Tag: cybersecurity

AI and Automation: Graig Paglieri of Randstad Digital on How to Effectively Harness AI Technology in People Operations | In the News

Recently, Graig Paglieri, the CEO of Randstad Digital Americas was interviewed by Medium, where he talks about how they’re utilizing new technologies to make their jobs easier and provide greater strategic value.

In his interview, Graig mentioned a recent white paper with the Everest Group that estimates that the current global skill gap for AI/ML technologies is 25%-30% — and for cloud skills and cybersecurity, that skill gap stands at 20–25% and 30% percent, respectively. As a solution, enterprises should clearly outline what they hope to achieve with AI, from improving internal operations or enhancing customer engagement.

Read more in Medium.

Secure from the Get-Go: Top Challenges in Implementing Shift-Left Cybersecurity Approaches | In the News

An approach that builds cybersecurity into software and platforms can create stronger security, reducing vulnerabilities and risks. But implementation often comes with challenges.

Focusing on a software product’s speed to market, performance, and security, Ankit Gupta suggests embracing “integrated KPIs” for organizations, fostering shared accountability across product teams, DevSecOps teams, and stakeholders. “Developers don’t have KPIs around security, because it isn’t their main responsibility. But if you’re not incentivized as a developer to spend more time on security, it will limit the willingness to spend time on security,” says Ankit Gupta, Practice Director with Everest Group.

Read more in CSO.

Do You Have What It Takes to Be a CISO? Take the Personality Quiz | In the News

The position of the chief information security officer (CISO) stands out as one of the most influential and well-paying roles within an organization, attracting a diversity of talent. While strong technical skills are key, CISOs must also exhibit resilience, unwavering focus, and a strong commitment to transparency.

Interestingly, candidates with nontraditional backgrounds offer unique benefits to the cybersecurity field, specifically CISO roles. “I’ve found that individuals that have faced adversity in their life tend to make better CISOs,” noted Amit Anand, Senior Analyst at Everest Group.

Read more in ITPro Today.

Israel Surveillance Systems’ Failure to Avert Hamas Attacks Raises Questions | In the News

Israeli surveillance systems, supposed to be the best in the world, failed to detect the recent attack by Hamas. This has raised doubts about the system’s reliability.

Kumar Avijit, Practice Director at Everest Group, said considering the recent shortcomings of Israeli tech in confrontations with Hamas, nations like India that are investing or considering the acquisition of similar technologies might reconsider their stance.

Read more in The Hindu Business Line.

Cyber Resiliency Strategy: Key Themes and Pricing Trends for 2023 | Webinar

on-demand Webinar

Cyber Resiliency Strategy: Key Themes and Pricing Trends for 2023

Gone are the days when cybersecurity was solely the concern of IT departments. Today, the C-suite recognizes the criticality of cyber resiliency programs, which prioritize comprehensive threat advisory, holistic monitoring, and swift response mechanisms.

In this webinar, our experts will explain the differences in cyber resiliency and cybersecurity, outline key enterprise investment themes for cyber resiliency, explore opportunities and associated challenges for service providers, and cover the pricing and solution themes underlying the cybersecurity and cyber resiliency market.

What questions will the webinar answer for the participants?

  • What is cyber resiliency, and what is the enterprise adoption roadmap?
  • Why are service providers so gung-ho about cyber resiliency?
  • How should a cyber resiliency deal be structured commercially? 

Who should attend?

  • CIOs, CISOs, CTOs, and CDOs
  • IT and BPO department heads
  • Sourcing leaders
  • Strategy leaders
  • GBS leaders managing IT and BPO outsourcing contracts
  • Security product heads
  • Cybersecurity offering leads
  • Cybersecurity service line heads
Kumar Avijit Light Grey
Practice Director
Shukla Vinamra
Practice Director
Sundrani Ricky
Partner

Generative AI Heralds a New Era in Cybersecurity | Blog

In today’s ever-evolving threat landscape, generative Artificial Intelligence (GAI) is becoming an increasingly popular technology tool to defend against sophisticated cyberattacks. Read on to learn about the latest investments in GAI-powered security products, the potential benefits and drawbacks, and the ramifications for the cybersecurity workforce and industry. 

