Home Black Hat Deep Tech Essays Fireside Chat My Take News Alerts Q&A RSAC Videocasts About Contact

Top Stories


SHARED INTEL: Poll shows companies pursuing ‘Digital Trust’ reap benefits as laggards fall behind

By Byron V. Acohido

Achieving “digital trust” is not going terribly well globally.

Related: How decentralized IoT boosts decarbonization

Yet, more so than ever, infusing trustworthiness into modern-day digital services has become mission critical for most businesses. Now comes survey findings that could perhaps help to move things in the right direction.

According to DigiCert’s 2024 State of Digital Trust Survey results, released today, companies proactively pursuing digital trust are seeing boosts in revenue, innovation and productivity. Conversely, organizations lagging may be flirting with disaster.

“The gap between the leaders and the laggards is growing,” says Brian Trzupek, DigiCert’s senior vice president of product. “If you factor in where we are in the world today with things like IoT, quantum computing and generative AI, we could be heading for a huge trust crisis.”

DigiCert polled some 300 IT, cybersecurity and DevOps professionals across North America, Europe and APAC. I sat down with Trzupek and Mike Nelson, DigiCert’s Global Vice President of Digital Trust, to discuss the wider implications of the survey findings. My takeaways:

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

By Zac Amos

AI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions.

Related: The security case for AR, VR

AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms. This helps them improve their performance over time by gaining data from interactions.

In 2022, 88% of users relied on chatbots when interacting with businesses. These tools saved 2.5 billion work hours in 2023 and helped raise customer satisfaction to 69% for $0.50 to $0.70 per interaction. Forty-eight percent of consumers favor their efficiency prioritization.

News alert: Kiteworks named as a founding member of NIST’s new AI safety consortium – ‘AISIC’

San Mateo, Calif., Feb. 13, 2023 – The U.S. White House announced groundbreaking collaboration between OpenPolicy and leading innovation companies, including Kiteworks, which delivers data privacy and compliance for sensitive content communications through its Private Content Network.

The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) Artificial Intelligence Safety Institute Consortium (AISIC) will act as a collaborative platform where both public sector and private sector leading organizations will provide guidance on standards and methods in the development of trustworthy AI.

The Kiteworks platform provides customers with a Private Content Network that enables them to employ zero-trust policy management in the governance and protection of sensitive content communications, including the ingestion of sensitive content into generative AI (GenAI).

Kiteworks unifies, tracks, controls, and secures sensitive content moving within, into, and out of organizations. With Kiteworks, organizations can significantly improve risk management and ensure regulatory compliance on all sensitive content communications.

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

By Michael Cocanower

Every industry is dealing with a myriad of cyber threats in 2024. It seems every day we hear of another breach, another scam, another attack on anything from a small business to a critical aspect of our nation’s infrastructure.

Related: The case for augmented reality training

Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate, especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams.

And the solution they are turning to is not one that will solve their problems in the long run: handing cybersecurity responsibilities to internal IT teams.

It’s a tale as old as the first computer. When a technical issue arises, hand it over to IT. However, from the sheer amount of regulations coming down the pipeline to the tools necessary to counter threat actors, internal IT is not the right resource for this monumental task.

Regulatory overload

Firms in the financial services industry are staring down the bottom of the regulatory barrel coming into 2024. From identity theft to greater oversight on risk management, internal IT teams

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

By Bharat Bhushan

Even in the cloud era, Microsoft Exchange Server remains a staple business communications tool across the globe.

Related: The need for robust data recovery policies.

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up.

Fortunately, effective tools and wise best practices can help mitigate this this exposure enabling companies to indefinitely leverage Exchange Server as a productive, resilient and secure communications tool.

Navigating new risks

Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Yet a significant number of enterprises and small and mid-sized businesses (SMBs) continue to rely on Exchange Server.

Microsoft introduced this e-mail and calendaring server in 1996 and over time it has over time become ubiquitous in enterprises and small and mid-sized businesses (SMBs) alike.

News alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraud

San Francisco, Calif., Jan. 31, 2024 – Reken, an AI & cybersecurity company, today announced the close of its $10M oversubscribed seed round, led by Greycroft and FPV Ventures. Other investors in the round include Firebolt Ventures, Fika Ventures, Omega Venture Partners, Homebrew, and JAZZ Venture Partners.

The funding will be used for core research and development to build new AI technology and products to protect against generative AI threats, such as deepfake social engineering and autonomous fraud.

“Generative AI cybercrime poses the greatest security challenge of our time,” said Shuman Ghosemajumder, co-founder & CEO of Reken. “While billions have been spent on security products, the impact of cybercrime has actually been getting worse. The reality is that existing cybersecurity doesn’t work as well as we’d like against even yesterday’s threats, let alone against new attacks based on generative AI. For threats such as deepfake video, audio, images, phishing, and fraud, it’s clear that we need a new approach.”

Author Q&A: The ongoing role of fortified structures in military clashes — and cybersecurity

By Byron V. Acohido

There’s no denying that castle walls play a prominent role in the histories of both military defense, going back thousands of years, and — as of the start of the current millennia — in cybersecurity.

Related: How Putin has weaponized ransomware

In his new Polity Press book, The Guarded Age, Fortification in the Twenty-First Century, David J. Betz, delves into historic nuances, on the military side, and posits important questions about the implications for cybersecurity, indeed, for civilization, going forward.

Betz is Professor of War in the Modern World at Kings College London. I asked him about how and why certain fundamental components of ancient, fortified structures have endured. Below are highlights of our discussion, edited for clarity and length.

LW: You cite many examples of instant castle walls, if you will, getting erected in current-day war zones. How can this be, given modern warfare tactics and smart weaponry?