Three insights you might have missed from Black Hat USA
The growing threat of cybersecurity attacks along the increasingly complex AI landscape reflects one reason Black Hat USA 2024 is one of the biggest cybersecurity conferences of the year.
With 17.8 million phishing emails in the last six months — 62% of which bypassed existing domain barriers — it’s easy to see why robust, versatile cybersecurity and risk management solutions are more crucial than ever.
“I think the next five years, and then the next 10 to 20, will be a reset for security,” said John Furrier, executive analyst at theCUBE Research. He added that generative AI could be an opportunity to solve data security problems at scale.
Furrier and Savannah Peterson, co-host of theCUBE, SiliconANGLE Media’s livestreaming studio, spoke with top executives and cybersecurity industry experts during the event. Discussions focused on open-source trends for countering modern, AI-savvy threats, including best practices, relevant statistics and emerging announcements related to cybersecurity resilience. (* Disclosure below.)
Here are three key insights you may have missed from theCUBE’s Black Hat USA 2024 event coverage:
1. There’s an urgent need to address complexity and sprawl and create a resilient infrastructure to optimize cybersecurity and risk management solutions.
The cybersecurity landscape is becoming increasingly complex, with a glut of vendors and products creating an environment that’s difficult for organizations to manage. According to Furrier, the volume of products organizations have installed makes consolidating security tools an enormous challenge. Moreover, constantly emerging new threats compound the problem, leaving organizations scrambling to continually adapt and expand their cybersecurity and risk management strategies to stay ahead of black hat attacks.
“You’ve got 3,700 vendors and 8,000 products, and the threats aren’t stopping,” Furrier said. “Contrary to what people are saying, vendors aren’t consolidating because there’s too many threats to plug when you’ve got to plug those holes and those bad guys.”
A secure infrastructure also plays a crucial role in transforming cybersecurity, according to Zeus Kerravala, founder and principal analyst at ZK Research. Even the most advanced AI solutions can’t reach their full potential without a robust foundation, making it critical for companies to strengthen their systems to support these solutions.
“You have to be resilient in your infrastructure in order to protect yourself and be up and running all the time,” Kerravala said. “All this AI stuff is great, but if your infrastructure’s not up and running and ready, none of that AI stuff does you any good.”
This sentiment echoes Furrier’s emphasis on end-to-end workflows and vertical stack integration, where generative AI could play a key role.
“I think the smart [chief security officers] I talked to are looking at end-to-end workloads, putting gen AI in there and using gen AI and designing it,” Furrier said. “Because whoever doesn’t have that new foundation like we’re seeing in cloud and other enterprises, it’s not going to really work out.”
The biggest hindrance to AI today, according to Kerravala, is managing and securing data effectively. Companies that attempted to consolidate their data into a large database or data lake quickly ran into roadblocks.
“It’s interesting that when you look at all the AI for whatever — networking, collaboration … — AI for security has been out there, but there hasn’t been a lot of talk about security for AI,” Kerravala said. “I think that’s been a bit of a missing piece, because I think it’s hard to do and nobody’s really figured out how to do that yet.”
Here’s theCUBE’s complete video interview with Zeus Kerravala:
2. AI plays a vital role in big tech companies’ efforts, including Google Cloud and Microsoft, to combat cybersecurity threats.
Big tech companies are using generative AI and accessing diverse skill sets to enhance cybersecurity and risk management, collaborate with partners and effectively address emerging global threats.
Organizations need to incorporate every asset they have when it comes to cybersecurity and risk management strategies, including their employees, according to MK Palmore, president of Cyversity and director of the office of the chief information security officer at Google Cloud. Data science and cybersecurity are two fields where people with non-traditional backgrounds can come in and grow in their careers, especially if they’re inquisitive by nature and like solving problems.
“Talk about that impact and what you are seeing from a skill standpoint because … sometimes the diversity in thought and also background helps solve the problems,” Palmore said. “Talk about the skills required for the folks watching that you don’t need to go to the special schools … you can come in if you’re smart, you can come in and hit the ground running.”
It’s no surprise that Google Cloud is an enthusiastic proponent of generative AI and its potential impact on commercial enterprises and the public sector. For example, using generative AI tools helps cybersecurity defenders extend their capabilities, giving them a proactive edge against security threats, according to Palmore. Companies want to know how to use this technology.
“Those are things that they’re learning either through use cases that we are sharing with them or just in creative sessions … we really are seeing organizations become more efficient [and] deliver constituent services,” Palmore said.
Microsoft Corp. emphasizes the importance of disrupting threat actors through collaboration with law enforcement and embedding protective measures across its product deployments, according to Sherrod DeGrippo (pictured), director of threat intelligence strategy.
“When you’re locked out of Microsoft, you’re really locked out of the world,” she said. “I think a lot of analysts really take that to heart.”
Microsoft also works closely with its worldwide public sector partners, sharing intelligence to combat global threats, according to DeGrippo. While the public sector has vast amounts of data and signals, Microsoft provides crucial intelligence to fill in the gaps. Its ultimate goal is to shut down threat actors that can harm the global footprint.
Citing how the company is dealing with a new North Korean threat actor, DeGrippo explains, “We work to share signals and [indicators of compromise] IOCs with our public sector partners, confirm attribution … and use the tradecraft that we need … to do that work. Many of our analysts are classically trained either from the large government intelligence community or have a really deep enterprise threat-hunting background, and they’re really fascinating.”
Here’s the theCUBE’s complete video interview with Sherrod DeGrippo:
3. While AI poses challenges to cybersecurity, market innovators are turning the tables, using AI to deliver solutions that effectively combat threats.
Leading organizations such as Armis Inc., Cribl Inc. and Veza Inc. are using generative AI to enhance cybersecurity and risk management tools. These companies are focused on moving from reactive to proactive risk management and optimizing data access and efficiency using advanced AI-powered tools.
Armis, which has integrated AI into its platform, seeks to make the leap from reactive incident detection and response to proactive risk mitigation, according to Nadir Izrael, co-founder and chief technology officer at Armis. This strategy allows the company to provide more cost-effective and efficient cybersecurity and risk management solutions.
“AI helps us understand data better and automate processes, which is changing the landscape of our products and what our customers are doing,” Izrael noted. “On our end, I think that the usage of gen AI and how much it can help teams be that much more efficient, effective and scalable is huge.”
Cribl, which is expanding on its data maturity ethos, is on a mission to reinvigorate enterprise data management and security. The company provides tools that seamlessly process and transport organizations’ data, reducing costs and improving efficiency, according to Jackie McGuire, senior security strategist and market strategy manager at Cribl.
“We launched Cribl Lake, which is a managed lake product that literally you can spin up a lake without having to put a ticket into IT,” McGuire explained. She went on to talk about the company’s federated search product, Cribl Search, which “was us figuring out how to make searching more efficient,” a critical capability in incidence response.
Veza recognizes that in an identity-driven world, managing data access becomes an ongoing challenge for the cybersecurity industry, according to Tarun Thakur, co-founder and chief executive officer of Veza Inc. The company’s latest innovation, Access AI, is designed to simplify permission and entitlement management across a variety of systems.
“Now, you have a capability, a ChatGPT-like interface, a gen AI-powered interface,” Thakur said. “Open AI as a compute instance needs access to some data that it can run as a machine … we’re calling it role recommendations, which is a very powerful interface.”
Here’s the theCUBE’s complete video interview with Jackie McGuire:
To watch more of theCUBE’s coverage of Black Hat USA 2024, here’s our complete event video playlist:
(* Disclosure: TheCUBE is a paid media partner for Black Hat USA. Sponsors of theCUBE’s event coverage do not have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU