Daily Tech Digest - July 20, 2024

CrowdStrike’s IT outage makes it clear why cyber resilience matters

“This was not a code update. This was actually an update to content. And what that means is there’s a single file that drives some additional logic on how we look for bad actors. And this logic was pushed out and caused an issue only in the Microsoft environment,” CrowdStrike CEO and founder George Kurtz told Jim Cramer during an interview on CNBC earlier today. Trustwave CISO Kory Daniels recently said that “boards have begun asking the question: Is it important to have a formally titled chief resilience officer?” VentureBeat has learned that more boards of directors are adding cyber resilience to their broader risk management project teams. High-profile ransomware attacks that create chaos across supply chains are among the most costly for any business to withstand, as the United Healthcare breach makes clear. Outages caused by misconfigurations highlight the need for a unique form of cyber resilience so actively pursued that it becomes a core part of a company’s DNA. Misconfigured updates will continue to cause global outages. That goes with the territory of an always-on, real-time world defined by intricate, integrated systems. 


Federal judge greenlights securities fraud charges against SolarWinds and its CISO

“The biggest message for CISOs is that they need to make sure that not only must the board and senior management know about all risks, but they need to reflect that in whatever they tell third-parties and investors.” Brian Levine, a former federal prosecutor who today serves as the managing director at Ernst & Young overseeing cybersecurity strategies, agreed, saying “for SolarWinds, this was not a good result. The court found that they engaged in the most serious conduct, which is securities fraud.” But Levine said the bulk of the decision was more bad news for the SEC than it was good news for SolarWinds. “Agencies like the SEC are not used to bringing charges and losing on most of them,” Levine said. “For the court to find so many of the SEC theories were overreaches or incorrect is unusual. It will make some at the SEC think about how aggressive they want to be in using untested theories going forward.” Levine said he saw the ruling delivering a small message to enterprise security leaders: “Smart CISOs may be more careful about what they say in public statements. And also, whether they make public statements about their security at all. You don’t get much credit for making them,” and there is a potential downside.


The Looming Crisis in the Data Observability Market

Enterprises should push for standards and openness from observability. The reason isn’t simply technical. The real problem with closed systems is that they limit value. Today, enterprises express grave concerns about skyrocketing observability costs because they are locked into overpaying for different tools that do the same task in other areas of the organization. In contrast, tools that adhere to OTel are beginning to emerge, and these are better able to collect, export, and analyze telemetry data from any source. With the spread of OTel and the development of a standard observability operating system, enterprises will own the data they generate, with no vendor lock-in at any point along the observability and monitoring path. Today, the reality is that costs are skyrocketing because the network team will use one tool, security relies on something else, and e-commerce prefers yet another. Each team needs observability to optimize performance, but they wouldn’t need to keep overpaying for duplicate tools if they genuinely owned their data. This means that it is vitally essential for observability buyers to insist on open standards and APIs in general and OTel in particular for observability. 


Using Threat Intelligence to Predict Potential Ransomware Attacks

The information gathered by threat intelligence initiatives include details about cyberattack plans, methods, bad actor groups that pose a threat, possible weak spots within the organization’s current security infrastructure and more. By gathering information and conducting data analysis, threat intelligence tools can help organizations identify, understand, and proactively defend against attacks. Threat intelligence can help thwart attacks before they occur and strengthen an organization’s security infrastructure. This means that security analysts can utilize threat intelligence to refine their research and locate the malicious actor who is either planning or executing a ransomware attack. ... Additionally, threat intelligence platforms can utilize machine learning, automated correlation processing, and artificial intelligence to pinpoint specific cyber breach occurrences and map patterns of behavior across instances. For example, analysts can easily recognize the common tactics, techniques, and procedures used by current ransomware attack groups. By identifying common attack methods, organizations can better prepare to disarm the effectiveness of these methods and prevent an attack.


16 Effective Strategies For Measuring Reputation Risk

An early indicator of reputation risk is employee behavior changes and feedback. Measure these via internal surveys and turnover rates. Employees experience the repercussions of external reputation issues firsthand, which can be early indicators of deeper problems. This not only helps detect internal issues that could spill over into public perception, but it also encourages healthy corporate culture. ... Reputation risk comes in many forms, seen and hidden. Being sensitive to customer sentiment, employee feedback, media perception and other stakeholders is important. Using a combination of tools such as media monitoring, social media analytics across multiple platforms and customer and employee surveys can help a company detect negative signals and take corrective action before the risk escalates. ... It's important to define what reputational "risk" really means for your company. The risk could take the form of negative coverage or critical sentiment on social media, but inconspicuousness can present a profound threat, particularly for startups or companies looking to transform a legacy brand. Not all press is good press, but risk aversion to the point of invisibility can be a risk, too.