Learn about the latest pricing trends in cyber security in our webinar, Cyber Resiliency Strategy: Key Themes and Pricing Trends for 2023.

GAI has grabbed worldwide interest with its ability to create unique and realistic images, text, audio, code, simulations, and videos that previously were not thought to be possible. Lately, GAI has been applied in many industries, such as the creative arts, healthcare, entertainment, and advertising. Let’s explore the latest cybersecurity industry trends and how GAI can help security teams stay one step ahead of the latest threats.

Cybersecurity vendors are leaving no stone unturned to deliver the power of GAI

In recent years, advanced Artificial Intelligence (AI)- and Machine Learning (ML)-based technologies have been rapidly adopted across the cyber industry, providing intelligent automation capabilities and also augmenting human talent.

The vast use cases of AI/ML in cybersecurity include proactive threat detection, prevention, intelligence, user and entity behavior analytics (UEBA), anomaly detection, vulnerability management, automated incident investigation and response, and more.

With the release of ChatGPT (GPT-3.5/GPT-4), DALL-E, Midjourney AI, Stable Diffusion, and other developments, the hype around GAI is accelerating faster than ever, and vendors are racing to harness its power to develop new products and solutions leveraging this technology.

Key GAI vendor announcements

Picture1 5

Here are some examples of suppliers adopting GAI technology in the past four months alone:

  • SlashNext launched Generative HumanAI, an email security product aimed at combating business email compromise (BEC), in February
  • Microsoft introduced Security Copilot, a solution to help security professionals identify and respond to potential threats using OpenAI’s GPT-4 GAI and Microsoft’s proprietary security-specific model, in March
  • Flashpoint expanded its partnership with Google, incorporating GAI into its intelligence solutions for improved threat detection in April
  • Among other announcements last month, Recorded Future integrated OpenAI’s GPT model into its AI, Cohesity integrated with Microsoft’s Azure OpenAI for anomaly detection, and Veracode developed a tool utilizing GAI to address security code flaws

Generative AI captured massive attention at RSAC

At the recently concluded RSA Conference 2023 in San Francisco, GAI was a fascinating theme that was widely discussed and showcased in many innovative security products. These include SentinelOne’s announcement of Purple AI, which will leverage GAI and reinforcement learning capabilities to not just detect and thwart attacks but also autonomously remediate them.

Also at the event, Google Cloud launched its Security AI Workbench powered by a security-specific large language model (LLM), Sec-PaLM, aimed at addressing the top three security challenges – threat overload, toilsome tools, and the talent gap. The offering incorporates VirusTotal Code Insight and Mandiant Breach Analytics for Chronicle to augment efforts to analyze incidents and detect and respond to threats.

Foreseeable advantages stemming from GAI in the cybersecurity world

The advantages of using GAI for this industry can include:

  • Enhancing threat and vulnerability detection, response, and automated remediation

Its ability to analyze enormous amounts of data and insights from multiple sources enables GAI to detect malicious or anomalous patterns that otherwise might go unnoticed. This can lower alert fatigue and improve the mean time to detect or discover (MTTD), mean time to restore (MTTR), and threat coverage, and enhance overall risk management strategies while reducing total security operations costs. GAI can be employed for machine-speed triaging, predictive remediation, and automated response and action for low-risk incidents. Other potential applications are leveraging the technology to detect malicious URLs and websites and AI-powered phishing campaigns run against enterprises. Furthermore, it can be utilized in Infrastructure as a Code (IaaS) security for detecting and hardenings flaws and for auto-remediation of security misconfigurations and vulnerabilities in applications.

  • Bridging the cybersecurity talent gap

The cybersecurity skills shortage is widely recognized, with enterprises finding it daunting to hire and retain talent to effectively run internal programs. More than 3.4 million skilled cybersecurity professionals are currently required globally, according to the 2022 (ISC)² Cybersecurity Workforce Study.

