Redefining CyberSecurity

As cyber threats grow more sophisticated and target various aspects of businesses across digital assets and surfaces, a common practice is to increase the number of security layers a company uses, often tasked to an MSP. However, this approach has led to a new dilemma: MSPs are now dealing with managing a plethora of disparate point solutions simultaneously. These solutions generate an overwhelming amount of data, information, and alerts that demand attention. As SMBs often lack dedicated personnel and resources to handle these alerts, the task falls on MSPs. This leaves MSPs struggling to manage the flood of information effectively.Guardz empowers MSPs and IT service providers to protect their clients effectively and efficiently, offering a unified platform with automated detection and response, which ensures digital assets, emails, endpoints, data and cloud directories are secure, allowing businesses to focus on growth. The Guardz platform is tailor-made for MSPs, simplifying cybersecurity management for SMBs and the MSPs that serve them. Leveraging the power of AI, Guardz automates threat detection and response, reducing false alerts and focusing on real threats. It provides scalable solutions for MSPs, comprehensive coverage for SMBs, and a user-friendly interface, ensuring robust protection and proactive security measures like regular vulnerability assessments and continuous monitoring.Guardz is transforming the future of cybersecurity by streamlining security management and enhancing efficiency. By unifying disparate solutions into a single platform that unifies detection from its own security stack and automates the response utilizing AI,Guardz empowers MSPs to significantly reduce complexity and operational burdens as they secure their SMB customers. AI-driven threat detection and automated response capabilities minimize false alerts and ensure rapid remediation of threats, allowing MSPs to focus on strategic tasks rather than being overwhelmed by data. The scalability of Guardz’s solutions means that even small businesses can access enterprise-quality security, fostering a more secure business environment overall. This transformation leads to better-prepared MSPs, more resilient SMBs, and a more secure digital landscape.Learn more about Guardz: https://itspm.ag/guardzrgigNote: This story contains promotional content. Learn more.Guest: Dor Eisner, CEO and Co-Founder, Guardz [@GuardzCyber]On LinkedIn | https://www.linkedin.com/in/dor-eisner-17067744/ResourcesLearn more and catch more stories from Guardz: https://www.itspmagazine.com/directory/guardzFor a free 14 day trial of Guardz’s platform please visit https://itspm.ag/guardzgvu3.Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Fred Heiding, Research Fellow, HarvardOn LinkedIn | https://www.linkedin.com/in/fheiding/On Twitter | https://twitter.com/fredheidingOn Mastodon | https://mastodon.social/@fredheidingOn Instagram | https://www.instagram.com/fheiding/Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn today's digital era, AI-enhanced phishing attacks are transforming the landscape of cybersecurity. An insightful episode of The Redefining CyberSecurity Podcast features host Sean Martin alongside ITSPmagazine co-founder Marco Ciappelli, and guest Fred Heiding, a research fellow in computer science at Harvard School of Engineering and Applied Sciences, and a fellow at the Harvard Kennedy School.Fred Heiding shares updates on the evolution of phishing attacks using AI, highlighting both the technical facets and the societal implications. He explains how advanced language models can now automate the creation of highly realistic phishing emails, making it easier and more cost-effective for attackers to target individuals and organizations.Heiding discusses the concept of hyper-personalization, where attackers gather granular information about their targets, such as their communication patterns and personal interests, to craft emails that seem authentic and trustworthy. This hyper-personalization poses significant challenges.Heiding provides an example where attackers mimicked a Black Hat organizer's email, highlighting the precision and timing crucial for successful phishing. The use of open-source language models, which can be adjusted by developers to remove any built-in protections, further exacerbates the issue.Marco Ciappelli ponders the potential solutions by leveraging AI for defensive strategies. Heiding acknowledges this is an area with promise, particularly in personalized spam filters, yet notes the inherent advantages attackers hold over defenders due to the unpatchable nature of human intuition. Defense mechanisms using AI can marginally enhance current spam filters but face limitations in practicality and widespread adoption because of people's reluctance toward continuous training and complex defense mechanisms.Sean Martin evaluates the potential of AI in monitoring patterns of human vulnerability over time, which could redefine phishing training by focusing on specific, individualized principles. However, he also stresses the economic aspect, citing that cheaper and more efficient phishing methods increase the attack's scale and frequency, further complicating defensive strategies.Heiding and Ciappelli both emphasize that while technological advancements provide tools for protection, they also require more personal data to be effective—a trade-off that involves significant privacy concerns. The future of online trust, according to Heiding, appears precarious. As phishing attacks become more sophisticated, the very nature of how people trust digital communications must evolve.Overall, this episode underscores the critical need for ongoing research and dialogue in cybersecurity, focusing on balancing innovation in defense mechanisms against the ever-advancing sophistication of attacks.