Safeguard Personal and Corporate Identities with Identity Intelligence

The ways that cybercriminals get their hands on credentials vary. Phishing schemes – deceptive emails designed to trick recipients into divulging their credentials – in one way. Another method that's gaining in popularity is Stealer Malware. Stealers are a category of malware that harvest credentials such as usernames, passwords, cookies, and other data from infected systems. Other tactics include brute force attacks, where threat actors use tools to automatically generate passwords and then try them out one by one to access a user account, and social engineering tactics, in which threat actors manipulate users into giving away sensitive information. According to some estimates, by trying one million random combinations of emails and passwords, attackers can potentially compromise between 10,000 and 30,000 accounts. ... Robust security measures like multi-factor authentication (MFA) and consistent, stringent employee training and enforcement of data protection policies can help make companies less vulnerable to this type of threat. However, missteps happen. And when they do, security teams must be immediately alerted when any compromised access is discovered on dark web marketplaces. This is where identity intelligence comes in.

With manufacturing systems becoming more complex, AI-driven data pattern recognition is crucial for sharpening quality control, predicting equipment issues, and optimizing production for fewer defects, higher Overall Equipment Effectiveness (OEE), and significant cost savings. With Industry 4.0 and the emergence of Industry 5.0, there will be too much data being generated every second for the human mind to cope with — AI will become an indispensable tool for manufacturers ... As roles evolve, workers will need new skills. Providing them with the necessary tools and training to work alongside, and be augmented by, AI will ensure a productive synergy between human ingenuity and machine efficiency. AI greatly enhances the value proposition of connected worker platforms by empowering the worker with capabilities and insights designed to further optimize their performance. ... With AI-powered systems, manufacturers can now optimize their operations and make more informed decisions, leading to reduced waste and improved efficiency. The IFS AI research found respondents think AI can have the biggest impact on sustainability through designing better flow in manufacturing processes to improve efficiency.


A&M: AI in Fintech – A Double-Edged Sword for Cybersecurity

“It is essential that fintechs are abreast of the latest challenges and the solutions that are available to ensure that they are best able to protect both their customers and their business,” he says. “One only has to look at how 'well' deepfakes have developed over the past couple of years to see how things are progressing… never mind the impact GenAI will have on the quality and realism of such attacks.” While cybersecurity aims must remain at the forefront of financial institutions’ thinking, Phil reminds us there is ‘no silver bullet’ solution to solve the issue of fraudsters today. “It is a case of improving awareness, research and knowledge to ensure that practices, procedures and technologies are implemented to improve protection,” he continues. “One of the most commonly overlooked elements of this is training and awareness, as this can be a key control in helping mitigate risk.” ... “The emergence of new fraud typologies (particularly more sophisticated APP fraud) has led to a change in mindset in recent years – FS institutions are now increasingly aware that educational initiatives, especially when tailored to the customer base in question, form a critical component of their preventative fraud controls.”


Khan believes that AI and human intelligence can be combined, dispelling the fear that AI may eventually replace humans as it advances in its ability to perform tasks. "The study examines the challenges in incorporating AI technology in real-world industrial applications and how IA can improve process monitoring, fault detection, and decision-making to improve process safety," Amin said. Khan contends that AI will improve safety by analyzing real-time data, predicting maintenance needs, and automatically detecting faults. However, the IA approach, using human decision-making, is also expected to reduce incident rates, lower operational costs, and increase reliability. "The application of AI in chemical engineering presents significant challenges, which means it is not enough to ensure comprehensive process safety," Sajid said. ... AI risks include data quality issues, overreliance on AI, lack of contextual understanding, model misinterpretation, and training and adaptation challenges. On the other hand, the risks associated with IA include human error in feedback, conflict in AI-HI decision-making, biased judgment, complexity in implementation, and reliability issues.


Energy and the promise of AI

The acquisition of electricity is becoming a limiting factor in running data centers, and hyperscale customers have turned to nuclear power as a way of powering their data centers with zero-carbon generation. ... While there is potential for reducing the power consumption required for AI workloads through new algorithms and approaches, more power-efficient GPUs, and new sources of power, today, direct-to-chip liquid cooling (DLC) offers the most immediate opportunity to reduce PUE and improve power efficiency, with PUE of 1.06 achieved in practice through DLC. In addition, the latest high core-count server CPUs have improved core/watt performance, allowing data center footprint reduction and the associated power savings while achieving the same level of performance as older systems. Many of these systems will also benefit from DLC due to the increased processor TDP needed for these higher core counts. While many data center operators want the latest and fastest CPU and GPU-based systems, there is an opportunity to investigate the right match for the agreed-upon SLAs and the energy required for the servers.



Quote for the day:

"A leader should demonstrate his thoughts and opinions through his actions, not through his words." -- Jack Weatherford

No comments:

Post a Comment