Companies have taken a hatchet to their "innovation budget" amid economic headwinds, making it difficult for startups to hit their sales projections, said Momentum Cyber's Dino Boukouris. Long sales cycles for early-stage startups have resulted in them burning through cash faster than anticipated.
Complexity has made it tough for organizations to be secure and efficient, which is driving many customers to look at vendor consolidation, said Palo Alto Networks President BJ Jenkins. Organizations that deploy a lot of point solutions are stuck finding a way to make all the products work together.
In the days between April 28 and May 4, the FBI and Ukrainian police seized nine virtual currency exchanges that serviced cybercriminals, Privacy Affairs noted the cost of hacked crypto accounts on darknet markets, and Level Finance suffered a $1 million hack.
Thoma Bravo has agreed to spend $12 billion on three high-profile identity acquisitions to help with the transition from on-premises licenses to cloud-based subscriptions. Vendors in the space must expand their customer success organization and shift incentives for the salesforce, said Chip Virnig.
In the days between April 27 and May 4, the spotlight was on: a Royal ransomware attack on Dallas, Telecom giant T-Mobile's second breach in 2023, a ransomware attack disrupting water services in half a dozen southern Italian towns, a German IT services provider and the Atomic macOS Stealer.
Organizations looking to adopt zero trust architectures are increasing pursuing service mesh rather than microsegmentation due to new innovations, said Ballistic Ventures General Partner Barmak Meftah. Microsegmentation excels at limiting the attack surface but comes with major overhead expense.
The tally of individuals whose sensitive information was compromised by the exploitation of a zero-day vulnerability in Fortra's GoAnyWhere secure file transfer software is growing by millions as more entities report heath data breaches to regulators.
White House cybersecurity priorities: The Biden administration continues to have a "relentless focus" on improving critical infrastructure security, disrupting ransomware and combating the illicit use of cryptocurrency, said Deputy National Security Adviser Anne Neuberger.
The lack of proper monitoring and logging can make it difficult for companies to effectively address breaches. Many companies do not have logs turned on or do not properly configure them to track and record what is necessary. Without logs, the response to a breach can be significantly slower.
As ransomware actors get innovative and attacks keep growing at a brisk pace, threat intelligence and incident response plans are now more vital for businesses. But responding calmly in all that chaos is equally important and should be done the right way, said Palo Alto Networks' Wendi Whitmore.
The investment appetite is quite the opposite of what it was in the past two years. Investors are more cautious, and valuations are much lower. Yet, venture capitalists have identified a few hot technology domains and are pursuing companies with those technology innovations.
Mass exploitation campaigns are the latest of many criminal innovations in 2023. Based on tracing ransom payments, they weren't very profitable. But ransomware actors do love their zero-days, said Allan Liska, principal intelligence analyst at Recorded Future.
The cybersecurity industry needs to be increasingly agile, said Hugh Thompson, program committee chairman of RSA Conference. Attackers are constantly changing tactics. Security leaders also need to change and keep up with the technologies accessible to a large group of people, he said.
Offensive security is transitioning from traditional penetration testing to a more continuous, technology-led approach, says Aaron Shilts, president and CEO at NetSPI. The security posture of organizations is constantly changing, making a point-in-time pen test less effective.
The enterprise adoption of AI-based large language models has created a new attack surface for adversaries to exploit, said Thomvest Ventures principal Ashish Kakran. A hacker who gains access to or tampers with the data that's been used to train the large language models could wreak a lot of havoc.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.com, you agree to our use of cookies.