5 Ways That AI Is Set To Transform Cybersecurity

Cybersecurity has long been notoriously siloed, with organizations installing
many different tools and products, often poorly interconnected. No matter how
hard vendors and organizations work to integrate tools, coalescing all relevant
cybersecurity information into one place remains a big challenge. But AI offers
a way to combine multiple data sets from many disparate sources and provide a
truly unified view of an organization’s security posture, with actionable
insights. And with generative AI, gaining those insights is so easy, a matter of
simply asking the system questions such as “What are the top three things I
could do today to reduce risk?” or “What would be the best way to respond to
this incident report?” AI has the potential to consolidate security feeds in a
way the industry has never been able to quite figure out. Generative AI will
blow up the very nature of data infrastructure. Think about it: All the
different tools that organizations use to store and manage data are built for
humans. Essentially, they’re designed to segment information and put it in
various electronic boxes for people to retrieve later. It’s a model based on how
the human mind works.
Microservices Resilient Testing Framework
Resilience in microservices refers to the system's ability to handle and recover
from failures, continue operating under adverse conditions, and maintain
functionality despite challenges like network latency, high traffic, or the
failure of individual service components. Microservices architectures are
distributed by nature, often involving multiple, loosely coupled services that
communicate over a network. This distribution often increases the system's
exposure to potential points of failure, making resilience a critical factor. A
resilient microservices system can gracefully handle partial failures, prevent
them from cascading through the system, and ensure overall system stability and
reliability. For resilience, it is important to think in terms of positive and
negative testing scenarios. The right combination of positive and negative
testing plays a crucial role in achieving this resilience, allowing teams to
anticipate and prepare for a range of scenarios and maintaining a robust,
stable, and trustworthy system. For this reason, the rest of the article will be
focusing on negative and positive scenarios for all our testing activities.
Skynet Ahoy? What to Expect for Next-Gen AI Security Risks

From a cyberattack perspective, threat actors already have found myriad ways
  to weaponize ChatGPT and other AI systems. One way has been to use the models
  to create sophisticated business email compromise (BEC) and other phishing
  attacks, which require the creation of socially engineered, personalized
  messages designed for success. "With malware, ChatGPT enables cybercriminals
  to make infinite code variations to stay one step ahead of the malware
  detection engines," Harr says. AI hallucinations also pose a significant
  security threat and allow malicious actors to arm LLM-based technology like
  ChatGPT in a unique way. An AI hallucination is a plausible response by the AI
  that's insufficient, biased, or flat-out not true. "Fictional or other
  unwanted responses can steer organizations into faulty decision-making,
  processes, and misleading communications," warns Avivah Litan, a Gartner vice
  president. Threat actors also can use these hallucinations to poison LLMs and
  "generate specific misinformation in response to a question," observes Michael
  Rinehart, vice president of AI at data security provider Securiti. 
Cybersecurity teams need new skills even as they struggle to manage legacy systems
To stay ahead, though, security leaders should incorporate prompt engineering
  training for their team, so they can better understand how generative AI
  prompts function, the analyst said. She also underscored the need for
  penetration testers and red teams to include prompt-driven engagements in
  their assessment of solutions powered by generative AI and large language
  models. They need to develop offensive AI security skills to ensure models are
  not tainted or stolen by cybercriminals seeking intellectual property. They
  also have to ensure sensitive data used to train these models are not exposed
  or leaked, she said. In addition to the ability to write more convincing
  phishing email, generative AI tools can be manipulated to write malware
  despite limitations put in place to prevent this, noted Jeremy Pizzala, EY's
  Asia-Pacific cybersecurity consulting leader. He noted that researchers,
  including himself, have been able to circumvent ethical restrictions that
  guide platforms such as ChatGPT and prompt them to write malware.
The relationship between cloud FinOps and security

Established FinOps and cybersecurity teams should annually evaluate their
  working relationship as part of continuous improvement. This collaboration
  helps ensure that, as practices and tools evolve, the correct FinOps data is
  available to cybersecurity teams as part of their monitoring, incident
  response and post-incident forensics. The FinOps Foundation doesn't mention
  cybersecurity in its FinOps Maturity Model. But, in all rights, FinOps and
  cybersecurity collaboration indicates a maturing organization in the model's
  Run phase. Ideally, moves to establish such collaboration should show
  themselves in the Walk stage. ... Building a relationship between the FinOps
  and cybersecurity teams should start early when an organization chooses a
  FinOps tool. A FinOps team can better forecast expenses, plan budget
  allocation and avoid unnecessary costs by understanding security requirements
  and constraints. These forecasts result in a more cost-effective and
  financially efficient cloud operation, so plan for some level of
  cross-training between the teams.
What is GRC? The rising importance of governance, risk, and compliance

