The market will shift to systems that are natively secure as the risk of a misconfiguration of complex systems becomes too great.

Eric Cohen, CEO of Merchant Advocate

Some businesses may not fully understand the importance of PCI compliance or may believe it only applies to large enterprises or e-commerce companies. In reality, any organization that handles card and payment data, regardless of its size or industry, is subject to PCI compliance requirements.

Overlooking PCI compliance can have serious consequences, including fines, legal liabilities, and reputational damage should a breach or fraud attack occur. Therefore, businesses should not neglect it as part of their overall cybersecurity strategy. Instead, they should consider it as an essential component of their efforts to protect customer data and maintain trust in their brand. One way to check compliance is by examining merchant statements for PCI-related charges, either a charge to access a processor’s PCI portal or for non-compliance. These may be charged monthly or quarterly, so it’s important to regularly check merchant statements to ensure compliance.

Kobi Kalif, CEO of ReasonLabs

Our recent research indicates that malware and phishing are the most prevalent threats facing both businesses and the general population. These dangers often remain unchecked due to limited awareness and poor cybersecurity education among professionals and everyday consumers alike.

Email is a prime vector for phishing attempts and malware; as such, people need to be extremely vigilant when interacting with suspicious emails. Some best practices include:

• Be wary of any urgent requests for personal information or threats if you don’t act.
• Check the sender’s address for spoofing and inconsistencies.
• Do not enable macros in downloaded documents sent over email.
• Verify requests by contacting the source directly, without replying to the suspicious email itself. Look for spelling errors, awkward grammar or formatting as red flags.
• Report phishing emails to your email provider, and avoid opening attachments from unknown senders without verifying them first.

Password security is another challenge. Multiple studies have shown that a majority of people use weak, easily guessable passwords like “123456” across all their online accounts and frequently share passwords with others. One successful phishing attack could easily compromise several accounts with this lax personal security. Instead, create long passphrases that are easy to remember but hard to guess. For example, users should mix upper and lower case letters with numbers and symbols for complexity, enable two-factor authentication as an added layer of security, and periodically change passwords, focusing on critical accounts like email, banking, and work logins. Most importantly, passwords should not be duplicated across multiple sites; if one site is breached, it can put other accounts in jeopardy and create further issues down the line.

Rocky Giglio, Director of Security GTM & Solutions at SADA

Hackers have become extremely adept at leveraging human emotions and behavior for phishing and other types of social engineering attacks. Humans often move fast when reading emails, clicking links, or downloading documents, which gives hackers a perfect opportunity to deceive and gain access to sensitive information. These links or emails can also disguise themselves better than ever; for example, and email from what appears to be a payroll provider or internal company system can really be a hacker that made the slightest, hard-to-notice change to their name, phone number, or email address. Cybersecurity leaders at any company need to ensure that they are training their employees to be extra cautious and deliberate in their day-to-day communications, which will in turn help raise awareness and create more proactive security postures.

Mike Laramie, Associate CTO for Security at SADA

The news of recent breaches will hopefully drive faster adoption of cybersecurity best practices at businesses of all sizes. For example, businesses should always encourage their workers to use the passkey authentication method, which is much stronger and much more streamlined than traditional authentication methods. At a minimum, enforcing two-step verification methods is a must-have for any company, whether that be via hardware tokens or push notifications that embrace the FIDO standards. Relying on traditional methods, such as SMS verification and other one-time passcodes, are now proven to be insecure.

Steve Yurko, CEO of apexanalytix

Businesses generally have strong internal cybersecurity practices in place but, despite what they might think, this isn’t enough to keep themselves safe from harm. Organizations are most vulnerable to threats when it comes to their suppliers. Attacks on suppliers can lead to major data breaches that wreak havoc on a company’s operations, finances, brand reputation and customer loyalty – regardless of the internal cybersecurity strategy they have in place. In order to protect themselves, businesses must monitor vulnerabilities throughout the entire supply chain and flag incidents across every supplier. Cybersecurity incidents cause half of all supply chain disruptions, but businesses can manage those risks by monitoring threats and mitigating risks in real-time.

Joshua Aaron, CEO of Aiden Technologies

This year marks the 20th anniversary of National Cybersecurity Awareness Month, which aims to educate people about the value of cybersecurity and encourage good cybersecurity practices among individuals, companies and organizations. Twenty years in, Artificial Intelligence (AI) is changing the way that many organizations operate, especially when it comes to cybersecurity. Because AI is a developing technology and we’re still understanding its capabilities, many IT organizations have hesitated to fully deploy it. However, AI has come a long way since its first incarnations. It now has the potential to offer incredible assistance to IT security teams by helping them reduce the risk of business-critical infrastructure getting compromised via misconfigured software and devices, a core focus of CISA’s cybersecurity framework.

Traditionally, managing the configuration of software and computers is very manual, prone to human error, and slow to execute, especially for overworked IT security teams. The increased use of AI and automation in cyberattacks from misconfigured environments and their improving success rates are proof that traditional methods aren’t working, and we must innovate. AI and automation solutions for keeping computers up to date and in compliance with an organization’s security policy have proven to be extremely effective. IT security teams are able to automatically maintain good cyber hygiene, thus freeing them up to concentrate on higher-visibility, more rewarding projects without fear of the next attack.

In honor of National Cybersecurity Awareness Month, I encourage all organizations to look into how AI can help keep their critical infrastructure more secure and their data safe from threat actors; the SAFETY of our country and our commerce depends on it.

Dylan Border, Director of Cybersecurity at Hyland

Reinforcing what may seem like obvious cybersecurity measures ensures a proactive strategy, but we still see companies ignoring these facts until it’s too late, only starting their commitment to security after a breach or ransomware event occurs.

Even with top talent and tools on hand, foundational processes must be considered to secure your environment, and security is employees’ responsibility. While some may see simple concepts, others may be unaware of often-overlooked security measures. It’s easier than ever to implement table-stakes items, such as monthly security training to ensure best security practices are enacted. Implementing core tactics constantly is a great way to ensure all employees are approaching these concepts from a level playing field.

Role-based training is a great way to ensure that specific training is tailored to employees’ individual roles and responsibilities. While general security awareness training, such as how to spot a phishing email, is relevant and crucial for all employees to complete, some individuals will have even greater access to sensitive data, or control of administrative tasks for critical systems.

