Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact

Guest Blog Post


GUEST ESSAY: Taking proactive steps to heal the planet — by reducing the impact of video streaming

By Philippe Wetze

Most folks don’t realize that the Internet contributes more than 3.7 percent of global greenhouse gas emissions.

Related: Big data can foster improved healthcare

Within that, video represents over 80 percent of the traffic that flows through this global network which is growing rapidly at about 25 percent per year. A similar dynamic is taking place over enterprise networks, especially in the wake of the COVID-19 pandemic. A tremendous amount of video traffic is being managed by IT departments. This is why tracking the impact of digital video consumption across the business ecosystem is becoming increasingly important.

Meanwhile, the number of screens consumers use — at home and work — is also multiplying at an astonishing rate. With all these devices, there is an increase in video and encoders to handle the exploding demand for video content, driven by the growth of video-heavy social applications — TikTok and WhatsApp, to name but a few. These factors drive high demand for encoders and decoders.

It is in this context that it is important to focus on the details of video technology. Encoders, for instance, consume significantly more energy than decoders – sometimes as much as 5 to 10 times as much energy, in comparison.

In the past, there was an asynchronous relationship between these two categories of technology. Most video content was created — and encoded — by a much smaller percentage of the population compared to those who consumed

GUEST ESSAY: Steps to leveraging ‘Robotic Process Automation’ (RPA) in cybersecurity

By Zac Amos

In cybersecurity, keeping digital threats at bay is a top priority. A new ally in this battle is robotic process automation (RPA.) This technology promises to simplify tasks, boost accuracy and quicken responses.

Related: Gen-AI’s impact on DevSecOps

Robotic process automation is about getting repetitive, rule-based tasks done with the help of software robots, often called “bots.” These bots mimic human actions, handling tasks like data entry, retrieval and processing.

Automation matters in cybersecurity. RPA can be a lifesaver, freeing experts to focus on more complex security challenges.

Nine out of 10 employees want a single solution for their tasks. This emphasizes why automation is essential because it’s a way to make things more efficient and use human resources wisely. Here are some reasons why the role of automation is crucial in cybersecurity:

•Speed and accuracy: Cyber threats happen instantly and automation reacts quickly

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

By John Funk

A hacking gang known as Scattered Spiders soundly defeated the cybersecurity defenses of MGM and Caesars casinos.

Related: Russia puts the squeeze on US supply chain

This cost the Las Vegas gambling meccas more than $100 million while damaging their reputations. As the companies face nine federal lawsuits for failing to protect customer data, it’s abundantly clear hackers have checkmated multi-factor authentication (MFA).

Using a technique known as MFA fatigue, Scattered Spiders put MGM in manual mode and forced Caesars to pay a reported $13 million ransom. For the moment, hackers appear to have the upper hand in the global chess match between cybersecurity professionals and digital criminals.

That’s largely because the splashy headlines and online buzz created by bringing down the pair of casinos will only motivate more mid-level cybercriminals to follow Scattered Spiders’ model, putting wide-reaching businesses at risk of ransomware attacks due to the rise of ransomware-as-a-service models.

Scattered spiders

In early September, Scattered Spiders infiltrated MGM and Caesars using a variety of relatively common hacking techniques. But the coup de gras was how easily they brushed aside the multi-factor authentication protections.

The criminals’ ages are said to range between 17 and 25 years old, and their kung fu was nothing to boast about until

GUEST ESSAY: An assessment of how ‘Gen-AI’ has begun to transform DevSecOps

By Priyank Kapadia

Combining DevSecOps with Generative Artificial Intelligence (Gen-AI) holds the potential to transform both software development and cybersecurity protocols.

Related: The primacy of DevSecOps

Through harnessing the power of Generative AI, enterprises can usher in a new era of DevSecOps, elevating development velocity, security, and robustness to unprecedented levels.

DevSecOps teams can test and debug code 70 percent faster with generative AI, which in turn saves businesses money and employee hours.

Generative AI can also help DevSecOps professionals to identify areas that are ripe for automation, enhance real-time monitoring and analytics, and even predict and address security problems before they happen.

Accelerating automation

DevSecOps and cybersecurity teams often encounter repetitive, time-consuming tasks that can lead to inefficiencies and errors when they handle these tasks manually. AI can play a pivotal role in automating these processes.

Tasks like code review, test case generation, systematically generating, storing, and managing configuration files, and infrastructure provisioning are prime candidates for automation. Leveraging generative AI in these areas can significantly speed up

GUEST ESSAY: The many channels law enforcement pursues to mitigate cyber threats

By Demetrice Rogers

Throughout 2023, we’ve witnessed numerous significant cyber incidents. One of the largest this year was the MOVEit breach, which impacted various state motor vehicle organizations and exposed driver’s license information for nearly 9.5 million individuals.

Related: The Golden Age of cyber espionage

We have also seen ransomware outbreaks at MGM and Caesar’s Casino, causing losses in the millions of dollars and targeted assaults on the healthcare sector, affecting over 11 million patients.

These attacks are leading to a record number of personally identifiable information posted on the Dark Web, a portion of the internet that is hidden and provides anonymity to its users. Many individuals are curious about the strategies employed by law enforcement agencies to monitor and respond to these threats.

Threat intel sharing

Law enforcement agencies depend on multiple channels to aid their efforts against cyber threats. The primary source is the affected organization or individual. Cybersecurity experts determine the required support level when a cyberattack is reported to a local law enforcement agency. Larger-scale attacks may involve collaboration with various federal agencies for

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

By Allen Lieberman

QR code phishing attacks started landing in inboxes around the world about six months ago.

Related: ‘BEC’ bilking on the rise

These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information.

In June, we started seeing these types of attacks amongst our customer base. Since June, there has been a fourfold increase in the search volume around keywords associated with these types of attacks.

Within the last week we have identified 655,0000 QR codes for our customers, of which 1,000 contained suspicious text and 8,000 came from a domain with a low rank (a freemail or a new email address, which are both flags for malicious senders). This is a true reflection of the attack landscape.

Scans slip through

These attacks are so successful because many traditional email security tools focus only on text-scanning, allowing image-based attacks to slip through. When attacks reach the inbox, users have a natural reaction to “scan the code,” assuming it’s legitimate.

When they do, many users don’t have any apprehensions around scanning QR codes because the assumption is

GUEST ESSAY: Cisco-Splunk merger will boost Snowflake – here’s how security teams can benefit.

By Kevin Gonzalez

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes.

Related: Dasera launches new Snowflake platform

For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs). However, security teams have challenges with Splunk’s steeply rising costs. And now, early adopters of security data lakes like Snowflake are saving more than two-thirds of what they were paying for their Splunk license.

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. The Cisco acquisition shall exacerbate these challenges and speed up the adoption of security data lakes.

While it’s great to see data lakes gaining so much momentum, many security teams struggle to take advantage of them. Ripping and replacing Splunk overnight is unrealistic. Enterprise security teams need a path to incrementally migrate to a modern data lake with minimal