The bad guys are using ChatGPT. There has been a rise in the number of novel attacks meant to bypass legacy rules and IOC-based systems, including zero-day nation-state attacks, insider threats, "living off the land" attacks, model poisoning of AI/ML solutions, and prompt injection for LLM-based systems.
In the new...
Cloud-native application protection platforms are emerging as a game-changing solution to the evolving challenges in cloud security. Mattan Shalev, head of product management at Wiz, outlined the power of CNAPPs in reducing risk and fortifying cloud security.
Applications rely on lines of code to provide business value, but too much of that code is inherently dirty, full of inconsistencies and vulnerabilities. Olivier Gaudin, co-founder and CEO of Sonar, said organizations need clean code that is consistent, intentional, adaptable and responsible.
DDoS attacks often disrupt the normal functioning of a targeted server, service or network by overwhelming it with a flood of traffic. KillNet, a collective of Russian-aligned hacktivists known for its DDoS attacks, gained attention by successfully taking down several U.S. government websites.
Organizations are facing "a myriad of challenges" as they move their resources to the cloud and increasingly rely on third parties, said Island Chief Customer Officer Bradon Rogers. Part of the problem, he said, is that consumer browsers were "never built for living in the enterprise."
Virtual desktop infrastructure has been around for years as an option to secure hardware and systems, but VDI often causes friction for the business and can be unpopular with users. Island is taking on those challenges with its Enterprise Browser by managing everything in the browser.
The geopolitical upheavals of the last few years have led to a huge uptick in cybercrime driven by nation-state threat actors. Cyberwarfare has become new age terrorism, and critical infrastructure industries such as healthcare are taking the brunt of the risk, said Yevgeny Dibrov, CEO at Armis.
Exploring new ways to offer security as a service from his organization to external customers is an exciting challenge and opportunity, says Sean Mack, CIO and CISO of publishing company Wiley. He also discusses aligning security investments with the company's biggest business risks and goals.
It's not the emerging technology or the increasingly complex threat landscape. Instead, people and process are what prove to be consistently the most challenging parts of the job for Caleb Sima, chief security officer at Robinhood.
Beyond advising the seniormost levels of the business in the strategic use of technology, the need to recruit new cybersecurity professionals often also tops the list of tasks facing today's security leaders, says Rob Hornbuckle, CISO of Allegiant Air.
Building out a threat intelligence program is no easy feat for even the largest and most resource-rich organizations, and the challenges are only amplified for smaller companies that have limited budget or personnel, according to AJ Nash, ZeroFox's vice president of threat intelligence.
The emergence of remote working, the cloud, and digital transformation initiatives are prompting companies to look toward replacing traditional on-premises firewalls, say Perimeter 81 co-founder and CEO Amit Bareket and CMO Gily Netzer. They discuss the future of securing hybrid work environments.
"I'm concerned that at some point the Russians are going to launch cyber retaliatory attacks against the United States at election infrastructure and the transportation, financial and energy sectors," says Elvis Chan, supervisory special agent at the San Francisco Division of the FBI.
Cybersecurity demands and risks have increased at a very high rate due to the recent transformations faced around the world. As a result, the development of cybersecurity professionals in the area has not kept up with these needs, says EDP Brazil CISO Milton Almeida.
Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.