Quote for the day:
"Keep your fears to yourself, but share your courage with others." -- Robert Louis Stevenson
Is it Time to Accept that the Current Role of the CISO Has Failed?
First of all, it was never conceived as a true C-level role. It probably
originated in the minds of some organisation consultants, but it never developed
any true C-level weight. Even if it may hurt some, it is my opinion that it was
very rarely given to people with true C-level potential. Second, it was almost
always given to technologists by trade or background, although the underlying
matter is unequivocally cross-functional and has always been: You cannot be
successful around identity and access management for example without the
involvement of HR and business units, and the ability to reach credibly towards
them. ... It has aggregated a mixed set of responsibilities and accountabilities
without building up the right organisational and managerial momentum, and many
CISOs are simply being set up to fail: The role has simply become too complex to
carry for the profile of the people it attracts. To break this spiral, the logic
is now to split the role, stripping off the managerial layers it has accumulated
over the years and refocusing the role of the CISO on its native technical
content so that it can lead effectively and efficiently at that level, while at
the same time bringing up a CSO role able to reach across business, IT and
support function to take in charge the level of corporate complexity
cybersecurity is now amalgamating in large firms.How to Fortify Your Business’s Online Infrastructure Against Downtime
The first step to protecting your online infrastructure against downtime is to assess just how much downtime risk is viable for your business. Understanding how much downtime you can realistically afford is important for developing a sound IT strategy. Your viable downtime limit will define your tolerance to risk and allow you to direct your resources toward systems that keep your systems running optimally as far as possible. The average accepted downtime rate for a website is just 0.05%. That means your systems should experience uptime at least 99.95% of the time. If you have a low risk tolerance – say, for instance, if you rely on an ecommerce platform to generate revenue – investing in IT continuity technology is essential for keeping downtime minimal. ... The first step to safeguarding your organization against cyberattacks is to regularly audit your network security measures. This helps to spot vulnerabilities and address them, ensuring your IT systems are always protected against continuously advancing threats. Begin by creating a map of your existing network infrastructure, including all of its user access points, hardware, and software. This map will allow you to keep track of changes and quickly identify unauthorized changes and additions.Private cloud still matters—but it doesn’t matter most
Large enterprises will maintain significant on-premises footprints for the
foreseeable future, for all the reasons we’ve discussed. The enterprise IT
landscape in 2025 is undeniably hybrid and likely always will be. But it’s
equally undeniable that the center of gravity for innovation has shifted. When a
new opportunity emerges—say, deploying a breakthrough AI model or scaling a
customer-facing app to millions of users overnight—companies aren’t spinning up
a new on-premises cluster to meet the moment. They’re tapping the virtually
unlimited resources of AWS, Azure, Google, or edge networks like Cloudflare.
They’re doing so because cloud offers experimentation without hardware
procurement, and success isn’t gated by how many servers you happen to own.
Private clouds excel at running the known and steady. Public clouds excel at
unleashing the unknown and extraordinary. As we reach a cloud/on-prem
equilibrium, this division of labor is becoming clearer. The day-to-day
workloads that keep the business running may happily live in a familiar private
cloud enclave. But the industry-defining projects, the ones leaders hope will
define the business’s future, gravitate to infrastructure that can stretch to
any size, in any region, at a moment’s notice. Why Generative AI Needs Architecture, Not Just APIs
The root of the problem often lies in treating gen AI as an add-on to legacy
systems rather than embedding it into core operations. This leads to
inconsistent implementation, unclear ownership and limited returns. To deliver
meaningful outcomes, organizations must start by identifying areas where gen
AI can enhance decisions, such as customer engagement, service workflows and
regulatory compliance. ... When the focus is only on launching siloed
applications, organizations may move fast initially, but they end up with
systems that are difficult to scale, integrate or adapt. That's where
architecture-centric thinking becomes critical. A strong architectural
foundation built on modularity, interoperability and scalability ensures that
future applications don't just add features but add value as one needs to
build to last. This means building platforms that support change, not just
one-off projects. It's also about fostering collaboration between business and
IT, so decisions can be made with both speed and stability in mind. ... The
"situational layer cake" architecture enables enterprises to build
applications in distinct layers, such as enterprisewide, division-specific and
implementation layers, facilitating a balance between reusability and
customization. This structure allows the creation of reusable components that
can be tailored to specific business contexts without redundant coding,
streamlining operations and reducing complexity.