This applies to security teams as well. Team members should be experts on the security tools they’re responsible for managing, and if there are gaps in their knowledge, they should undergo deeper training. Something as simple as regularly validating that your endpoint protection, or anti-virus, program is deployed throughout your entire environment can be what it takes to stop a ransomware attack. Build from the basics, and don’t assume you’re covered until you test each of your defenses.

The post 38 Cybersecurity Awareness Month Quotes from Industry Experts in 2023 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by thought leaders in enterprise software categories. Christian Taillon and Mike Manrod of Grand Canyon Education take us to school on the buzz, the applications, and the very real threat of AI in the cybersecurity space.

The buzz around emerging capabilities related to Artificial Intelligence (AI) and ChatGPT is like nothing I have experienced during my career in technology. I walk past a breakroom that I usually expect to buzz with enthusiasm about the latest sports team or sitcom gossip, and instead hear talk about ChatGPT, AI, and Large Language Models (LLMs)– and that is not even in the IT breakroom. It seems we all grew up with the fictional lore of robots and AI– ranging from fantastical utopian notions to doomsday scenarios where we watch in horror as our own creations conspire to destroy us. While it remains unclear if our creations will condemn or liberate us, it has become clear that Artificial Intelligence (AI) will be a defining factor as this next chapter for humanity unfolds.

In times of uncertainty, we often find ourselves looking for a crystal ball so that we can see the future, avoiding hazards and amassing a windfall by wagering on all the winners. Sadly, there is no crystal ball. There is a time capsule available, which can help us to gain some useful insights. Those of us who have been working in cybersecurity for a while, have already been through at least one AI craze, which started around a decade ago. This has served as a very effective hype-inoculation for experienced security practitioners, as we step back to think of what emerging technologies such as ChatGPT will disrupt, along with what aspects may be overhyped.

I Tricked AI, and I Liked It

AI: Adopting the Tech and Not the Hype

Once upon a time, it seemed impossible to go to any security conference, without being inundated with sales messaging about how AI was going to solve every possible problem. Ok, that was also yesterday, except now the reception is usually eye-rolls rather than the rapt attention such charades conjured in the early days. In the best of times, cybersecurity is renowned for hyperbole and sensationalism, causing many of us to create buzzword bingo cards we take to conferences to determine who is buying the first round of drinks. What was the real outcome resulting from the AI frenzy in cyber? Did this all serve to make us more secure?

As we are likely to find with the adoption of AI technologies in general, the answer has varied widely based on a range of factors. One of the most important factors has been how effectively security teams were able to cut through the malarky, to invalidate false claims and zero in on technology that is actually valuable. The key to understanding what artificial intelligence can do is knowing what is reasonable and possible, based on a deep understanding of the capabilities and constraints of the underlying processes. If something is possible manually, but impractical due to limitations in how much we can think or perceive, automation may produce breakthrough results and make new things possible. If the process sounds like magic and includes no detailed explanation of how it works, look out for smoke, mirrors, and peddlers of snake oil.

ChatGPT, LLMs, Smoke, and Mirrors

Understanding how an artificial intelligence product works is the key to having a realistic comprehension of both its capabilities and limitations. For example, we understand that basic applications of AI to antivirus may involve analyzing features of files to train a model on indicators, predicting if a file is malicious or benign. This knowledge helps us to understand possible benefits, limitations, and even security flaws in such a product. In the same manner, if we consider how ChatGPT and other LLMs work, we can begin to think of strengths, weaknesses, and limitations. If we consider ChatGPT at the same very basic level, it is extracting features, except the focus is on features of language. It takes groups of characters, assigns token values, and makes predictions. Both ChatGPT and AI-driven antivirus are excellent guessers thanks to linear algebra, calculus, and probability.

What makes ChatGPT so interesting, is that these predictions are about what blob of text should come next. The models are built by mapping token relationships across the training data, and then applying knowledge of these relationships to append additional text to a question, repeating analysis with each iteration, until it is deemed complete and the answer – minus the original question – is returned as a result. Basically, it is Machine Learning (ML) applied at a large scale to human languages, allowing it to give astoundingly coherent answers, based upon understanding statistical relationships between word patterns.

The interesting aspect of applying Machine Learning to human language is that a system may pass the Turing Test, while clearly not having any true comprehension of the answers it is rendering. This leads to a human tendency to anthropomorphize the algorithm, ascribing all sorts of human attributes that simply do not apply. In Homo Deus (2015), Yuval Noah Harari pointed out that while sentient computers may not happen anytime soon, algorithms that know us better than we know ourselves and that influence human behavior, could be soon upon us soon. The AI revolution we are witnessing now may be the fulfillment of his prediction. As we interact with AI capable of communicating with us like another person, pulling at our heartstrings even with some answers, it is important to remember that this is just a predictive algorithm. So, do we apply the term Machine Learning or the term Artificial Intelligence? In the case of ChatGPT, I would argue that both apply. From the perspective of the person, it is an interactive form of intelligence that is artificial in nature (AI). That said, if we analyze what is actually happening, it is really just another form of Machine Learning.

Malicious Use Cases for Generative AI

One thing AI does have in common with us, though, is a tendency for errors in how information is perceived and processed. In my recent malware analysis class, we spent time abusing ChatGPT to create malicious content helpful in planning, organizing, and delivering cyber-attacks. Of course, if you ask for something overtly malicious, it answers, “I’m sorry, but I cannot fulfill that request…” with a long ethical lecture (the desired response).

What if you ask the question more creatively? Is it possible to trick an AI into providing you with useful code or intelligence, to help with an attack? Unfortunately, it seems the answer is a resounding yes. On one hand, resources such as Jailbreak Chat, index a vast array of tools to bypass the security features of ChatGPT, such as the now infamous DAN jailbreak(s). That said, unleashing unintended functionality, can occur in ways that are sneakier than just using a documented Jailbreak. For example, if you ask ChatGPT to create ransomware, it will follow well-conceived rules to block this activity, rendering the all-to-familiar “I’m sorry” response message. What if you are more creative with your question, though?

Maybe the key to getting an AI to create something malicious is to ask nicely. More specifically, to ask in a way that does not “offend” any of the filters or protective measures implemented within the AI. As an allegory to our ransomware analogy, what if you ask ChatGPT to create a Python script to encrypt every .txt file in a specific directory, using AES256 and a specific key? Now maybe, you could ask it to change the directory to something broader such as Documents, and add more file types. Add a few more required features, one by one / individually, until it is bordering on useful. Then, assemble the modules, and ask it to optimize and translate it into whatever language you want – of course, followed by a bit of refinement, testing, and debugging.

Moreover, if a cyber-criminal establishes a local LLM such as Alpaca, they may create an environment that is completely free of such restrictions. The impending AI wars may get interesting on multiple fronts. On one hand, we could see reduced barriers to entry for new arrivals in the cyber-crime arena, along with more subtle benefits afforded to established adversaries, such as the types of productivity gains we expect in legitimate companies. On one front, we deal with anybody being able to reason their way toward potentially malicious software, on the other, we face the malicious use of LLMs to provide additional productivity and capabilities to experienced threat actors. Basically, the capable adversaries will expand their reach. While some who are now incompetent may become at least reasonably capable, the reasonably capable may become highly efficient actors, accelerating the escalation of cyber victimization.

Managing AI Risk

So, how do we mitigate this risk, as security practitioners looking forward? The first step is to identify the categories of opportunity and risk that need to be considered. As a starting point, it is important to first separate AI strategy into the broad categories of exploiting opportunities, versus mitigating risks. This distinction applies at the enterprise level, as well as within our cybersecurity microcosm. Organizations that fail to capitalize on new opportunities, risk becoming irrelevant, eclipsed by more forward-thinking competitors. As we develop strategies to mitigate risks associated with technologies such as LLMs, we need to remember that failing to adapt is high on that list of risks. This is important to remember when approving projects, creating policies, and considering exceptions.

Once we focus our attention on mitigating risks, we find once again the same differentiator. Are we looking at ways that AI can help us defend, or are we considering ways emerging technologies can be used to improve the offensive capabilities of our adversaries? While the lines will blur as we consider projects such as PentestGPT or Eleven Labs that could be used for testing or for actual attacks, we need to look at how specific applications of such technologies inform strategy.

AI Security and Strategy

AI models do not change the fundamental nature of attack and defense. They instead serve to accelerate both offensive and defensive processes, against a backdrop of what we can expect to be a more tumultuous tech landscape, further destabilized as a result of emerging capabilities. This means that principles we have tested for decades and well-defined frameworks are probably going to remain largely valid in this new paradigm. What is going to change radically, is the tempo at which new flaws are found and exploited – and the reaction speed that will be required to stop undesired outcomes.

And that serves as a nice segue to our second axis to consider when developing our AI security and technology strategy. Time. We can all imagine fantastical and futuristic notions, for business enablement, cyber-crime, and exploitation, as well as for protection and response. All the while, the considerations of “now” press in upon us continuously. Most of us have predatorial competitors with sharp teeth, nipping at our toes here and now. How do we calm down and consider the long-term threats and opportunities while remaining aware and ahead of the issues that are already upon us?

Final Thoughts

We are entering a phase where the technology plans we make, may have an unusual level of influence on the relative standings of organizations as we enter a new era. We need to step back and first map out the risks and opportunities that may undermine or revolutionize an entire business or industry. Anyone looking at history would know that 1908 was not the right time to launch a startup improving upon the horse-drawn carriage. Launching business initiatives that are not aligned with, or at least immune to, emerging disruptive technologies could be ill-fated. When considering the timing of advances and breakthroughs that will influence our technology strategy, we need to be realistic. It is difficult, because we need to consider multiple related rates of change, such as the speed at which new capabilities will emerge, tempered with how quickly a given organization can implement and/or adapt to changes.

When we weigh both opportunistic and risk-reducing AI considerations, combined with short and long-term time horizons, the task of creating a strategy becomes more approachable. A few key questions may help define your strategy. From a technology and business enablement perspective, what does the long-term future look like? What are the near-term opportunities that will help your organization to remain competitive while working toward longer-term advances? On the risk mitigation side, we can work in the opposite direction, thinking of what adversary capabilities are likely to become a serious problem soon. For example, the social engineering implications that emerge when AI voice and video, are combined with pretexts and lures created via ChatGPT, could represent a near-term problem we need to consider. Then we can think of what capabilities we gain, as well as how future advances will shape our security strategy. Useful frameworks are also beginning to emerge to help define categories of security flaws and attack lifecycles against AI tools and services, such as OWASP 10 for LLM and MITRE ATLAS.

If we carefully consider the offensive and defensive aspects of our own business, across a range of time horizons, we begin to understand how we should act. Then, when we map out the probable offensive agendas and capability progression for our competitors and adversaries, we have an idea how they may act. When we align these elements at an enterprise level, it should be possible to assemble a quality strategy including both how to exploit opportunities and how to mitigate risks. When we consider them at a personal level, it may help prepare us to better adapt to a complex and rapidly changing world.

The post I Tricked AI, and I Liked It appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Contributed Content Series is a collection of contributed articles written by industry thought leaders in enterprise software categories. Chaz Lever of DEVO argues why AI security is the black box in the next leg of the artificial intelligence technology race.

The rapid rise of new, more powerful generative AI chatbot platforms has enterprises and governments scrambling to rein in the potential negative impacts of this disruptive technology. JP Morgan, for example, has prohibited the use of ChatGPT in the workplace, among others. Dozens of artificial intelligence leaders issued an open letter in March calling for a pause on ChatGPT development so safety measures could be reinforced. And the Biden Administration recently weighed in with several moves to develop “responsible AI” initiatives within the federal government.

They’re all worried about security. Concerns about AI are nothing new, but ChatGPT, Bard, and their ilk have upped the ante, and leaders across the spectrum are sounding the alarm. This reassessment of AI threats comes at a good time, especially with some analysts predicting AI to contribute upwards of $15 trillion to the global economy by 2030. The technology clearly isn’t going away; the genie is out of the bottle, and it’s not going back in. It’s already fueling futuristic applications such as autonomous transportation, weather forecasting, insurance, marketing, and scientific research. But before AI can reach its true potential, people have to trust that it’s secure and not creating more threats than it’s taking away.

Security in the AI Race

AI Systems Can Be Used by Attackers

AI systems are widely used as cybersecurity assets. Their powerful algorithms can analyze large amounts of data to identify patterns that could tip organizations off about a cyber-attack. They can be used to proactively identify unknown cyber threats and trigger automated remediations that segment off breached systems or malicious files.

At the same time, AI introduces new attack vectors for malicious actors. It can be used by cyber-attackers to generate sophisticated phishing attacks that are designed to evade detection. AI-based malware can also adapt and evolve to avoid detection by traditional security systems.

