Winter in London features Hyde Park's Winter Wonderland, Christmas lights galore, and the return of the Black Hat Europe cybersecurity conference, featuring briefings on everything from quantum cryptography and router pwning to dissecting iOS zero-days and training generative AI to attack.
In the constant struggle to manage the other five pillars - identify, protect, detect, respond and recover - security leaders often do not have governance at top of mind, said Netography CEO Martin Roesch, but he added, "Good governance is the root of having good security."
Security researchers say attackers are actively attempting to exploit a critical vulnerability in unpatched ownCloud implementations, which they can use to steal credentials and other secret information. Last month, ownCloud said it had sent all users a security alert and updates to fix the flaws.
In this episode of "Cybersecurity Insights," Eyal Fisher discussed Sweet Security's Cloud Runtime Security Suite, which helps CISOS and security teams defend against all stages of a cyberattack by gathering data, generating insights, baselining the normal environment and looking for deviations.
In an effort to upstage Microsoft in the AI space, AWS CEO Adam Selipsky invited NVIDIA CEO Jensen Huang and Dario Amodei, co-founder of Anthropic, to share the stage at AWS re:Invent 2023. Selipsky committed to integrating generative AI across AWS solutions and guardrails to secure customer data.
Sam Altman's abrupt exit from OpenAI has sent shockwaves rippling through Silicon Valley over this weekend, but of a variety very different than those that emanated from the recent collapses of FTX and SVB. Altman spent the last six years building a transformational technology.
Corporate boards of directors are now mandated to take stronger roles in enterprise cybersecurity. That can be both good news and concerning. David Homovich of Google Cloud tells how to turn board interest into a positive relationship to improve crisis communication and defenses.
Stolen and compromised credentials continue to be the crux of major health data security incidents involving cloud environments. But stronger credential management practices and a focused approach to "least privilege engineering" would help, said Taylor Lehmann of Google Cloud.
Palo Alto Networks plans to purchase a data security posture management startup led by a Microsoft and Google veteran and backed by Samsung. The proposed buy of Tel Aviv, Israel-based Dig Security will give Palo Alto Networks customers visibility into and control of their multi-cloud data estate.
Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and team up with Microsoft's generative AI practice to speed automation design and development.
A mid-market security operations vendor founded by a ex-Marine Corps officer closed its Series B funding round to pursue a product-led growth strategy. Washington D.C.-based Adlumin will use the $70 million to launch free tools in the cloud configuration and remote monitoring and management spaces.
The Clop ransomware operation's recent mass zero-day exploit of Progress Software's MOVEit secure managed file transfer software followed the criminals launching similar attacks against users of Accellion FTA, SolarWinds Serv-U and Fortra GoAnywhere.
Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors deliver vulnerability management has shifted away from ingesting vulnerability assessment results.