The goal of a help desk scam is to get the help desk operator to reset the
credentials and/or MFA used to access an account so the attacker can take
control of it. They'll use a variety of backstories and tactics to get that
done, but most of the time it's as simple as saying "I've got a new phone, can
you remove my existing MFA and allow me to enroll a new one?" From there, the
attacker is then sent an MFA reset link via email or SMS. Usually, this would
be sent to, for example, a number on file — but at this point, the attacker
has already established trust and bypassed the help desk process to a degree.
So asking "Can you send it to this email address" or "I've actually got a new
number too, can you send it to…" gets this sent directly to the attacker. ...
But, help desks are a target for a reason. They're "helpful" by nature. This
is usually reflected in how they're operated and performance measured — delays
won't help you to hit those SLAs! Ultimately, a process only works if
employees are willing to adhere to it — and can't be socially engineered to
break it. Help desks that are removed from day-to-day operations are also
inherently susceptible to attacks where employees are impersonated. But, the
attacks we're experiencing at the moment should give security stakeholders
plenty of ammunition as to why help desk reforms are vital to securing the
business.
Now, before you think I'm writing Google's obituary, let me be clear. Like
I've said before, I'm confident they'll figure it out, even if that means
changing their business model. That said, if your business depends on Google
in any way, whether it's your business profile, reviews, SEO, or products like
Ad Manager to drive traffic, you need to pay attention to what's happening.
... The Department of Justice and several states are suing Google's parent
company, Alphabet, arguing that its exclusive deals with companies like Apple
are anticompetitive and potentially monopolistic. Basically, Google is paying
billions to be the default search engine on Apple devices, effectively
shutting out any real competition. The ruling in this case could break up
their reported $20 billion-a-year agreement. ... Long story short, the way
people discover, research, and choose businesses is changing one AI update at
a time, but it's essential to note that people are still searching, just not
in the same places they used to. That nuance is critical to understanding your
next move. As more users turn to AI tools like ChatGPT and Perplexity for
answers, traditional search engines are no longer the only gateway to your
business. This shift in behavior over time will result in less traffic to your
product or service.
Are the enterprises rushing to deploy new open source AI projects taking the
necessary security measures to isolate them from the rest of their
infrastructure? Or are they disregarding recent open source security history
and trusting them by default? Alarmingly, there are also reports that China-,
North Korea- and Russia-based cybercriminal groups are actively targeting both
physical and AI infrastructure while leveraging AI-generated malware to
exploit vulnerabilities more efficiently. ... Next-generation AI
infrastructure cannot be beholden to performance penalties that arise from
using today’s solutions to create true, secure, multitenant environments. By
combining the best aspects of bare-metal performance with container-like
deployment models, organizations can build systems that deliver both speed and
convenience. ... We cannot build a solid future if we ignore the wisdom of the
past. The foundations of computing security, resource management and
operational efficiency were laid decades ago by pioneers who had to make every
CPU cycle and memory byte count. Their lessons are more relevant now than ever
as we build systems that consume unprecedented computational resources. The
organizations that will outlast in the AI era won’t necessarily be those with
the largest infrastructure investments or the trendiest technology
stacks.
Scattered Spider: Understanding Help Desk Scams and How to Defend Your Organization
The goal of a help desk scam is to get the help desk operator to reset the
credentials and/or MFA used to access an account so the attacker can take
control of it. They'll use a variety of backstories and tactics to get that
done, but most of the time it's as simple as saying "I've got a new phone, can
you remove my existing MFA and allow me to enroll a new one?" From there, the
attacker is then sent an MFA reset link via email or SMS. Usually, this would
be sent to, for example, a number on file — but at this point, the attacker
has already established trust and bypassed the help desk process to a degree.
So asking "Can you send it to this email address" or "I've actually got a new
number too, can you send it to…" gets this sent directly to the attacker. ...
But, help desks are a target for a reason. They're "helpful" by nature. This
is usually reflected in how they're operated and performance measured — delays
won't help you to hit those SLAs! Ultimately, a process only works if
employees are willing to adhere to it — and can't be socially engineered to
break it. Help desks that are removed from day-to-day operations are also
inherently susceptible to attacks where employees are impersonated. But, the
attacks we're experiencing at the moment should give security stakeholders
plenty of ammunition as to why help desk reforms are vital to securing the
business.Banking on intelligence: How AI is powering the next evolution of financial services
With constantly evolving regulations, financial institutions need stringent compliance measures to avoid penalties and disruptions. AI steps in as a powerful ally, automating compliance tasks to slash manual workloads and boost reporting accuracy. AI agents digest regulatory data, churn out compliance reports, and handle KYC/AML validations—cutting errors while speeding up the process. While implementing the changes, financial institutions must comply with data localisation mandates and ensure AI solutions are hosted within India. To mitigate data privacy risks, personally identifiable information (PII) is anonymised, and AI is deployed within Virtual Private Cloud environments. AI systems automate document verification, ensuring consistent validation and improving audit readiness. ... AI-enabled Underwriting Workbench is an immensely helpful tool for streamlining documentation and offering a single-window interface. GenAI further enhances credit assessments by analysing alternative data—like transaction history, social media, and employment records—offering a comprehensive view of an applicant’s financial health. This enables banks to make inclusive, risk-aware lending decisions. Agentic AI further calibrates the process by automating tasks like application assessments and borrower information verifications, enabling near-instant loan decisions with minimal human intervention.Why the end of Google as we know it could be your biggest opportunity yet
Now, before you think I'm writing Google's obituary, let me be clear. Like
I've said before, I'm confident they'll figure it out, even if that means
changing their business model. That said, if your business depends on Google
in any way, whether it's your business profile, reviews, SEO, or products like
Ad Manager to drive traffic, you need to pay attention to what's happening.
... The Department of Justice and several states are suing Google's parent
company, Alphabet, arguing that its exclusive deals with companies like Apple
are anticompetitive and potentially monopolistic. Basically, Google is paying
billions to be the default search engine on Apple devices, effectively
shutting out any real competition. The ruling in this case could break up
their reported $20 billion-a-year agreement. ... Long story short, the way
people discover, research, and choose businesses is changing one AI update at
a time, but it's essential to note that people are still searching, just not
in the same places they used to. That nuance is critical to understanding your
next move. As more users turn to AI tools like ChatGPT and Perplexity for
answers, traditional search engines are no longer the only gateway to your
business. This shift in behavior over time will result in less traffic to your
product or service. How global collaboration is hitting cybercriminals where it hurts
Collaboration and intelligence sharing is at the heart of our approach to tackling the threat within the NCA, and we enjoy relationships with partners across the public and private sector both nationally and internationally. We’re united and motivated, in many ways, by a common mission. Some of these are formalised law enforcement relationships that we have had for a long time – for example, I was the NCA’s embed to the FBI in Washington DC for a number of years. But, it is not just limited to the US – the NCA is lucky to enjoy brilliant relationships with the ‘five eyes’ countries and partners across Europe and beyond in the fight against cybercrime. ... In the NCA, we are predominantly focused on financially motivated cybercrime, with ransomware as a main area of focus given how significant the threat it poses to the UK. We recognise that some cybercrime groups have connections to the Russian State, but assess that these type of deep-rooted relationships are likely to be the exception as opposed to the norm. When targeting the cybercrime threat, we have been focused on associating cost and risk to the threat actors who seek to cause harm to us and our allies, and we achieve this in a number of different ways. The NCA-led disruption of LockBit in 2024 was successful in undermining trust between members of the group, as well as any trust that victims might have had in LockBit keeping their word.Future-Proofing AI: Repeating Mistakes or Learning From the Past?
Are the enterprises rushing to deploy new open source AI projects taking the
necessary security measures to isolate them from the rest of their
infrastructure? Or are they disregarding recent open source security history
and trusting them by default? Alarmingly, there are also reports that China-,
North Korea- and Russia-based cybercriminal groups are actively targeting both
physical and AI infrastructure while leveraging AI-generated malware to
exploit vulnerabilities more efficiently. ... Next-generation AI
infrastructure cannot be beholden to performance penalties that arise from
using today’s solutions to create true, secure, multitenant environments. By
combining the best aspects of bare-metal performance with container-like
deployment models, organizations can build systems that deliver both speed and
convenience. ... We cannot build a solid future if we ignore the wisdom of the
past. The foundations of computing security, resource management and
operational efficiency were laid decades ago by pioneers who had to make every
CPU cycle and memory byte count. Their lessons are more relevant now than ever
as we build systems that consume unprecedented computational resources. The
organizations that will outlast in the AI era won’t necessarily be those with
the largest infrastructure investments or the trendiest technology
stacks.
No comments:
Post a Comment