Artificial intelligence can solve really old problems around data wrangling and data protection that are essential to many security investigations, said Norwest Ventures' Rama Sekhar. The VC firm is looking at emerging companies that use large language models to automatically clean up data.
Cybersecurity expert Mikko Hypponen recently got sent "LL Morpher," a new piece of malware that uses OpenAI's GPT to rewrite its Python code with every new infection. While more proof-of-concept than current threat, "the whole AI thing right now feels exciting and scary at the same time," he said.
Organizations must extend identity protection beyond employees to safeguard contractors, supply chain partners, software bots and intelligent devices, said SailPoint CEO Mark McClain. Businesses struggle to keep up with what applications or data non-employee or non-human identities need access to.
Network segmentation and microsegmentation are ways to contain cyberattacks and prevent lateral spreading. Within the cloud, network segmentation ties into zero trust. Yet the diversity of information systems with different levels of criticality poses a challenge to implementing zero trust.
2023 is the year of exposure, said Cyentia Institute's Wade Baker. Exposure dominated Cyentia research this year, and many breaches were linked to mistakes in vulnerability management and poorly managed identities. Organizations are struggling with prioritizing hardware and software vulnerabilities.
Generative AI tools such as ChatGPT have created quite a buzz. Cybersecurity defenders are excited about the prospect of simplifying coding but are concerned about security and privacy issues. SentinelOne’s Milad Aslaner said security teams should get to know emerging AI - before the criminals do.
Companies have taken a hatchet to their "innovation budget" amid economic headwinds, making it difficult for startups to hit their sales projections, said Momentum Cyber's Dino Boukouris. Long sales cycles for early-stage startups have resulted in them burning through cash faster than anticipated.
Complexity has made it tough for organizations to be secure and efficient, which is driving many customers to look at vendor consolidation, said Palo Alto Networks President BJ Jenkins. Organizations that deploy a lot of point solutions are stuck finding a way to make all the products work together.
Thoma Bravo has agreed to spend $12 billion on three high-profile identity acquisitions to help with the transition from on-premises licenses to cloud-based subscriptions. Vendors in the space must expand their customer success organization and shift incentives for the salesforce, said Chip Virnig.
Organizations looking to adopt zero trust architectures are increasing pursuing service mesh rather than microsegmentation due to new innovations, said Ballistic Ventures General Partner Barmak Meftah. Microsegmentation excels at limiting the attack surface but comes with major overhead expense.
White House cybersecurity priorities: The Biden administration continues to have a "relentless focus" on improving critical infrastructure security, disrupting ransomware and combating the illicit use of cryptocurrency, said Deputy National Security Adviser Anne Neuberger.
The lack of proper monitoring and logging can make it difficult for companies to effectively address breaches. Many companies do not have logs turned on or do not properly configure them to track and record what is necessary. Without logs, the response to a breach can be significantly slower.
As ransomware actors get innovative and attacks keep growing at a brisk pace, threat intelligence and incident response plans are now more vital for businesses. But responding calmly in all that chaos is equally important and should be done the right way, said Palo Alto Networks' Wendi Whitmore.
The investment appetite is quite the opposite of what it was in the past two years. Investors are more cautious, and valuations are much lower. Yet, venture capitalists have identified a few hot technology domains and are pursuing companies with those technology innovations.
Mass exploitation campaigns are the latest of many criminal innovations in 2023. Based on tracing ransom payments, they weren't very profitable. But ransomware actors do love their zero-days, said Allan Liska, principal intelligence analyst at Recorded Future.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.