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesHarvard Business Review article: https://hbr.org/2024/05/ai-will-increase-the-quantity-and-quality-of-phishing-scamsIEEE Access article: https://ieeexplore.ieee.org/document/10466545BSides presentation: https://bsideslv.org/talks#8WK8P3Hacking Humans Using LLMs with Fredrik Heiding: Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models | Las Vegas Black Hat 2023 Event Coverage | Redefining CyberSecurity Podcast With Sean Martin and Marco Ciappelli: https://redefining-cybersecurity.simplecast.com/episodes/hacking-humans-using-llms-with-fredrik-heiding-devising-and-detecting-phishing-large-language-models-vs-smaller-human-models-las-vegas-black-hat-2023-event-coverage-redefining-cybersecurity-podcast-with-sean-martin-and-marco-ciappelliA Framework for Evaluating National Cybersecurity Strategies | A Black Hat USA 2024 Conversation with Fred Heiding | On Location Coverage with Sean Martin and Marco Ciappelli: https://redefining-cybersecurity.simplecast.com/episodes/a-framework-for-evaluating-national-cybersecurity-strategies-a-black-hat-usa-2024-conversation-with-fred-heiding-on-location-coverage-with-sean-martin-and-marco-ciappelliDeep Backdoors in Deep Reinforcement Learning Agents | A Black Hat USA 2024 Conversation with Vas Mavroudis and Jamie Gawith | On Location Coverage with Sean Martin and Marco Ciappelli: https://itsprad.io/redefiningcybersecurity-454___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Steve Corrick, Director, Cybertech New YorkOn LinkedIn | https://www.linkedin.com/in/stevecorrick/On Twitter | https://x.com/scorrickOn Facebook | https://www.facebook.com/stephen.corrick____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesA Virtual Road Trip to CyberTech NYCIn a lively pre-event discussion, we embark on a metaphorical journey across the States, representing our excitement for the CyberTech NYC Conference, happening on September 5th, 2024, at the Metropolitan Pavilion in Chelsea. The idea of this "drive" is a fun nod to the interconnectedness of our virtual world and our anticipation of the event.Event Spotlight: Why CyberTech NYC MattersWe kick things off by highlighting the significance of this event, mentioning that it starts early on September 4th with pre-event activities, leading up to the main event on the 5th. Steve Corrick, one of the key organizers, provides a behind-the-scenes look at the planning process and explains how this third edition of CyberTech NYC has become a distinctive fixture in the cyber ecosystem.The Global and Local Impact of CyberTechSteve takes us through the journey of CyberTech as a global series, tracing its roots from Tel Aviv to its expansion across multiple continents. What sets CyberTech NYC apart, he says, is its dual focus on both global trends and local innovation. New York City, now a burgeoning hub for tech and cybersecurity, plays host to an event that showcases local talent, startups, and established players alike.Comprehensive Coverage of Cyber TopicsThe event’s agenda is packed with content designed to tackle critical issues, such as:Cyber Talent Initiative: Programs for everyone, from students to professionals looking to upskill.VC and Investor Focus: The Investing in the Best initiative to help startups boost their funding.Government and Agency Involvement: Discussions on how localities can strengthen their cyber ecosystems.Main Stage Content: Keynotes on fake news, the role of cyber in elections, and other pressing topics.Inclusivity and Innovation: A Diverse Speaker LineupWe appreciate the diversity of speakers and the range of topics covered. With big names like Walmart, AWS, and various innovative startups, the event promises to offer something for everyone. Steve also explains the event’s blend of formats, including main stage panels, roundtables, and think tanks, all aimed at fostering in-depth discussions and knowledge sharing.The Evolving Cyber LandscapeReflecting on how cybersecurity events have evolved over the years, Steve notes the shift from niche gatherings to mainstream importance. With cyber threats becoming part of our daily lives, collaboration among countries and industries has become essential for enhancing global security.Local Focus with Global ReachWe commend the event’s ability to balance global participation with a strong local focus. Steve agrees, emphasizing their collaboration with local and state-level initiatives in New York, further solidifying the city’s place on the global cybersecurity map.Looking Forward to CyberTech NYC 2024Our conversation wraps up with a sneak peek at the event’s schedule, including a Happy Cyber Hour on the evening of September 5th and additional pre-event activities on the 4th. Steve and his team are excited to connect with participants from around the globe, and we’ll be sharing more updates as CyberTech NYC 2024 approaches.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode’s SponsorsAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf____________________________Follow our Cybertech NYC 2024 coverage: https://www.itspmagazine.com/cybertech-nyc-2024-cybersecurity-event-coverage-in-new-york-cityOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllRjdy_wDSLBwgPkM3zSeau_Be sure to share and subscribe!____________________________ResourcesLearn more about Cybertech NYC 2024: https://nyc.cybertechconference.com/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Let's take a ride through the highlights of Black Hat 2024! The hosts share unforgettable experiences and key takeaways from the conference. They dive into evolving conversations around proactive cybersecurity strategies and the essential role of AI. There's also a focus on boosting digital literacy across society and business. Exciting upcoming events in Toronto and Melbourne are on the horizon, along with discussions about community engagement and innovation in cybersecurity. Buckle up for a whirlwind of insights!

