Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact

Top Stories


RSAC Fireside Chat: Here’s what it will take to achieve Digital Trust in our hyper-connected future

By Byron V. Acohido

Confidence in the privacy and security of hyper-connected digital services is an obvious must have.

Related: NIST’s  quantum-resistant crypto

Yet, Digital Trust today is not anywhere near the level it needs to be. At RSAC 2024 I had a wide-ranging conversation with DigiCert CEO Amit Sinha all about why Digital Trust has proven to be so elusive. For a full drill down, please give the accompanying podcast a listen.

We spoke about how the Public Key Infrastructure (PKI) has come under pressure. PKI and digital certificates provide the essential framework for authenticating identities, encrypting communications and ensuring data integrity.

However, with the shift to remote work and the proliferation of Internet of Things systems, the complexity of maintaining a fundamental level of trust in digital services has risen exponentially.

And that curve will only steepen as GenAI/LLM services ramp up and quantum computers get mainstreamed, Sinha observed.

RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’

By Byron V. Acohido

Taking stock of exposures arising from the data-handling practices of third-party suppliers was never simple.

Related: Europe requires corporate sustainability

In a hyper-connected, widely-distributed operating environment the challenge has become daunting.

At RSAC 2024, I visited with Paul Valente, co-founder and CEO of VISO TRUST. We had a wide-ranging discussion about the limitations of traditional third-party risk management (TPRM), which uses extensive questionnaires—and the honor system – to judge the security posture of third-party suppliers. For a full drill down, please give the accompanying podcast a listen.

VISO TRUST launched in 2020 to introduce a patented approach, called Artifact Intelligence, to automate the assessment of third-party risks. This method employs natural language processing (NLP) and various machine learning models, including large language model (LLM) to automate the assessment of third-party risks, Valente told me.

The benefits of advanced TPRM technologies extend beyond implementing these audits much more efficiently and effectively at scale. Valente cited how a customer, Illumio, is  leveraging Artifact Intelligence to conduct vendor assessments very early in the procurement process, significantly enhancing decision-making and avoiding high-risk relationships.

RSAC Fireside Chat: Ontinue ups the ‘MXDR’ ante — by emphasizing wider automation, collaboration

By Byron V. Acohido

Companies that need to protect assets spread across hybrid cloud infrastructure face a huge challenge trying to mix and match disparate security tools.

Related: Cyber help for hire

Why not seek help from a specialist? At RSAC 2024, I visited with Geoff Haydon, CEO, and Alex Berger, Head of Product Marketing, at Ontinue, a new player in the nascent Managed Extended Detection and Response (MXDR) space.

MXDR extends from the long-established Managed Security Service Providers (MSSP) space. MSSPs came along 20 years ago to assist with on-premises tools like firewalls, intrusion detection and antivirus tools.

Managed Detection and Response (MDR) arose to focus on advanced threat detection and remediation. And next came MXDR solutions, which offer wider, more integrated coverage while emphasizing automation and collaboration.

Haydon and Berger, for instance, explained how Ontinue leverages machine learning to automate detection and low-level incident management. For a full drill down please give the accompanying podcast a listen.

News Alert: Criminal IP unveils innovative fraud detection data products on Snowflake Marketplace

Torrance, Calif., June 10, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced that it has started selling its paid threat detection data from its CTI search engine ‘Criminal IP‘ on the Snowflake Marketplace.

Criminal IP is committed to offering advanced cybersecurity solutions through Snowflake, the leading cloud-based data warehousing platform.

Criminal IP’s Intelligence for Fraud Detection and Privacy Protection is meticulously crafted to address the growing concerns surrounding fraudulent activities and privacy breaches. By aggregating data on known malicious and masked IP addresses, including those with historical abuse records such as IDS, malware, phishing, ransomware, and blocked IPs, this dataset equips organizations with actionable insights to identify and mitigate fraudulent activities in real time.

Additionally, the product boasts advanced capabilities to detect servers infected by botnet and C2 software, as well as IP addresses leveraging masking services like VPNs, proxies, and hosting. This product is

RSAC Fireside Chat: Jscrambler levels-up JavaScript security, slows GenAI-fueled privacy loss

By Byron V. Acohido

Could we be on the verge of Privacy Destruction 2.0, thanks to GenAI?

Related: Next-level browser security

That’s a question that spilled out of a thought-provoking conversation I had with Pedro Fortuna, co-founder and CTO of Jscrambler, at RSAC 2024.

Jscrambler provides granular visibility and monitoring of JavaScript coding thus enabling companies to set and enforce security rules and privacy policies. For instance, it helps online tax services prevent leakage of taxpayers’ personal information via pixels, those imperceptible JavaScripts embedded in a web page to collect information about the user’s interactions.

It turns out, Fortuna observed, that GenAI/LLM is perfectly suited to the deeper mining of personal data collected by pixels as well as other JavaScript mechanisms currently in wide use.

This brought to mind 2010, the year I wrote news stories for USA TODAY about Mark Zuckerberg declaring privacy was “no longer a social norm” and Google CEO Eric Schmidt admitting that Google’s privacy policy was to “get right up to the creepy line and not cross it.”

SHARED INTEL Q&A: Forrester report shows Identity and Access Management (IAM) in flux

By Byron V. Acohido

Identity and Access Management (IAM) is at a crossroads.

Related: Can IAM be a growth engine?

A new Forrester Trends Report dissects ten IAM trends now in play, notably how AI is  influencing IAM technologies to meet evolving identity threats.

IAM is a concept that arose in the 1970s when usernames and passwords first got set up to control access mainframe computers.

By the 1990s, single sign-on (SSO) solutions had caught, and with the explosion of web apps that followed came more sophisticated IAM solutions. Federated identity management emerged, allowing users to use the same identity across different domains and organizations, and standards like SAML (Security Assertion Markup Language) were developed to support this.

The emergence of cloud computing further pushed the need for robust IAM systems. Identity as a Service (IDaaS) began to gain traction, offering IAM capabilities through cloud providers.

RSAC Fireside Chat: Seclore advances ‘EDRM’ by aligning granular controls onto sensitive data

By Byron V. Acohido

Digital rights management (DRM) has come a long way since Hollywood first recognized in the 1990s that it needed to rigorously protect digital music and movies.

By the mid-2000s a branch called enterprise digital rights management (EDRM) cropped up to similarly protect sensitive business information. Today, businesses amass vast  amounts of business-critical data – at a pace that’s quickening as GenAI takes hold.

At RSAC 2024 I sat down with Isaac Roybal, chief marketing officer at Seclore, to discuss how the challenge of securing business data has moved beyond even where the EDRM space has been evolving. For a drill down, please give the accompanying podcast a listen.

Seclore takes a data-centric approach to securing data by aligning granular controls with the sensitive data itself. This allows for security teams to dynamically manage permissions, rescind access, alter editing capabilities,  and even perform real-time compliance checks, he noted.