AI Models Can Be Poisoned

Machine learning (ML) systems use very large amounts of data to train and refine their model, which requires that organizations ensure that their datasets maintain the highest degree of integrity and authenticity possible. Any failures on this front will cause their AI/ML machines to produce false or harmful predictions.

Attackers can purposely sabotage an AI model by damaging or “poisoning” the data itself. By secretly changing the source information used to train algorithms, data-poisoning attacks can be particularly destructive because the model will be learning from incorrect data. They provide false inputs to the system or gradually alter it to produce inaccurate outputs. Their goal is to trick the learning system into creating inaccurate models, which produce wayward results. Manipulated, or poisoned, data can be used to evade AI-powered defenses. Most companies aren’t prepared to deal with this escalating challenge, which is getting worse year by year.

Information Leakage Can Haunt Future Models

It’s bad enough when AI use opens an organization up to being hacked. It can be worse when sensitive information is shared inadvertently and used inappropriately. This can happen with AI models. If a developer inserts proprietary company secrets into a model, there’s an ongoing risk that those secrets will funnel back into future models. People will end up learning about things that only a few people are supposed to know about. Plus, organizations can face questions about data privacy based on where their AI models start and where they live.

What are the trade-offs to developing and running models locally versus in the cloud? From a privacy perspective, that might influence what organizations are willing to do.

Generative AI Can Create Convincing Fake Images and Profiles

Using AI, scammers can more easily create highly realistic fake content that they use to deceive targets – and the public. Applications include phishing emails, fake profiles, fake social media posts, and messages that appear legitimate to unsuspecting victims. In late May, a deepfake image of an explosion at the Pentagon briefly caused the stock market to drop. After a scam artist posted an image on Twitter, Arlington, Va., police quickly debunked the image. The stock market dipped by 0.26 percent before rebounding. Photography experts identified the photo as an AI-generated image. As generative AI technology continues to improve, these situations likely will become more prevalent and more problematic.

Generative AI can also be used to create photos of people who don’t exist. Once the scammer has the photo, it can be used to create fake profiles on social media platforms. It also can be used to create “deepfake” videos – superimposing a face onto someone else’s body – to manipulate people into believing a person has done something he hasn’t. Deepfakes have targeted celebrities and been used for blackmail.

Complicating Data Privacy

When AI collects personal data, does its use comply with the stipulations spelled out by GDPR? Not necessarily. Ideally, AI algorithms should be designed to limit the use of personal data and make sure the data is kept secure and confidential. GDPR is very specific when it comes to the use of personal data. It requires that automated decision-making can take place only if humans are involved in the decision-making, if the person whose information is being used has given consent, if the processing of information is needed to perform a contract, or where it is authorized by law. GDPR also requires users to tell individuals what information is being held and how it is being used. As a result, there will be significant legal issues that must be addressed in terms of GDPR and the use of personal data– and new policies will need to be set accordingly.

Proceeding with Caution

AI is already an important driver of innovation and value– and will continue to be. But it comes with risks that need to be addressed now. Generative AI applications have brought security and ethical issues to the surface, forcing stakeholders to ask questions and push for solutions that can position the technology to remain a net positive for years to come.

The post Why Security is the Black Box in the AI Race appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of July 28. This curated list features identity management and information security vendors such as OneTrust, Veza, BTQ, and more.

Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.

Identity Management and Information Security News for the Week of July 28

OneTrust Secures $150M Investment

OneTrust, a trust intelligence solutions provider, this week announced a $150 million funding round. This capital will bolster OneTrust’s continued growth to meet customer demand for trust intelligence software. The round was led by new investor Generation Investment Management with participation from existing investor Sands Capital, bringing the total funds raised to date to over $1 billion with a current $4.5 billion valuation.

Read on for more

DoControl Announces New Bulk Remediation Capability

DoControl, an SaaS Security platform, announced this week a new patent pending bulk remediation capability, which supports Google Shared Drives. By leveraging DoControl’s implementation, customers have the ability to remediate “hundreds of thousands of unwanted file permissions, mapping entire file system hierarchies, and presenting full visibility of the impact.”

Read on for more

Veza Welcomes Phil Venables to its Board of Directors

Veza, an identity security solutions provider, has announced the appointment of Phil Venables to its Board of Directors. Venables has more than 35 years of experience working in engineering, management, and board level advisory roles, including for The White House. Before joining a large global technology company as Chief Information Security Officer, Venables was a Partner at Goldman Sachs where he spent two decades in various risk and cybersecurity leadership positions, in particular as their first CISO, a role he held for 17 years. He has been Chief Information Security Officer for other multiple large banking companies like Standard Chartered Bank and Deutsche Bank. He is on the board of directors at HackerOne, Interos, New York University, and he serves in advisory roles for The President’s Council of Advisors on Science and Technology (PCAST) and NIST.

Read on for more

BTQ’s Preon Selected by NIST as Candidate for the PQC Standardization Process

BTQ, a quantum security solutions provider, this week announced the National Institute of Standards and Technology (NIST) has selected BTQ’s post-quantum cryptography scheme, Preon, in the first round for consideration in their Post-Quantum Cryptography (PQC) standardization process. This announcement comes amidst the fourth round of the ongoing PQC standardization process, wherein several Key Encapsulation Mechanisms (KEMs) including BIKE, Classic McEliece, and HQC are still being evaluated. Since December 2016, NIST has been engaged in a public process to select quantum-resistant public-key cryptographic algorithms for standardization, to combat the threats posed by the rapid advancement of quantum computing. Thus far, several algorithms have been standardized, including public-key encapsulation mechanism (KEM) CRYSTALS-KYBER and digital signatures CRYSTALS-Dilithium, FALCON, and SPHINCS+. With the exception of SPHINCS+, all these selected schemes are based on the computational hardness of problems involving structured lattices.

Read on for more

PokerStars Confirms MOVEit Data Breach Leaked Up to 110k Social Security Numbers

On July 20, 2023, PokerStars filed a notice of data breach with the Attorney General of Maine after discovering that an application the company used to transfer files contained a vulnerability that allowed hackers to access confidential consumer information. In this notice, TSG Interactive US Services Limited, better known as PokerStars, explains that the incident resulted in an unauthorized party being able to access consumers’ sensitive information, which includes their names, Social Security numbers, and addresses. Upon completing its investigation, PokerStars began sending out data breach notification letters to all individuals whose information was affected by the recent data security incident.