Guest: Steve Wilson, Chief Product Officer, Exabeam [@exabeam] & Project Lead,  OWASP Top 10 for Larage Language Model Applications [@owasp]On LinkedIn | https://www.linkedin.com/in/wilsonsd/On Twitter | https://x.com/virtualsteve____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of the Chat on the Road On Location series for OWASP AppSec Global in San Francisco, Sean Martin hosts a compelling conversation with Steve Wilson, Project Lead for the OWASP Top 10 for Large Language Model AI Applications. The discussion, as you might guess, centers on the OWASP Top 10 list for Large Language Models (LLMs) and the security challenges associated with these technologies. Wilson highlights the growing relevance of AppSec, particularly with the surge in interest in AI and LLMs.The conversation kicks off with an exploration of the LLM project that Wilson has been working on at OWASP, aimed at presenting an update on the OWASP Top 10 for LLMs. Wilson emphasizes the significance of prompt injection attacks, one of the key concerns on the OWASP list. He explains how attackers can craft prompts to manipulate LLMs into performing unintended actions, a tactic reminiscent of the SQL injection attacks that have plagued traditional software for years. This serves as a stark reminder of the need for vigilance in the development and deployment of LLMs.Supply chain risks are another critical issue discussed. Wilson draws parallels to the Log4j incident, stressing that the AI software supply chain is currently a weak link. With the rapid growth of platforms like Hugging Face, the provenance of AI models and training datasets becomes a significant concern. Ensuring the integrity and security of these components is paramount to building robust AI-driven systems.The notion of excessive agency is also explored—a concept that relates to the permissions and responsibilities assigned to LLMs. Wilson underscores the importance of limiting the scope of LLMs to prevent misuse or unauthorized actions. This point resonates with traditional security principles like least privilege but is recontextualized for the AI age. Overreliance on LLMs is another topic Martin and Wilson discuss.The conversation touches on how people can place undue trust in AI outputs, leading to potentially hazardous outcomes. Ensuring users understand the limitations and potential inaccuracies of LLM-generated content is essential for safe and effective AI utilization.Wilson also provides a preview of his upcoming session at the OWASP AppSec Global event, where he plans to share insights from the ongoing work on the 2.0 version of the OWASP Top 10 for LLMs. This next iteration will address how the field has matured and new security considerations that have emerged since the initial list.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode’s SponsorsAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc____________________________Follow our OWASP 2024 Global AppSec San Francisco coverage: https://www.itspmagazine.com/owasp-2024-global-appsec-san-francisco-cybersecurity-and-application-security-event-coverageOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTcqoGpeR1rdo6p47Ozu1jtBe sure to share and subscribe!____________________________ResourcesOWASP Top 10 for Large Language Models: Project Update: https://owasp2024globalappsecsanfra.sched.com/event/1g3YF/owasp-top-10-for-large-language-models-project-update  Safeguarding Against Malicious Use of Large Language Models: A Review of the OWASP Top 10 for LLMs | A Conversation with Jason Haddix | Redefining CyberSecurity with Sean Martin: https://itsprad.io/redefining-cybersecurity-190OWASP LLM AI Security & Governance Checklist: Practical Steps To Harness the Benefits of Large Language Models While Minimizing Potential Security Risks | A Conversation with Sandy Dunn | Redefining CyberSecurity Podcast with Sean Martin: https://itsprad.io/redefiningcybersecurity-287Hacking Humans Using LLMs with Fredrik Heiding: Devising and Detecting Phishing: Large Language Models vs. Smaller Human Models | Las Vegas Black Hat 2023 Event Coverage | Redefining CyberSecurity Podcast With Sean Martin and Marco Ciappelli: https://itsprad.io/redefining-cybersecurity-208Learn more about OWASP 2024 Global AppSec San Francisco: https://sf.