Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact
 

My Take

 

NEWS ANALYSIS Q&A: Striving for contextual understanding as digital transformation plays out

By Byron V. Acohido

The tectonic shift of network security is gaining momentum, yet this transformation continues to lag far behind the accelerating pace of change in the operating environment.

Related: The advance of LLMs

For at least the past decade, the cybersecurity industry has been bending away from rules-based defenses designed to defend on-premises data centers and leaning more into tightly integrated and highly adaptable cyber defenses directed at the cloud edge.

I first tapped Gunter Ollmann’s insights about botnets and evolving malware some 20 years when he was a VP Research at Damballa and I was covering Microsoft for USA TODAY. Today, Ollmann is the CTO of IOActive, a Seattle-based cybersecurity firm specializing in full-stack vulnerability assessments, penetration testing and security consulting. We recently reconnected. Here’s what we discussed, edited for clarity and length?

LW: In what ways are rules-driven cybersecurity solutions being supplanted by context-based solutions?

Ollmann: I wouldn’t describe rules-based solutions as being supplanted by context-based systems. It’s the dimensionality of the rules and the number of parameters consumed by the rules that have expanded to such an extent that a broad enough contextual understanding is achieved. Perhaps the biggest change lies in the way the rules are generated and maintained, where once a pool of highly skilled and experienced cybersecurity analysts iterated and codified actions as lovingly-maintained rules, today big data systems power machine learning systems to train complex classifiers and models. These complex models now adapt to the environments they’re deployed in without requiring a pool of analyst talent to tweak and tune.

SHARED INTEL Q&A: Forrester report shows Identity and Access Management (IAM) in flux

By Byron V. Acohido

Identity and Access Management (IAM) is at a crossroads.

Related: Can IAM be a growth engine?

A new Forrester Trends Report dissects ten IAM trends now in play, notably how AI is  influencing IAM technologies to meet evolving identity threats.

IAM is a concept that arose in the 1970s when usernames and passwords first got set up to control access mainframe computers.

By the 1990s, single sign-on (SSO) solutions had caught, and with the explosion of web apps that followed came more sophisticated IAM solutions. Federated identity management emerged, allowing users to use the same identity across different domains and organizations, and standards like SAML (Security Assertion Markup Language) were developed to support this.

The emergence of cloud computing further pushed the need for robust IAM systems. Identity as a Service (IDaaS) began to gain traction, offering IAM capabilities through cloud providers.

MY TAKE: RSAC 2024’s big takeaway: rules-based security is out; contextual security is taking over

KINGSTON, Wash.  — U.S. Secretary of State Antony Blinken opened RSA Conference 2024 last week issuing a clarion call for the cybersecurity community to defend national security, nurture economic prosperity and reinforce democratic values.

Related: The power of everyman conversing with AI

That’s a tall order. My big takeaway from RSAC 2024 is this: the advanced technology and best practices know-how needed to accomplish the high ideals Secretary Blinken laid out are readily at hand.

I was among some 40,000 conference attendees who trekked to San Francisco’s Moscone Center to get a close look at a dazzling array of cybersecurity solutions representing the latest iterations of the hundreds of billions of dollars companies expended on cybersecurity technology over the past 20 years.

And now, over the next five years,  hundreds of billions more  will be poured into shedding the last vestiges of on-premises, reactive defenses and completing the journey to edge-focused, tightly integrated and highly adaptable cyber defenses directed at the cloud edge.

This paradigm shift is both daunting and essential; it must fully play out in order to adequately protect data and systems

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

By Byron V. Acohido

SAN FRANCISCO — On the eve of what promises to be a news-packed RSA Conference 2024, opening here on Monday, Microsoft is putting its money where its mouth is.

Related: Shedding light on LLM vulnerabilities

More precisely the software titan is putting money within reach of its senior executives’ mouths.

In a huge development, Microsoft announced today that it is revising its security practices, organizational structure, and, most importantly, its executive compensation in an attempt to shore up major security issues with its flagship product, not to mention quell rising pressure from regulators and customers.

A shout out to my friend Todd Bishop, co-founder of GeekWire, for staying on top of this development. His breaking news coverage is as thorough as you’d expect as a Microsoft beat writer with institutional knowledge going back a couple of decades.

MY TAKE: GenAI revolution — the transformative power of ordinary people conversing with AI

By Byron V. Acohido

SAN FRANCISCO — The amazing digital services we have today wouldn’t have come to fruition without the leading technology and telecom giants investing heavily in R&D.

Related: GenAi empowers business

I had the chance to attend NTT Research’s Upgrade Reality 2024 conference here  last week to get a glimpse at some of what’s coming next.

My big takeaway: GenAI is hyper-accelerating advancements in upcoming digital systems – and current ones too. This is about to become very apparent as the software tools and services we’re familiar with become GenAI-enabled in the weeks and months ahead.

And by the same token, GenAI, or more specifically Large Language Model (LLM,) has added a turbo boost to the pet projects that R&D teams across the technology and telecom sectors have in the works.

The ramifications are staggering. The ability for any human to extract value from a large cache of data – using conversational language opens up a whole new universe of possibilities.

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

By Byron V. Acohido

It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering.

Related: AI makes scam email look real

Fresh evidence comes from  Mimecast’s “The State of Email and Collaboration Security” 2024 report.

The London-based supplier of email security technology, surveyed 1,100 information technology and cybersecurity professionals worldwide and found:

•Human risk remains a massive exposure. Some 74 percent of cyber breaches are caused by human factors, including errors, stolen credentials, misuse of access privileges, or social engineering.

•New AI risks have lit a fire under IT teams. . Eight out of 10 of those polled expressed concerned about AI threats posed and 67 percent said AI-driven attacks will soon become the norm.

LW ROUNDTABLE: Will the U.S. Senate keep citizens safe, vote to force China to divest TikTok?

By Byron V. Acohido

Congressional bi-partisanship these day seems nigh impossible.

Related: Rising tensions spell need for tighter cybersecurity

Yet by a resounding vote of 352-65, the U.S. House of Representatives recently passed a bill that would ban TikTok unless its China-based owner, ByteDance Ltd., relinquishes its stake.

President Biden has said he will sign the bill into law, so its fate is now in the hands of the U.S. Senate.

I fervently hope the U.S. Senate does not torpedo this long overdue proactive step to protect its citizens and start shoring up America’s global stature.

Weaponizing social media

How did we get here? A big part of the problem is a poorly informed general populace. Mainstream news media gravitates to chasing the political antics of the moment. This tends to diffuse sober analysis of the countless examples of Russia, in particular, weaponizing social media to spread falsehoods, interfere in elections, target infrastructure and even radicalize youth.