A startup founded by the longtime leader of Secdo and backed by the likes of Qumra Capital and Accel could soon be acquired by Tenable. The company is in advanced negotiations to purchase cloud infrastructure security startup Ermetic in a deal valued at between $300 million and $350 million.
One-fourth of APAC healthcare organizations over the past year paid a ransom to recover encrypted files and systems, and a greater share incurred losses exceeding $1 million to cyberattacks. A survey by cybersecurity firm Claroty found that defenders are understaffed and using outdated technology.
Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.
While a significant number of attacks are not yet AI-driven, there's a noticeable shift in the creation of generative malware and lures for business email compromise, warned Ashan Willy, CEO at Proofpoint. LLMs are being used to create enticing lures in foreign languages to target broader audiences.
Will AI take my job? Maybe or maybe not. But it can certainly help ease the shortage of skilled workers by automating routine tasks and supplementing human skills. Jon France, CISO at ISC2, sheds light on how generative artificial intelligence is addressing this critical challenge.
As the digital landscape evolves, security teams need skills and training platforms that can provide the right resources for an organization "by showing what someone has got in terms of skills, without necessarily fully relying on their CVs," said Jess Burn, senior analyst at Forrester.
Recent legal actions against CISOs have spawned a debate on whether security leaders should be held accountable for security incidents. CISOs should manage this shifted liability through real-time documentation and collaboration with law enforcement, said attorney Stephen Reynolds.
Grant Bourzikas shared his experience as the new CISO at Cloudflare, highlighting a 90-day period during which he engaged with customers, internal nonsecurity personnel, executives and his team to gather insights on Cloudflare's security landscape.
Sharing information and threat intelligence "collectively" is critical in order for health and public health sector entities to be able to defeat their cyber adversaries, said Nitin Natarajan, deputy director of the Cybersecurity Information and Security Agency.
Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part because legitimate tools can be "jailbroken" to achieve similar results. What are they really achieving?
Changing technologies and markets require adapting an organization's overall cybersecurity strategy, including the scope of our risk management, and then reviewing and adjusting our operational program to deliver the revised vision, said Akm Hasan, head of cybersecurity at Hays PLC.
Many security awareness training programs fail because organizations don't understand the risks they face, said Culture AI's John Scott. He said a successful training program "will help people by making sure that it's targeting the behaviors that address the key risks for the organization."
ServiceNow wants to apply generative AI to its knowledge around how customer environments are configured to help organizations harden their digital attack surface. Security product leader Lou Fiorello said ServiceNow will use generative AI to leverage its presence across the entire enterprise.
Employees need technology that is easy to use and free of errors and that directs them to appropriate cybersecurity guidance when they have questions. Basically, they need technology that helps them to help themselves work more securely, said university professor Steve Furnell.
Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. It's also about people and process, he said, with the ultimate goal of adding value to what the business is trying to do. Watts discussed how security leaders can achieve this goal.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.in, you agree to our use of cookies.