Read on for more

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

Solutions Review Set to Host Infinidat for Exclusive Spotlight Webinar on August 15

With the next Solutions Spotlight event, the team at Solutions Review has partnered with leading enterprise data and cloud solution provider Infinidat. This session will demonstrate how easily enterprises can create cyber-resilient storage environments that can withstand and recover from cyber-attacks.

Read on for more.

Defense-in-Depth: Paving the Way Forward in Cybersecurity

Sam Crowther of Kasada examines how defense-in-depth can potentially pave a new path forward for cybersecurity as we know it.

Each day brings new research highlighting the rampant security issues that every online business faces, detailing how detrimental a cyber-attack is to their operations, bottom line, and reputation. Despite the multitude of security tools in the market, organizations are still facing an increasing number of attacks. The root cause is that attackers continually evolve their methods of attack to get around your defenses. If there are roadblocks in place that prevent them from making money, they will find another route. This year’s Verizon Data Breach Investigations Report found that some 60 percent of all breaches occurred through web applications. Too many organizations would treat a finding like this as a “bot problem,” or an “API issue,” instead of looking at the larger picture. Attacks have many layers – so defenses should too. Concentrating solely on one security layer could mean that the most important layer – or at least the one being used in a current attack – is left unprotected. Security is the sum of all available defenses. That’s why organizations need to question their current security stack and adopt a defense-in-depth strategy.

Read on for more.

The post Identity Management and Information Security News for the Week of July 28; OneTrust, Veza, BTQ, and More appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Solution Spotlight with Zscaler is entitled: Deliver Fast and Secure Digital Experiences for the Modern Hybrid Workforce.

What is a Solution Spotlight?

Solutions Review’s Solution Spotlights are exclusive webinar events for industry professionals across enterprise technology. Since its first virtual event in June 2020, Solutions Review has expanded its multimedia capabilities in response to the overwhelming demand for these kinds of events. Solutions Review’s current menu of online offerings includes the Demo Day, Solution Spotlight, best practices or case study webinars, and panel discussions. And the best part about the “Spotlight” series? They are free to attend!

Why You Should Attend

Solutions Review is one of the largest communities of IT executives, directors, and decision-makers across enterprise technology marketplaces. Every year over 10 million people come to Solutions Review’s collection of sites for the latest news, best practices, and insights into solving some of their most complex problems.

With the next Solution Spotlight event, the team at Solutions Review has partnered with Zscaler to provide viewers with a unique webinar called Deliver Fast and Secure Digital Experiences for the Modern Hybrid Workforce. In this webinar, attendees will hear how to efficiently detect, triage, and resolve IT incidents that have global, regional, or user-specific impact, at scale.

Speakers

Krishnan Badrinarayanan, Senior Director, Product Marketing at Zscaler: Krishnan Badrinarayanan is a member of the Zscaler Digital Experience product team focused on helping IT teams deliver flawless digital experiences that power their businesses. Skilled in the SaaS and enterprise software space, he has over 18 years of experience in security and previously worked at Abnormal Security, Riverbed Technologies, and Dynatrace.

About Zscaler

Zscaler is a cloud security company, with headquarters in San Jose, California. The company offers enterprise cloud security services. Their cloud native Zero Trust Exchange platform protects thousands of customers from cyberattacks and data loss by securely connecting users, devices, and applications in any location. Using zero trust principles, Zscaler helps IT move away from legacy network infrastructure to achieve modern workplace enablement, infrastructure modernization, and security transformation.

FAQ

• What: Deliver Fast and Secure Digital Experiences for the Modern Hybrid Workforce
• When: Tuesday, October 5, 2023 at 12:00 p.m. EST
• Where: Zoom meeting (see registration page for more detail)

Register for Solutions Review’s Solution Spotlight with Zscaler FREE

The post What to Expect at Solutions Review’s Solution Spotlight with Zscaler on October 5th appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Expert Roundtable: Data Security, Trust, and Privacy for Analytics in the Cloud will feature a panel of experts from Snowflake, Satori, Monte Carlo, and moderator David Loshin.

What is the Expert Roundtable: Data Security, Trust, and Privacy for Analytics in the Cloud

Guarding against unauthorized access to sensitive corporate data is a priority, whether your organization is engaged in a cloud-oriented digital transformation effort, a data architecture modernization imitative, or is cloud-native from the get-go. Data privacy is the new hot commodity in the enterprise. Without instituting the right tools, processes, and practices, data protection becomes unscalable and ultimately unsustainable.

In this roundtable discussion, our panelists will share their experiences, discuss best practices for integrating technology solutions, and offer guidance for establishing a sustainable information risk program for ensuring the governed accessibility to sensitive corporate data. The 60-minute virtual event is moderated by an independent industry analyst, with a topic introduction hosted by Solutions Review – all broadcast live to an audience of registered attendees.

Join the Largest Cybersecurity Practitioner Community

Solutions Review Data Management and Analytics is the largest data software buyer and practitioner community on the web. Our Universe of Influence reach is more than 7 million business and IT decision-makers, as well as C-suite and other top management professionals. Our readers primarily use us as an enterprise technology news source and trusted resource for solving some of their most complex problems.

Our collection of vendor-agnostic buyer’s resources aims to help data management and analytics practitioners during the research and discovery phase of a buying cycle. This critical stage of information gathering is where buyers narrow down the field of solution providers to a short-list they plan to engage. The mission of Solutions Review is to make it easier for buyers of data management and analytics software to connect with the best providers.

Featured Panelists

Moderator: David Loshin, Knowledge Integrity, Inc.

Recognized worldwide as an information management thought leader, David has popularized best practices for business intelligence, data governance, performance computing, master data management, predictive analytics, and data quality. David is a monthly columnist for TechTarget and is a frequent presenter at The Data Warehousing Institute Conferences, Enterprise Data World, Data Governance and Information Quality, and web-based seminars.

Anoosh Saboori, Principle Product Manager at Snowflake

Anoosh leads product security at Snowflake. Prior to that, he was the lead group product manager for Google Cloud workload zero trust portfolio, a comprehensive and growing portfolio that includes infrastructure capabilities, platform products, and paid-for products to enable enterprises to achieve a zero trust architecture for workload-to-workload communications.

Yoav Cohen, CTO & Co-Founder at Satori

Yoav Cohen is the Co-Founder and Chief Technology Officer of Satori Cyber. At Satori, Yoav is building the company’s technology vision and leading the research and engineering teams that build the Secure Data Access Cloud. Prior to founding Satori Cyber, Yoav was the Senior Vice President of Product Development for Imperva, which he joined as part of the acquisition of Incapsula, a Cloud-based web applications security and acceleration company, where he was the Vice President of Engineering.

