The lack of a dedicated security operations center can make it difficult for small organizations to benefit from security tools. To streamline security, it's crucial to have a user-friendly interface and experience that is easy to comprehend and understand, said Malwarebytes CEO Marcin Kleczynski.
AI is a tool for augmenting humans rather than replacing them, and AI is far from surpassing human capabilities on a scalable level. Although AI can generate realistic images and believable text, it still has a long way to go in detecting anomalies, said Kyle Hanslovan, CEO of Huntress.
Artificial intelligence and machine-learning technology is vulnerable to cyberattacks due to a lack of security around the models themselves, said Mark Hatfield, founder and general partner at Ten Eleven Ventures. How do we identify and fix the potential risks of misuse that come with AI?
CEO Michael Mumcuoglu says detection posture management can be used in concert with the MITRE ATT&CK Framework to detect and remediate threats. DPM offers a proactive, systematic approach to detection and response and uses automation and analytics, which he said help deliver improved effectiveness.
Networking was created as a "trust everything" approach that "doesn't know who you are, doesn't know your content or why you're doing it." In the future, according to John Maddison, CMO of Fortinet, all that connectivity will be secure, and the market for secure networking will become bigger.
Cybercriminals are becoming increasingly innovative and shifting toward more targeted and destructive attacks, using wiper malware, which was previously only used by APT-focused, nation-state actors. Also, ransom payment demands are reaching seven to eight figures.
Now in its 10th year, the Thales Data Threat Report outlines and quantifies the key threats faced by the global cybersecurity industry. Ransomware continues to be a growing threat but, surprisingly, more than half of respondents have no defense plan in place, said Thales' Todd Moore.
Policy buzz around RSA Conference 2023 is centering on the new National Cybersecurity Strategy that seeks to hold software makers liable for security flaws. While federal officials say the industry will embrace the new rules, some are talking about the lobbying and legal challenges ahead.
Organizations have long been using software from open-source ecosystems without fully realizing how much software they actually pull from these libraries, but the potential downstream effects of security flaws could have a major impact, said Pete Morgan, co-founder and CSO at Phylum.
Changes to FedRAMP regulations will have a major impact on cloud services providers, compliance and cybersecurity controls, said Tony Bai, director, federal practice lead, at A-LIGN. Bai offers insight on navigating the U.S government authorization requirements as well as the StateRAMP program.
Every organization has a role in securing the nation and economy. Enterprises should invest in the right controls, partner with public agencies and prioritize security at the board level, advised Eric Goldstein, executive assistant director for cybersecurity of CISA.
Venture capitalist Alberto Yépez says there are opportunities to innovate in this economy. The market is self-correcting, but the demand for cyber protection has increased with the rise in cyberattacks and increased regulations, making it a top priority in terms of technology budgets, he said.
The transition to the cloud at a fast pace during the pandemic affects information security to this day, said Amer Deeba, co-founder and CEO, Normalyze. Cloud drove innovation but left organizations wondering where the data was going across multiple clouds and what was the best way to secure it.
Digital communication has fundamentally transformed how businesses operate today, with employees relying on email, instant messaging and other tools to collaborate and communicate effectively. This shift has also introduced new security risks, as humans are a primary target for attackers.
OT attacks have doubled. Mark Cristiano, global commercial director of cybersecurity services at Rockwell Automation, discusses how organizations can develop a strategic approach to OT security that aligns with their risk profile, cyber maturity and ability to absorb change.