CrowdStrike’s IT outage makes it clear why cyber resilience matters
“This was not a code update. This was actually an update to content. And what
that means is there’s a single file that drives some additional logic on how
we look for bad actors. And this logic was pushed out and caused an issue only
in the Microsoft environment,” CrowdStrike CEO and founder George Kurtz told
Jim Cramer during an interview on CNBC earlier today. Trustwave CISO Kory
Daniels recently said that “boards have begun asking the question: Is it
important to have a formally titled chief resilience officer?” VentureBeat has
learned that more boards of directors are adding cyber resilience to their
broader risk management project teams. High-profile ransomware attacks that
create chaos across supply chains are among the most costly for any business
to withstand, as the United Healthcare breach makes clear. Outages caused by
misconfigurations highlight the need for a unique form of cyber resilience so
actively pursued that it becomes a core part of a company’s DNA. Misconfigured
updates will continue to cause global outages. That goes with the territory of
an always-on, real-time world defined by intricate, integrated
systems.
Federal judge greenlights securities fraud charges against SolarWinds and its CISO
“The biggest message for CISOs is that they need to make sure that not only
must the board and senior management know about all risks, but they need to
reflect that in whatever they tell third-parties and investors.” Brian Levine,
a former federal prosecutor who today serves as the managing director at Ernst
& Young overseeing cybersecurity strategies, agreed, saying “for
SolarWinds, this was not a good result. The court found that they engaged in
the most serious conduct, which is securities fraud.” But Levine said the bulk
of the decision was more bad news for the SEC than it was good news for
SolarWinds. “Agencies like the SEC are not used to bringing charges and losing
on most of them,” Levine said. “For the court to find so many of the SEC
theories were overreaches or incorrect is unusual. It will make some at the
SEC think about how aggressive they want to be in using untested theories
going forward.” Levine said he saw the ruling delivering a small message to
enterprise security leaders: “Smart CISOs may be more careful about what they
say in public statements. And also, whether they make public statements about
their security at all. You don’t get much credit for making them,” and there
is a potential downside.
The Looming Crisis in the Data Observability Market
Enterprises should push for standards and openness from observability. The
reason isn’t simply technical. The real problem with closed systems is that
they limit value. Today, enterprises express grave concerns about skyrocketing
observability costs because they are locked into overpaying for different
tools that do the same task in other areas of the organization. In contrast,
tools that adhere to OTel are beginning to emerge, and these are better able
to collect, export, and analyze telemetry data from any source. With the
spread of OTel and the development of a standard observability operating
system, enterprises will own the data they generate, with no vendor lock-in at
any point along the observability and monitoring path. Today, the reality is
that costs are skyrocketing because the network team will use one tool,
security relies on something else, and e-commerce prefers yet another. Each
team needs observability to optimize performance, but they wouldn’t need to
keep overpaying for duplicate tools if they genuinely owned their data. This
means that it is vitally essential for observability buyers to insist on open
standards and APIs in general and OTel in particular for
observability.
Using Threat Intelligence to Predict Potential Ransomware Attacks
The information gathered by threat intelligence initiatives include details
about cyberattack plans, methods, bad actor groups that pose a threat,
possible weak spots within the organization’s current security infrastructure
and more. By gathering information and conducting data analysis, threat
intelligence tools can help organizations identify, understand, and
proactively defend against attacks. Threat intelligence can help thwart
attacks before they occur and strengthen an organization’s security
infrastructure. This means that security analysts can utilize threat
intelligence to refine their research and locate the malicious actor who is
either planning or executing a ransomware attack. ... Additionally, threat
intelligence platforms can utilize machine learning, automated correlation
processing, and artificial intelligence to pinpoint specific cyber breach
occurrences and map patterns of behavior across instances. For example,
analysts can easily recognize the common tactics, techniques, and procedures
used by current ransomware attack groups. By identifying common attack
methods, organizations can better prepare to disarm the effectiveness of these
methods and prevent an attack.
16 Effective Strategies For Measuring Reputation Risk
An early indicator of reputation risk is employee behavior changes and
feedback. Measure these via internal surveys and turnover rates. Employees
experience the repercussions of external reputation issues firsthand, which
can be early indicators of deeper problems. This not only helps detect
internal issues that could spill over into public perception, but it also
encourages healthy corporate culture. ... Reputation risk comes in many forms,
seen and hidden. Being sensitive to customer sentiment, employee feedback,
media perception and other stakeholders is important. Using a combination of
tools such as media monitoring, social media analytics across multiple
platforms and customer and employee surveys can help a company detect negative
signals and take corrective action before the risk escalates. ... It's
important to define what reputational "risk" really means for your company.
The risk could take the form of negative coverage or critical sentiment on
social media, but inconspicuousness can present a profound threat,
particularly for startups or companies looking to transform a legacy brand.
Not all press is good press, but risk aversion to the point of invisibility
can be a risk, too.
