In the latest weekly update, ISMG editors discussed the convergence of the NOC and SOC functions, Scottish Police efforts to address the escalating challenge of cybercrime in Scotland, and why OpenAI is pushing to dismiss certain aspects of The New York Times lawsuit.
In his first week in his new role as interim CEO of SSH Communications Security, Rami Raulas shares insights on the company’s strategic focus on zero trust, operational technology security, and quantum-safe cryptography to address evolving cybersecurity challenges.
The surge in authorized push payment fraud in APAC underscores the urgent need for enhanced cooperation between banks and telecommunications companies. Both players should tap into AI and ML technologies for better fraud detection and real-time authentication, said Mel Migriño of Gogolook.
The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K. Tripp, "We're no longer considering threats as a what-if situation; it's happening now."
In the latest "Proof of Concept," Jeff Brown, CISO for the state of Connecticut, and Lester Godsey, CISO for Maricopa County, Arizona, join ISMG editors to discuss AI-related threats to election security, safeguarding against cyber and physical threats and coordinating efforts for complete security.
Microsegmentation is a fundamental concept in zero trust security, but CISOs should assess its feasibility before diving in. This is particularly true in a public cloud environment where there is no real network policy, said David Holmes, principal research analyst at Forrester.
In the latest weekly update, Jeremy Grant of Venable LLP joins editors at ISMG to discuss the state of secure identity in 2024, the challenges in developing next-generation remote ID proofing systems, and the potential role generative AI can play in both compromising and protecting identities.
In most organizations, the privacy team plays an important role in artificial intelligence implementation and governance. Tarun Samtani, DPO and privacy program director at International SOS, said privacy principles inherently align with the demand for responsible data use of AI technology.
Previous studies on IoT and OT devices have primarily focused on internal components, neglecting open-source components that are crucial for internet and network connectivity, according to Stanislav Dashevskyi and Francesco La Spina, security researchers at Forescout Technologies.
The FDA's multifaceted approach to strengthening medical device security centers on several key areas, including enhanced regulatory oversight, industry collaboration and a recent organizational change that raises the profile of the agency's device work, said the FDA's Dr. Suzanne Schwartz.
In the latest weekly update, four ISMG editors discussed the relatively low profile of cyberwarfare in recent international conflicts, the potential revival of a dormant HIPAA compliance audit program and the security implications of sovereign AI development.
While overall ransomware profits might remain high, many of the remaining or rebooted top-tier groups are "really struggling" with scarce talent, trauma from the Russia-Ukraine war and repeated disruptions by law enforcement, say researchers from threat intelligence firm RedSense.
Synthetic IDs remain a problem not because of a lack of data but because of failure to identify the right data and establish correlations, said Steve Lenderman, co-chair of the Industry Working Groups for the International Association of Financial Crimes Investigators.
In the latest weekly update, Joe Sullivan, CEO of Ukraine Friends, joins three editors at ISMG to discuss the challenges of being a CISO in 2024, growing threats from disinformation, vulnerabilities in MFA, AI's role in cybersecurity, and the obstacles to public-private information sharing.
Venture capital investor Pramod Gosavi discussed the drawbacks of relying on network-centric cybersecurity solutions that are driving up costs. He recommended proactive strategies, such as zero trust, that emphasize minimal access and continuous verification and investments in AI-based technologies.