Ryan Kelch, CTO & Head of Security & Compliance at Monte Carlo

Ryan Kelch is the Head of Security & Compliance of Monte Carlo, a data reliability company backed by Accel, Redpoint Ventures, GGV, ICONIQ Growth, and Salesforce Ventures. Prior to Monte Carlo, he led cloud and product security for Splunk Cloud, and before that he started the security practice at Climate Corp.

Featured Companies

Snowflake

Snowflake offers a popular cloud data warehouse. The solution loads and optimizes data from virtually any source, both structured and unstructured, including JSON, Avro, and XML. Snowflake features broad support for standard SQL, and users can do updates, deletes, analytical functions, transactions, and complex joins. The tool requires zero management and no infrastructure. The columnar database engine uses advanced optimizations to crunch data, process reports, and run analytics.

Satori

Satori offers data management and security product designed to enable secure data access to organizations of varying sizes. The product features continuous visibility and mapping for data flows and data stores, activity-based discovery and classification of data in real-time, data security through granular, field-level data access controls and anomaly detection, and compliance through monitoring and data privacy enforcement. Satori integrates into any cloud or hybrid environment without impacting existing user and application access.

Monte Carlo

Monte Carlo’s data observability platform utilizes best practices and principles of automatic application observability and applies them to data pipelines. This provides data engineers and analysts with visibility across all data pipelines and data products. Monte Carlo also offers machine learning that gives users a holistic view of an organization’s data health and reliability for important business use cases.

FAQ

What: Solutions Review’s Expert Roundtable: Data Security, Trust, and Privacy for Analytics in the Cloud

When: Thursday, June 8, 2023 at 12:00 PM Eastern

Where: Zoom meeting (see registration page for more detail)

Register for the Expert Roundtable FREE

The post What to Expect at Solutions Review’s Expert Roundtable: Data Security, Trust & Privacy for Cloud Analytics on June 8 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

Solutions Review’s Solution Spotlight with Datto, a Kayesa Company, is entitled: Maximize Your Cybersecurity: The Benefits of Datto RMM and Datto EDR.

What is a Solution Spotlight?

Solutions Review’s Solution Spotlights are exclusive webinar events for industry professionals across enterprise technology. Since its first virtual event in June 2020, Solutions Review has expanded its multimedia capabilities in response to the overwhelming demand for these kinds of events. Solutions Review’s current menu of online offerings includes the Demo Day, Solution Spotlight, best practices or case study webinars, and panel discussions. And the best part about the “Spotlight” series? They are free to attend!

Why You Should Attend

Solutions Review is one of the largest communities of IT executives, directors, and decision-makers across enterprise technology marketplaces. Every year over 10 million people come to Solutions Review’s collection of sites for the latest news, best practices, and insights into solving some of their most complex problems.

With the next Solution Spotlight event, the team at Solutions Review has partnered with leading managed service provider Datto to provide viewers with a unique webinar called Maximize Your Cybersecurity: The Benefits of Datto RMM and Datto EDR.

Speakers

• Mathew Smith, Senior Solutions Engineer: Mat is Datto’s Senior Solutions Engineer in the European region focused on RMM. He has created many of the standard monitoring templates their clients use, as well as a number of components found in the ComStore. Mat has worked in the IT industry for around 25 years, primarily working for large MSPs, holding many industry qualifications from Microsoft and VMWare. Prior to joining Datto,  Mat worked for one of their customers using Datto RMM to manage around 10,000 endpoints and was responsible for patching, monitoring, and maintaining customer endpoints and servers

About Datto, a Kaseya Company

Datto offers a family of enterprise business continuity solutions available in both physical and virtual platforms. The new Backup Insights tool gives you a complete picture of how files and folders have changed over time, adding versioning to the file restore capabilities. Datto utilizes Hybrid Cloud technology to improve redundancy and give users greater protection of their systems and data. Hybrid Cloud technology leverages the advantages of local backup and the security of the cloud.

FAQ

• What: Maximize Your Cybersecurity: The Benefits of Datto RMM and Datto EDR
• When: Wednesday, May 24, 2023, at 3:00 PM BST/10:00 AM US-EST
• Where: Zoom meeting (see registration page for more detail)

Register for Solutions Review’s Solution Spotlight with Datto FREE

The post What to Expect at Solutions Review’s Solution Spotlight with Datto on May 24 appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

The editors at Solutions Review highlight what’s changed in Gartner’s 2023 Magic Quadrant for SSE and provide an analysis of the new report.

New to 2022, Analyst House Gartner, Inc. released the inaugural edition of its Magic Quadrant for Security Service Edge. Gartner defines Security Service Edge (SSE) as a platform that secures access to the web, cloud services, and private applications. Capabilities include access control, threat protection, data security, security monitoring, and acceptable-use control enforced by network-based and API-based integration. SSE is primarily a cloud-based service and may include on-premises or agent-based components. Gartner defines the user market as enterprises interested in Secure Access Service Edge (SASE) architecture, specifically SSE, as part of a security suite and zero-trust network access (ZTNA). SSE customers may also seek to secure remote users when the organization is virtual, is a heavy cloud consumer, or has no complex networking requirements for satellite locations.

Marketing predictions from Gartner include 70 percent of organizations that implement agent-based zero trust network access (ZTNA) will choose either a secure access service edge (SASE) or security service edge (SSE) provider for ZTNA, rather than a stand-alone offering, by 2025. By 2026, 85 percent of organizations seeking to procure cloud access security broker, secure web gateway, or zero trust network access offerings will obtain these from a converged solution; and 45 percent of organizations will prioritize advanced data security features for inspection of data at rest and in motion as a selection criterion for SSE.

In this Magic Quadrant, Gartner evaluates the strengths and weaknesses of 11 providers it considers most significant in the marketplace and provides readers with a graph (the Magic Quadrant) plotting the vendors based on their ability to execute and completeness of vision. The graph is divided into four quadrants: niche players, challengers, visionaries, and leaders.

Now in its second year, the editors at Solutions Review read the report, available here, and pulled out the key takeaways.

Widget not in any sidebars

What’s Changed: 2023 Gartner Magic Quadrant for SSE

Gartner highlights the following providers in the Security Service Edge market: Netskope, Zscaler, Palo Alto Networks, Cisco, Skyhigh Security, Forcepoint, Lookout, Broadcom, iboss, and Cloudflare.