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Chris Hughes, President / Co-Founder, AquiaOn LinkedIn | https://www.linkedin.com/in/resilientcyber/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of The Redefining CyberSecurity Podcast, host Sean Martin connects with Chris Hughes, a seasoned author and consultant in cybersecurity. The primary focus is on the intricacies of vulnerability management and software supply chain security, particularly in an era where software pervades every aspect of modern life.Chris Hughes emphasizes the paramount importance of understanding what is in the software we consume. Software Bill of Materials (SBOM) has emerged as a focal point, akin to ingredient lists in the food industry, highlighting the need for transparency. Hughes argues that transparency is not just about knowing the components; it extends to understanding the risks associated with those components. He illustrates his point by referencing infamous incidents like the Log4j vulnerability, which unveiled the critical gaps in our knowledge of software components.The conversation also shifts towards the broader challenges in software supply chain security. Hughes discusses the government's push for self-attestation and the role of third-party validators in ensuring software security. While acknowledging the complexities and potential bottlenecks, he underscores the necessity for a balanced approach that combines self-attestation with external validation to foster a secure software ecosystem.Additionally, Hughes addresses the concept of Secure by Design, advocating for practices that embed security into the software development lifecycle right from the outset. He notes the historical context of this concept, which dates back to the Ware Report, and argues for its relevance even today. Secure by Design entails building security measures inherently into products, thereby reducing the need for perpetual patching and vulnerability management.Internal risk management within organizations also gets spotlighted. Hughes insists that organizations should maintain an inventory of the software and components they use internally, evaluate their risks, and contribute to the open-source communities they rely on. This comprehensive approach not only helps in mitigating risks but also fosters a resilient and sustainable software ecosystem.On the topic of platform engineering, Hughes shares his insights on its potential to streamline software development processes and enhance security through standardization and governance. However, he is candid about the challenges, particularly the need to balance standardization with the diverse preferences of development teams.As the discussion wraps up, Hughes and Martin underline the importance of focusing on contextual risk assessment in vulnerability management, rather than merely responding to static severity scores. Hughes' advocacy for a more nuanced approach to security, balancing immediate risk mitigation with longer-term strategic planning, offers listeners a thoughtful perspective on managing cybersecurity challenges.Top Questions AddressedHow can organizations ensure transparency and security in their software supply chains?What strategies can be implemented to address the challenges of vulnerability management?How can platform engineering and internal governance improve software security within organizations?___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesNCF Whitepaper: https://tag-app-delivery.cncf.io/whitepapers/platforms/CNCF Platform Maturity Model: https://tag-app-delivery.cncf.io/whitepapers/platform-eng-maturity-model/Secure-by-Design at Google: What is the website URL for Secure-by-Design at Google?https://research.google/pubs/secure-by-design-at-google/Software Transparency: Supply Chain Security in an Era of a Software-Driven Society (Book): https://a.co/d/0bNaPmFEffective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem: https://a.co/d/6xs5saH___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Black Hat USA 2024, the spotlight is on redefining and rethinking security, as discussed in this Brand Story episode with Resecurity. Sean Martin, Christian Lees, and Shawn Loveland share the mic to explore the cutting-edge innovations shifting paradigms within the cybersecurity domain. Christian Lees and Shawn Loveland from Resecurity dive deep into the substance of their work and its impact on modern security teams. The primary focus is Resecurity's approach towards threat intelligence and how it aids organizations in proactively mitigating risks.The discussion kicks off with an overview of Resecurity's approach to threat intelligence. Unlike conventional models that operate from within the firewall, Resecurity adopts an outside-in perspective, helping clients understand what attackers might know about their infrastructure. Shawn Loveland emphasizes this unique viewpoint by illustrating how Resecurity helps organizations identify potential breaches and vulnerabilities from the attacker's perspective, well before any threats materialize.One intriguing point discussed by Lees and Loveland is Resecurity's comprehensive data sourcing from the dark web. Resecurity does not simply rely on common threat intel from visible websites but digs deep into exclusive, invitation-only forums and other obscure corners of the web. This meticulous venture results in a much more profound understanding of potential threats, minimizing