Like other parts of enterprise operations, GRC comprises a mix of people,
  process, and technology. To implement an effective GRC program, enterprise
  leaders must first understand their business, its mission, and its objectives,
  according to Ameet Jugnauth, the ISACA London Chapter board vice president and
  a member of the ISACA Emerging Trends Working Group. Executives then must
  identify the legal and regulatory requirements the organization must meet and
  establish the organization’s risk profile based on the environment in which it
  operates, he says. “Understand the business, your business environment
  (internal and external), your risk appetite, and what the government wants you
  to achieve. That all sets your GRC,” he adds. The roles that lead these
  activities vary from one organization to the next. Midsize to large
  organizations typically have C-level executives — namely a chief governance
  officer, chief risk officer, and chief compliance officer — to oversee these
  tasks, McKee says. These executive lead risk or compliance departments with
  dedicated teams.
Revolutionising Fraud Detection: The Role of AI in Safeguarding Financial Systems

Conventional fraud detection methods, primarily rule-based systems, and human
  analysis, have proven increasingly inadequate in the face of evolving fraud
  tactics. Rule-based systems, while effective in identifying simple patterns,
  often struggle to adapt to the ever-changing landscape of fraud. Fraudsters
  have stronger motivation and they evolve faster than the rules in the rules
  engine. ... The same volumes of data that are overwhelming for traditional
  fraud detection systems are fuel for AI. With its ability to learn from vast
  amounts of data and identify complex patterns, AI is poised to revolutionize
  the fight against fraud. ... While AI offers immense potential, it’s crucial
  to acknowledge the challenges associated with its adoption. Data privacy
  concerns, ethical considerations around algorithmic bias, and the need for
  robust security measures are all critical aspects that demand careful
  attention. As AI opens new frontiers in fraud prevention, unregulated AI
  technology such as deepfake in the wrong hands could also enable sophisticated
  impersonation scams. However, the benefits of AI far outweigh the
  challenges. 
API security in 2024: Predictions and trends
The rapid rate of change of APIs means organizations will always have
  vulnerabilities that need to be remediated. As a result, 2024 will usher in a
  new era where visibility will be a priority for API security strategies.
  Preventing attackers from entering the perimeter is not a 100% foolproof
  strategy. Whereas having real-time visibility into a security environment will
  enable rapid responses from security teams that neutralize threats before they
  impact operations or extract valuable data. ... With the widespread use of
  APIs, especially in sectors such as financial services, regulators are looking
  to encourage transparency in APIs. This means data privacy concerns and
  regulations will continue to impact API use in 2024. In response,
  organizations are becoming weary of having third parties hold and access their
  data to conduct security analyses. We expect to see a shift in 2024 where
  organizations will demand running security solutions locally within their own
  environments. Self-managed solutions (either on-premise or private cloud),
  eliminate the need to filter, redact, and anonymize data before it’s
  stored.
The Terrapin Attack: A New Threat to SSH Integrity

Microsoft’s logic is that the impact on Win32-OpenSSH is limited This is a
  major mistake. Microsoft’s decision allows unknown server-side implementation
  bugs to remain exploitable in a Terrapin-like attack, even if the server got
  patched to support “strict kex.” As one Windows user noted, “This puts
  Microsoft customers at risk of avoidable Terrapin-style attacks targeting
  implementation flaws of the server.” Exactly so. You see, for this protection
  to be effective, both client and server must be patched. If one or the other
  is vulnerable, the entire connection can still be attacked. So to be safe, you
  must patch and update both your client and server SSH software. So, if you’re
  Windows and you haven’t manually updated your workstations, their connections
  are open to attack. While patches and updates are being released, the
  widespread nature of this vulnerability means that it will take time for all
  clients and servers to be updated. Because you must already have an MITM
  attacker in place to be vulnerable, I wouldn’t go spend the holiday season
  worrying myself sick. I mean, you’re sure you don’t already have a hacker
  inside your system, right? Right!?
Supporting Privacy, Security and Digital Trust Through Effective Enterprise Data Management Programs
Those professionals responsible for supporting privacy efforts should
  therefore prioritize effective enterprise data management because it is
  integral to safeguarding individual’s privacy. A well-structured data
  management framework works to ensure that personal information is handled
  ethically and compliant with regulations, while fostering a culture of
  responsible data stewardship within organizations. When done right, this
  reinforces trust with stakeholders, serves as a differentiator in the
  marketplace, improves visibility into data ecosystems, expands reliability of
  data, and optimizes scalability and innovative go to market efforts. ... Most,
  if not all, of the global data privacy laws and regulations require data to be
  managed effectively. To comply with these laws and regulations, organizations
  must first understand the data they collect, the purposes for its collection,
  how it is used, how it is shared, how it is stored, how it is destroyed, and
  so on. Only after organizations have a full understanding of their data
  ecosystem can they begin to implement effective controls to both protect data
  and preserve the ability of the data to achieve intended operational goals.
Quote for the day:
"Too many of us are not living our
    dreams because we are living our fears." -- Les Brown
 
 







/2023/12/27/image/jpeg/X9COYhv8b8fLwbnfq4xE6LBR3pcaE6ukAdd0EiTQ.jpg)

























:format(webp)/cdn.vox-cdn.com/uploads/chorus_asset/file/25134581/236889_EOY_LAPTOPS_CVirginia.jpg)