Leaders

In the leaders’ quadrant, we see Netskope and Zscaler switching places, with the former taking the top position in the quadrant. Netskope’s primary SSE offerings, available as part of the Netskope Intelligent SSE platform, include the Next Gen Secure Web Gateway, CASB, and Netskope Private Access (NPA). Netskope is headquartered in Santa Clara, California, U.S. Its operations are geographically diversified, and its customers range from midsize to very large organizations across many industries. In 2022, Netskope acquired Infiot to support single-vendor SASE and WootCloud to enhance Internet of Things (IoT) ecosystem visibility. It expanded its DLP to encompass endpoint use cases and its ZTNA to allow for on-premises termination to support universal ZTNA use cases. In the SSPM arena, it continued integrating the Kloudless acquisition from 2021, including launching a dedicated SSPM query language.

McAfee is out. Palo Alto Networks is in. Last year Palo Alto saw itself in the Challengers quadrant, and this year a Leader. Its SSE offering is primarily composed of Prisma Access and SaaS security services. It offers a stand-alone cloud-native application protection platform under the Prisma Cloud brand. It also provides a range of other network and cloud security products. It is headquartered in Santa Clara, California, U.S. Its operations are geographically diversified, with customers of all sizes from all industries. Palo Alto Networks extended Prisma Access capabilities in 2022. New features include better integration with Prisma SD-WAN, enhancements to the explicit proxy and its ZTNA component, and initial SSPM capabilities. New features are seen first in the Innovation edition of the platform. Palo Alto Networks acquired Crusoe Security for RBI in July of 2022.

Challengers

With Palo Alto Networks now in the Leaders quadrant, California-centric Cisco stands tall as the sole Challenger. Cisco’s primary products for SSE are part of multiple product lines, including Cisco Umbrella, Cisco+ Secure Connect, and Duo. It also has an extensive portfolio of infrastructure, networking, and security products. In 2022, Cisco launched its Cisco+ Secure Connect service, focusing on single vendor SASE and integrating elements of SSE with its existing Meraki SD-WAN (though this only supports 5,000 users). Cisco also extended its DLP capabilities to include EDM and has delivered the ability to apply it across cloud access security broker (CASB) and secure web gateway (SWG) channels.

Visionaries

New to the Visionaries quadrant and souring straight to the top is Skyhigh Security. Its SSE offering is the Skyhigh Security Service Edge. Another California-native company, Skyhigh, has a wide geographic presence. Its customers range from small to very large, and come from all industries. At the start of 2022, Symphony Technology Group separated McAfee enterprise into the cloud business (now Skyhigh Security) and the endpoint business (now Trellix). Skyhigh Security continues to integrate with Trellix products, and they share the same DLP classifiers for the Trellix Enterprise DLP and Skyhigh’s Cloud DLP. Skyhigh Security is responsible for the development of the DLP engine that both companies use.

From Niche to Visionary, Forcepoint points to Forcepoint ONE as its SSE solution. The Texas-based company started retiring its legacy cloud security products and offering migration options to its legacy customers onto Forcepoint ONE, including last year’s top Visionary, Bitglass, who were acquired by Forcepoint in 2021. 2022 also saw the integration of Zero Trust Content Disarm and Reconstruction, DLP, and RBI technologies into Forcepoint ONE. Forcepoint has a good presence globally, and customers include a mix of large and midsize enterprises. The acquisition of Bitglass provides Forcepoint with a more consolidated SSE offering for these clients than its legacy cloud offerings.

No need to look out for Lookout, as the San Francisco-based company retains its presence in the Visionaries quadrant. Lookout’s SSE offering includes CASB, SWG, and ZTNA services. Lookout also offers mobile endpoint security products. Its operations are concentrated in North America and EMEA, with a smaller presence in Asia/Pacific. It serves primarily midsize and large enterprises across many industries. Lookout has made additional integration of its RBI services and added an FWaaS capability to its platform. While not directly SSE-related, Lookout also acquired SaferPass for password management to support its overall work-from-home strategy.

Niche Players

In the Niche Players quadrant, cybersecurity giant Broadcom holds its top position from last year, with iboss right behind them. Since its acquisition of Symantec in 2019, Broadcom has focused on building an enterprise software business. In May 2022, Broadcom announced its intention to acquire VMware. Other product changes from Broadcom include terminating its OEM FWaaS service, launching its own offering, and building a combined agent for all SSE services and enterprise data loss prevention (DLP). In 2022, Boston-based iboss extended the risk scoring for users in the Zero Trust Edge platform and added new DLP capabilities to the platform. It has expanded its managed security service provider (MSSP) partnerships to include Verizon, and added technology integrations with both SentinelOne and CrowdStrike. iboss also achieved FedRAMP Moderate certification during 2022 and focused very firmly on its alignment with NIST 800-207 as an approach to the market.

Versa saw themselves out, with Cloudflare taking their seat in the Niche Players quadrant. Cloudflare’s primary SSE offering is Cloudflare Zero Trust. It includes the integrated functionality for SSE and a freemium option. In addition, Cloudflare offers a variety of network and zero-trust services as a la carte offerings. In the past year, Cloudflare acquired Vectrix to provide API visibility into SaaS applications and Area 1 Security for email security. It also released clientless web isolation and SSH command logging for its platform.

Read Gartner’s 2023 Magic Quadrant for SSE.

The post What’s Changed: 2023 Gartner Magic Quadrant for SSE appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.

The editors at Solutions Review have curated this list of the most noteworthy identity management and information security news for the week of April 21. This curated list features identity management and information security vendors such as Snowflake, Darwinium, Quorum Cyber, and more.

Keeping tabs on all the most relevant identity management and information security news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month, in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy identity management and information security news items.

Widget not in any sidebars

Identity Management and Information Security News for the Week of April 21

Snowflake Teams Up with Comcast; Launch New Platform, DataBee

Comcast Technology Solutions (CTS) and Snowflake, a data cloud provider, have collaborated to produce and host DataBee, a cloud-native data fabric platform for security, risk and continuous controls monitoring, according to a prepared statement. DataBee enables large enterprises to perform multiple security functions, including identifying potential cybersecurity threats against systems, data and enterprise users, the company said. Snowflake is a strategic partner in the development and launch of DataBee, which operates on the Snowflake Data Cloud, where data is stored, processed and analyzed. DataBee, which is tied to CTS’ strategy to improve operations and cybersecurity oversight, is offered by a newly created cybersecurity business unit within CTS. The cybersecurity wing is focused on delivering Comcast-developed enterprise-level security innovations to market. DataBee spans security, risk, privacy and security controls compliance missions with use cases in advanced threat detection, threat hunting, continuous controls assurance, SIEM decoupling, behavioral analysis and more, the company said.