Safeguard Personal and Corporate Identities with Identity Intelligence
The ways that cybercriminals get their hands on credentials vary. Phishing
schemes – deceptive emails designed to trick recipients into divulging their
credentials – in one way. Another method that's gaining in popularity is
Stealer Malware. Stealers are a category of malware that harvest credentials
such as usernames, passwords, cookies, and other data from infected systems.
Other tactics include brute force attacks, where threat actors use tools to
automatically generate passwords and then try them out one by one to access a
user account, and social engineering tactics, in which threat actors
manipulate users into giving away sensitive information. According to some
estimates, by trying one million random combinations of emails and passwords,
attackers can potentially compromise between 10,000 and 30,000 accounts. ...
Robust security measures like multi-factor authentication (MFA) and
consistent, stringent employee training and enforcement of data protection
policies can help make companies less vulnerable to this type of threat.
However, missteps happen. And when they do, security teams must be immediately
alerted when any compromised access is discovered on dark web marketplaces.
This is where identity intelligence comes in.
With manufacturing systems becoming more complex, AI-driven data pattern
recognition is crucial for sharpening quality control, predicting equipment
issues, and optimizing production for fewer defects, higher Overall Equipment
Effectiveness (OEE), and significant cost savings. With Industry 4.0 and the
emergence of Industry 5.0, there will be too much data being generated every
second for the human mind to cope with — AI will become an indispensable tool
for manufacturers ... As roles evolve, workers will need new skills. Providing
them with the necessary tools and training to work alongside, and be augmented
by, AI will ensure a productive synergy between human ingenuity and machine
efficiency. AI greatly enhances the value proposition of connected worker
platforms by empowering the worker with capabilities and insights designed to
further optimize their performance. ... With AI-powered systems, manufacturers
can now optimize their operations and make more informed decisions, leading to
reduced waste and improved efficiency. The IFS AI research found respondents
think AI can have the biggest impact on sustainability through designing
better flow in manufacturing processes to improve efficiency.
A&M: AI in Fintech – A Double-Edged Sword for Cybersecurity
“It is essential that fintechs are abreast of the latest challenges and the
solutions that are available to ensure that they are best able to protect both
their customers and their business,” he says. “One only has to look at how
'well' deepfakes have developed over the past couple of years to see how
things are progressing… never mind the impact GenAI will have on the quality
and realism of such attacks.” While cybersecurity aims must remain at the
forefront of financial institutions’ thinking, Phil reminds us there is ‘no
silver bullet’ solution to solve the issue of fraudsters today. “It is a case
of improving awareness, research and knowledge to ensure that practices,
procedures and technologies are implemented to improve protection,” he
continues. “One of the most commonly overlooked elements of this is training
and awareness, as this can be a key control in helping mitigate risk.” ...
“The emergence of new fraud typologies (particularly more sophisticated APP
fraud) has led to a change in mindset in recent years – FS institutions are
now increasingly aware that educational initiatives, especially when tailored
to the customer base in question, form a critical component of their
preventative fraud controls.”
Khan believes that AI and human intelligence can be combined, dispelling the fear that AI may eventually replace humans as it advances in its ability to perform tasks. "The study examines the challenges in incorporating AI technology in real-world industrial applications and how IA can improve process monitoring, fault detection, and decision-making to improve process safety," Amin said. Khan contends that AI will improve safety by analyzing real-time data, predicting maintenance needs, and automatically detecting faults. However, the IA approach, using human decision-making, is also expected to reduce incident rates, lower operational costs, and increase reliability. "The application of AI in chemical engineering presents significant challenges, which means it is not enough to ensure comprehensive process safety," Sajid said. ... AI risks include data quality issues, overreliance on AI, lack of contextual understanding, model misinterpretation, and training and adaptation challenges. On the other hand, the risks associated with IA include human error in feedback, conflict in AI-HI decision-making, biased judgment, complexity in implementation, and reliability issues.
Energy and the promise of AI
The acquisition of electricity is becoming a limiting factor in running data
centers, and hyperscale customers have turned to nuclear power as a way of
powering their data centers with zero-carbon generation. ... While there is
potential for reducing the power consumption required for AI workloads through
new algorithms and approaches, more power-efficient GPUs, and new sources of
power, today, direct-to-chip liquid cooling (DLC) offers the most immediate
opportunity to reduce PUE and improve power efficiency, with PUE of 1.06
achieved in practice through DLC. In addition, the latest high core-count
server CPUs have improved core/watt performance, allowing data center
footprint reduction and the associated power savings while achieving the same
level of performance as older systems. Many of these systems will also benefit
from DLC due to the increased processor TDP needed for these higher core
counts. While many data center operators want the latest and fastest CPU and
GPU-based systems, there is an opportunity to investigate the right match for
the agreed-upon SLAs and the energy required for the servers.
Quote for the day:
"A leader should demonstrate his
thoughts and opinions through his actions, not through his words." --
Jack Weatherford
No comments:
Post a Comment