Velkomin í CISO Corner, vikulega grein Dark Reading sem er sérsniðin að lesendum öryggisaðgerða og öryggisleiðtogum. Í hverri viku munum við bjóða upp á greinar sem unnar eru úr fréttaþjónustu okkar, The Edge, DR Technology, DR Global og athugasemdahlutann okkar. Við erum staðráðin í að færa þér fjölbreytt sett af sjónarhornum til að styðja starfið við að framkvæma netöryggisáætlanir, fyrir leiðtoga hjá samtökum af öllum stærðum og gerðum.

In This Issue of CISO Corner:

GPT-4 getur nýtt sér flestar villur bara með því að lesa ógnarráðleggingar

By Nate Nelson, Contributing Writer, Dark Reading

A slicker phishing lure and some basic malware was about all threat actors have been able to squeeze out of artificial intelligence (AI) and large language model (LLM) tools so far — but that’s about to change, according to a team of academics.

Researchers at the University of Illinois Urbana-Champaign have demonstrated that by using GPT-4 they can automate the process of gathering threat advisories and exploiting vulnerabilities as soon as they are made public. In fact, GPT-4 was able to exploit 87% of vulnerabilities it was tested against, according to the research. Other models weren’t as effective.

Þó að AI technology is new, the report advises that in response, organizations should tighten up tried-and-true best security practices, particularly patching, to defend against automated exploits enabled by AI. Moving forward, as adversaries adopt more sophisticated AI and LLM tools, security teams might consider using the same technologies to defend their systems, the researchers added. The report pointed to automating malware analysis a promising use-case example.

Lesa meira: GPT-4 getur nýtt sér flestar villur bara með því að lesa ógnarráðleggingar

Tengt: Fyrsta skrefið í að tryggja AI/ML verkfæri er að finna þau

Brjóttu öryggisbrennslu: Að sameina forystu með taugavísindum

By Elizabeth Montalbano, Contributing Writer, Dark Reading

Widely reported burnout among cybersecurity professionals is only getting worse. It starts at the top with pressure on CISOs mounting from all sides — regulators, boards, shareholders, and customers — to assume all the responsibility for an entire organization’s security, without much control of budgeting or priorities. Wider enterprise cybersecurity teams are wearing down too under the weight of putting in long, stressful hours to prevent seemingly inevitable cyberattacks.

Certainly awareness of the stress and strain driving talent away from the cybersecurity profession is widely acknowledged, but workable solutions have been elusive.

Now two professionals looking to break what they call the “security fatigue cycle” say leaning on neuroscience can help. Peter Coroneros, founder of Cybermindz and Kayla Williams, CISO of Devo, have come together to advocate for more empathetic leadership informed by a better understanding of mental health, and will be presenting their ideas in more detail at this year’s RSA Conference.

For example, they found tools like iRest (Integrative Restoration) attention training techniques, which have been used for 40 years by US and Australian militaries help people under chronic stress get out of the “flight-or-flight” state and relax. iRest could also be a useful tool for frazzled cybersecurity teams, they said.

Lesa meira: Brjóttu öryggisbrennslu: Að sameina forystu með taugavísindum

Global: Cyber Operations Intensify in Middle East, With Israel the Main Target

Eftir Robert Lemos, rithöfundur, Dark Reading

The unraveling crisis in the Middle East continues to produce historic volumes of cyberattacks to support military operations.

There are two categories of adversary groups at work, according to experts — nation-state threat actors working as an arm of a military operation and hacktivist groups attacking willy-nilly based on opportunity and a victim’s perceived proximity to the group’s enemies.

Israel’s National Cyber Directive boss said Iranian- and Hezbollah-affiliated groups have been trying to take down the country’s networks “around the clock.”

Cybersecurity experts warns Israel should prepare for destructive cyberattacks to continue as the Iran-Israel cyber conflict stigmagnast.