Read on for more.

NIST Assessment: “Veridas Facial Biometrics Among The Four Best in the World”

Veridas, a Spanish technology company specializing in digital identity and biometrics, is positioned in fourth place among the best facial biometrics engines among the nearly 150 algorithms submitted to the evaluation conducted by the National Institute of Standards and Technology (NIST), considered the most prestigious body in the assessment of biometric engines in the world. Veridas joins the world elite in this sector. The company from Navarre has achieved its best result in the most demanding category possible: the evaluation of one out of many (1:N) with a sample size (N) of 12 million. Specifically, it has registered a False Negative Identification Rate (FNIR) of 0.0232 for a False Positive Identification Rate (FPIR) of 0.001. Thus, when searching for a known subject in a database of 12 million records, the Veridas engine will find the correct individual as the first candidate 97.68 percent of the time. This facial biometric engine is also the same one that is already available in production for the company’s more than 250 Tier 1 customers in more than 25 countries.

Read on for more.

Darwinium Launches New Fraud Prevention Platform

Darwinium this week announced the launch of its Continuous Customer Protection platform. Appropriate use cases for the Darwinium platform include account security, scam detection, account takeover, fraudulent new accounts/synthetic identities and bot intelligence. Darwinium’s executive team will be onsite to demonstrate its Continuous Customer Protection platform at RSA Conference 2023 in San Francisco, Calif., April 24-27, Booth ESE-38 South Expo Hall Level 2, at Moscone Center.

Read on for more.

Sift Appoints Industry Veteran Armen Najarian as Chief Marketing Officer

Sift, a digital trust and safety solutions provider, announced that it has appointed Armen Najarian as Chief Marketing Officer. Najarian comes to Sift with more than 20 years of marketing experience and expertise in creating award-winning marketing programs at several fraud prevention and digital identity companies. Najarian’s success in brand strategy, team building, and revenue generation was instrumental in three company exits, including Agari and ThreatMetrix, which were acquired by HelpSystems (now Fortra) and LexisNexis Risk Solutions respectively. He also held marketing leadership roles during DemandTec’s initial public offering and subsequent sale to IBM. Najarian was most recently CMO at Outseer, a spinout of RSA Security, where he drove the new corporate identity and stood up a new worldwide marketing organization.

Read on for more.

SandboxAQ Unveils End-To-End Security Suite

SandboxAQ unveiled its latest product offering: the SandboxAQ Security Suite. Developed by SandboxAQ’s team of enterprise software engineers and cryptography experts, the product provides an end-to-end solution for cryptographic vulnerability scanning and remediation. Both commercial and public sector customers use this software to maintain compliance, enforce policies, safeguard sensitive data, and strengthen their overall security posture, protecting both data in motion and data at rest. The Security Suite includes one module to provide customers with discovery and continuous inventory of vulnerable cryptography and another module, currently available for preview to select customers, for encryption remediation and supervised enforcement. These modules are integrated into a Control Center, which presents customers with an actionable dashboard view of their organization’s complete cryptographic infrastructure. The Security Suite’s Cryptosense module combines the Cryptosense Analyzer Platform, a trusted encryption management tool used by multiple customers, with the SandboxAQ Network Analyzer. This single, integrated tool offers the “industry’s first” complete solution for cryptographic inventory that includes analysis and inventory of filesystems, applications, and networks.

Read on for more.

Waiting for Quantum Computers to Arrive, Software Engineers Get Creative

Lacking quantum computers that customers can use today to get an advantage over classical computers, these startups are developing a new breed of software inspired by algorithms used in quantum physics, a branch of science that studies the fundamental building blocks of nature. Once too big for conventional computers, these algorithms are finally being put to work thanks to today’s powerful artificial intelligence chips, industry executives told Reuters.

Read on for more.

Quorum Cyber Sets Sights on North American Market

UK-based cybersecurity firm Quorum Cyber has announced its intention to focus on the North American market after achieving impressive year-over-year growth. The company was founded in 2016 and has grown organically to approximately 200 employees, serving over 150 customers across four continents. Quorum Cyber achieved year-over-year revenue growth of 95 percent from FY21 to FY22. The company’s notable revenue increase is partly attributed to its new or enhanced cybersecurity offerings, such as Managed Extended Detection & Response (XDR), Microsoft Sentinel Managed Detection & Response (MDR) service, recognition as a Microsoft-verified MXDR solution provider, and professional services offerings. Quorum Cyber will debut into the U.S. market, demonstrating its solutions at the RSA Conference on April 26th from 5 to 6 pm PT in San Francisco at stand #6044N.

Read on for more.

Expert Insights Section

Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.

4 Best Cybersecurity Courses Available on Udacity in 2023

The growing importance of cybersecurity best practices and techniques for protecting against hackers is becoming paramount in the enterprise. The cybersecurity landscape is evolving in real-time, which has organizations scrambling to fortify their IT architectures soundly. Coupled with this, security engineering and analysis are becoming priorities no company can ignore, as they complement the threat hunting and threat intelligence gathering initiatives. With this in mind, the editors at Solutions Review have compiled this list of cybersecurity courses on Udacity to consider. Udacity is perfect for those looking to take multiple courses or acquire skills in multiple different areas, or for those who want the most in-depth experience possible through access to entire course libraries or learning paths. In sum, Udacity is home to more than 160,000 students in more than 190 countries.

Read on for more.

Data-in-Use Encryption Key to Curtailing Cross-Border Cybercrime

Daily headlines jolt us into the reality that yet another company and its customers have fallen prey to cyber-criminals selling usernames, passwords, and personally identifiable information (PII) on the dark web. Cyber-criminals have a security stack on the dark web enabling them to conduct their business anonymously, which is far superior to the relative transparency law-abiding organizations must use to run their business. What can we do? How can we prevail against international cyber-criminals and organizations? Although many systems and methodologies are on the market for preventing, thwarting, and discouraging cyber-attacks, it’s virtually impossible to protect data from every possible attack vector and theft perfectly.

Read on for more.

Widget not in any sidebars

The post Identity Management and Information Security News for the Week of April 21; Snowflake, Darwinium, Quorum Cyber, and More appeared first on Best Information Security SIEM Tools, Software, Solutions & Vendors.