GAI can create phishing/cyberattacks and stimulate threat environments or security awareness programs to test security professionals’ skills and knowledge, accelerating the learning curve and quickly upskilling and reskilling employees. The technology also can be applied to generate automated workflows, playbooks, use cases, and runbooks for enhanced security delivery capabilities.

  • Powering virtual assistance, enhanced collaboration, and knowledge sharing

GAI can lessen the burden on analysts of mundane tasks by analyzing, visualizing, and summarizing complex security data into comprehensive reports and charts that previously were created manually. GAI also can help build robust assistants for coding, chat, security, or investigation. It potentially can facilitate effective communication, and serve as a centralized knowledge repository, making it easy to share and manage data from one place. This can help enterprises augment knowledge management and foster a culture of continuous learning and engagement.

Watch out for offensive capabilities of GAI in cybersecurity

Major companies, including Apple, Samsung, Amazon, Accenture, Goldman Sachs, and Verizon, have either banned or restricted employees’ use of GAI-powered utilities to safeguard data confidentiality. Data breaches are a primary risk associated with GAI. Models use massive data sets for learning, and that data could contain enterprises’ sensitive information including Personal Identifiable Information (PII) and financial data. If carelessly handled, it could lead to unauthorized access, unintended disclosure, misuse, and even IP or copyright infringement. GAI also exposes enterprises to regulatory compliance risks, especially those subject to strict data protection laws like the General Data Protection Regulation (GDPR), Health Insurance Portability and Accountability Act (HIPAA), the California Consumer Privacy Act (CCPA), etc.

The use of GAI for malicious practices in social engineering, spear phishing, and other scams has been on the uptick. Another potential offensive aspect is that GAI can be employed to create advanced malware strains capable of evading signature-based detection measures.

Malicious actors could use GAI to create sophisticated exploits and other invasive codes to bypass security systems and exploit vulnerabilities in touchpoints. Considering its power to generate new content, brute-force attacks for password theft can be easily facilitated via GAI.

In addition, hackers can utilize deepfake technology to impersonate individuals, leading to identity theft, financial fraud, and the proliferation of misinformation. The efficiency and accuracy of an ML-based security system can be sabotaged if a hacker automates the creation of false positives, wasting analysts’ time and resources while ignoring the real threat.

GAI – A boon or bane?

In the words of Abraham Lincoln, “The best way to predict the future is to create it.” GAI is doing just that. The heavy investments in GAI are a double-edged sword. While the technology can strengthen enterprises’ cyber shield arsenal, adversaries can use it to thwart their defensive attempts. GAI is here to stay and its adoption will accelerate even with security threats, making it pressing for cyber leaders to quickly determine their response and adoption strategies.

Cyber leaders may find a path to expand their roles and become protectors of enterprises by actively taking actions to address GAI’s use. These proactive initiatives can include robust data loss prevention and governance; usage guidelines, policies, and frameworks; workforce education; thorough vulnerability and risk assessments; comprehensive identity and access management; and incident detection and response plans.

Everest Group will continue to follow this growth area. To discuss cybersecurity industry trends, please contact Prabhjyot Kaur and Kumar Avijit.

Continue learning about cybersecurity industry trends in the blog, Now is the Time to Protect Operational Technology Systems from Cyber Risks.

Computer in Russia Breached Metro System amid Security Concerns, Report Says | In the News

A personal computer in Russia was used to breach Metro’s computer network this year after the transit agency repeatedly was warned that cybersecurity deficiencies left its systems open to information theft and national security threats, according to a report released Wednesday.

Nitish Mittal, Partner at Everest Group, said continuing to maintain ties with Russia, after it invaded Ukraine, presented reputational and security risks after the war began, noting that it was relatively easy for IT companies to leave. Mittal said companies are increasingly looking to ensure their outside technology teams are in friendly countries, a concept he referred to as “ally-shoring.” “Going forward, we do see clients trying to future-proof how they source talent,” Nitish added.

Read more in The Washington Post.