Lesa meira: Cyber Operations Intensify in Middle East, With Israel the Main Target

Tengt: Tölvuþrjótar sem styðja Íran sprengja út hótunartexta til Ísraelsmanna

Flókinn vegur Cisco til að standa við Hypershield loforð sitt

Eftir Robert Lemos, rithöfundur

Cisco’s big reveal of its AI-powered cloud security platform Hypershield was big on buzzwords and left industry watchers with questions about how the tool is going to deliver on its pitch.

Automated patching, anomalous behavior detection and blocking, AI-agents maintaining real-time security controls around every workload, and a new “digital twin” approach are all touted as Hypershield features.

The modern approach would be a major step forward “If they pull it off,” David Holmes, a principal analyst with Forrester Research said.

Jon Oltisk, analyst emeritus at Enterprise Strategy Group, compared Hypershield’s ambitions to the development of driver-assist features in cars, “The trick is how it comes together.”

Cisco Hypershield is scheduled for release in August.

Lesa meira: Flókinn vegur Cisco til að standa við Hypershield loforð sitt

Tengt: Fyrsta bylgja gervigreindar til að laga varnarleysi í boði fyrir hönnuði

Endurjafnvægi NIST: Hvers vegna 'bati' getur ekki staðið einn

Commentary By Alex Janas, Field Chief Technology Officer, Commvault

Although NIST’s new guidance on data security is an important basic overview, but falls short on offering best practices for how to recover from a cyberattack once it’s already happened.

Today, organizations need to assume they have been, or will be, breached and plan accordingly. That advice is perhaps even more important than the other elements of the new NIST framework, this commentary argues.

Companies should immediately work to address any gaps in cybersecurity preparedness and response playbooks.

Lesa meira: Rebalancing NIST: Why ‘Recovery’ Can’t Stand Alone

Tengt: NIST Cybersecurity Framework 2.0: 4 skref til að byrja

3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

Commentary By Chris Crummey, Director, Executive & Board Cyber Services, Sygnia

Working to develop an effective and tested incident response plan is the best thing executives can do to prepare their organization for a cyber incident. Most major mistakes happen in the first “golden hour” of a cyber incident response, the commentary explains. That means ensuring every member of the team has a well-defined role and can get to work quickly on finding the best path forward, and crucially, not making remediation errors that can upend recovery timelines.

Lesa meira: 3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

Tengt: 7 Things Your Ransomware Response Playbook Is Likely Missing

Rethinking How You Work With Detection and Response Metrics

By Jeffrey Schwartz, Contributing Writer, Dark Reading

During the recent Black Hat Asia conference Allyn Stott, senior staff engineer with Airbnb challenged every security professional to rethink the role metrics play in their organization’s threat detection and response.

Metrics drive better performance and help cybersecurity managers demonstrate how detection and response program investment translates into less business risk to leadership.

The single most important security operations center metric: alert volume, Stott explained. He added looking back over his past work, he regrets how much he leaned on the MITER ATT&CK ramma. He recommends incorporating others including SANS SABRE framework and Hunting Maturity Model.

Lesa meira: Rethinking How You Work With Detection and Response Metrics

Tengt: SANS Institute Research Shows What Frameworks, Benchmarks, and Techniques Organizations Use on their Path to Security Maturity

• SEO knúið efni og PR dreifing. Fáðu magnara í dag.
• PlatoData.Network Vertical Generative Ai. Styrktu sjálfan þig. Aðgangur hér.
• PlatoAiStream. Web3 upplýsingaöflun. Þekking aukin. Aðgangur hér.
• PlatóESG. Kolefni, CleanTech, Orka, Umhverfi, Sól, Úrgangsstjórnun. Aðgangur hér.
• PlatoHealth. Líftækni og klínísk rannsóknagreind. Aðgangur hér.
• Heimild: https://www.darkreading.com/cybersecurity-operations/ciso-corner-gpt-4-exploits-breaking-staff-burnout-rebalancing-nist