RSA 2023 Conference Sizzles with Focus on Artificial Intelligence for Cybersecurity | Blog

Generative Artificial Intelligence, threat detection and response, simpler cybersecurity solutions, attack vectors, and identity and access management were among the key cybersecurity industry trends grabbing attention at the RSA Conference in San Francisco. Read on to learn the main takeaways from our analysts who attended the recent event.

You can also reach out to us to learn more.

The annual RSA Conference (RSAC) lived up to the expectations of being one of the industry’s largest cybersecurity events, with 40,000-plus attendees packing the Moscone Center over four active days. The energizing atmosphere showed the cybersecurity community’s eagerness to meet and socialize again post-pandemic.

Here are the main cybersecurity industry trends we saw at RSAC 2023.

Generative Artificial Intelligence (GAI)

Generative AI stole the show with widespread discussion on the technology in every corner of the trade show floor that continued at social gatherings. Among the many new products launched at the event was Google Cloud’s Security AI Workbench, based on its propriety security large language model (LLM) Sec-PaLM that includes data sets from Chronicle VirusTotal and Mandiant threat intelligence.

In the past few years, advanced AI and Machine Learning (ML)-based technologies and use cases have swept the cyber industry. But we have never seen such a level of hype as garnered by Microsoft’s announcement of Security Copilot, based on  OpenAI’s GPT-4 Generative AI. This security analysis feature is aimed at helping security professionals understand threat landscapes and quickly detect and respond to potential threats.

Generative AI’s many benefits outweigh security concerns, especially in the talent-crunched cyber market. It can play a defining role in bringing efficiencies in security operations and scaling talent readiness.

Among potential areas we see Generative AI playing a larger role are summarizing incidents and findings, generating clear and concise reports and presentations, and augmenting human analyst capabilities by tailoring responsibilities to the organization’s landscape and enhancing the analyst experience.

Threat detection and response

Managed detection and response (MDR) and extended detection and response (XDR) providers had one of the largest presences at expo booths. As detection and response emerges as a primary shield by enterprises to protect and defend against cyber attacks, demand is increasing for MDR services.

Further, enterprises demand extensive telemetry coverage across not only traditional touchpoints such as endpoints and networks but also across next-generation touchpoints such as cloud, SaaS applications, and Internet of Things/operational technology (IoT/OT).

Our recent analysis of 27 MDR service providers in the Managed Detection and Response (MDR) Services PEAK Matrix® Assessment 2023, found OT and IoT monitoring and response are key differentiators within enterprises.

Shift from best of breed to ease of integration and management

Cybersecurity point solutions have grown 13 times in the past decade, increasing complexity and slowing enterprise decision-making. Enterprises are demanding a shift from best-of-breed solutions to future-proof solutions that are easy to integrate and manage.

This is creating opportunities for providers to approach the enterprise cybersecurity landscape with a consolidation mindset, drive simplification, and reduce the total cost of ownership.

Attack vectors remain a constant

Vulnerabilities, cyber-attacks, ransomware, supply chain security, software bill of materials (SBOM), and breaches remained the buzz at RSAC 2023. Aggravated by the ever-changing and never-ending regulations, the C-suite is in the middle of cybersecurity action, and cybersecurity providers must focus on boardrooms for budget approvals.

Year of identity

Will 2023 be the year of identity? Identity and access management has risen as an area getting maximum budget allocations and missing the CFO’s axe in the current macroeconomic headwinds. Enterprises are looking to get started with identities to fortify their cybersecurity posture, kickstart the zero-trust journey, enhance customer experience, and drive business outcomes from cyber investment.

Everest Group will continue to investigate this growth area. Stay tuned for our inaugural Identity and Access Management PEAK Matrix Assessment.

To discuss RCA and cybersecurity industry trends, please reach out to [email protected] and [email protected].

Dive further into the current Generative AI discussion in our webinar, Welcoming the AI summer: How Generative AI is Transforming Experiences.

How can we engage?

Please let us know how we can help you on your journey.

Contact Us

"*" indicates required fields

Please review our Privacy Notice and check the box below to consent to the use of Personal Data that you provide.