blind spots and the risk of data inaccuracies or AI hallucinations. By drawing on diverse data sources, Resecurity promises more significant and accurate insights into the motives and methods of cybercriminals.Moreover, Loveland highlights the technologically sophisticated tactics employed by Resecurity, combining AI to convert unstructured data into structured, actionable intelligence for security teams. This automation not only boosts efficiency but also empowers analysts to make more informed decisions swiftly. AI in Resecurity's arsenal is not a standalone entity but integrates deeply with the human-driven aspects of threat intelligence, enriching the overall analytic experience with contextual understanding and tangible evidence.The guests also touch on Resecurity's AI capabilities, illustrating this through scenarios where AI accelerates threat detection and response. By transforming vast amounts of data into comprehensible formats, and even summarizing complex situations into actionable insights, AI significantly reduces the ordeal for security analysts while enhancing precision.In conclusion, Resecurity’s state-of-the-art threat intelligence solutions, emphasized by the knowledgeable insights from Christian Lees and Shawn Loveland, represent a proactive and innovative approach to modern cybersecurity.Learn more about Resecurity: https://itspm.ag/resecurb51Note: This story contains promotional content. Learn more.Guests: Christian Lees, CTO, Resecurity [@RESecurity]On LinkedIn | https://www.linkedin.com/in/christian-lees-72886b3/Shawn Loveland, Chief Operating Officer, Resecurity [@RESecurity]On LinkedIn | https://www.linkedin.com/in/shawn-loveland/ResourcesLearn more and catch more stories from Resecurity: https://www.itspmagazine.com/directory/resecurityView all of our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join Sean Martin and TAPE3 as they dive into key insights from Black Hat 2024, highlighting the crucial need to embed cybersecurity into core business practices to drive growth and resilience. Discover how leveraging AI, modular frameworks, and human expertise can transform cybersecurity from a defensive function into a strategic enabler of business success.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegas Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Rock Lambros, CEO and founder of RockCyber [@RockCyberLLC]On LinkedIn | https://www.linkedin.com/in/rocklambros/On Twitter | https://twitter.com/rocklambros____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn a recent On Location episode recorded at Black Hat USA 2024, Sean Martin and Rock Lambros explore the prevailing topics and critical insights from the event's AI Summit. Sitting in the media room, not on the bustling show floor, the paid dissect the impact of artificial intelligence (AI) on cybersecurity, shedding light on its multifaceted implications.Rock Lambros, Founder and CEO of RockCyber, shares his observations about the predominance of AI in every corner of the conference. He notes how AI's presence is ubiquitous, even saturating advertisements at the airport. Lambros provides an overview of the AI Summit, highlighting the diversity of sessions ranging from high-level talks to vendor pitches. While some were mere product promotions, others provided substantial insights and valuable statistics, which Lambros is keen to share on platforms like LinkedIn.The discussion progresses to the remark by Nvidia's CEO, Bartley Richardson, suggesting that cyber is fundamentally a data problem, and AI could be the solution. Lambros concurs with this in part but emphasizes the necessity of maintaining human oversight in the process. Martin and Lambros reflect on the potential of AI to augment cybersecurity tasks, particularly for tier one analysts. There is a focus on leveraging AI to expedite responses to threats, potentially reducing the reaction time, which currently lags significantly behind the speed of AI-driven attacks.Lambros presents a balanced perspective, warning against the risk of reducing entry-level jobs in cybersecurity due to AI advancements, advocating instead for upskilling these professionals to handle more complex roles. The conversation touches on governance and risk management, with Lambros stressing the importance of integrating AI governance into existing frameworks without rendering AI oversight an exclusive domain for data scientists alone. He highlights the EU AI Act and Colorado AI Act as critical regulatory frameworks that emphasize this need.Lambros also brings attention to DARPA's open-source resources aimed at securing AI, encouraging practitioners to utilize these tools. Towards the end, a poignant observation from Robert Flores, former CISO of the CIA, underscores the difficulty governments face in keeping up with AI's rapid evolution. Lambros reflects on the mixed audience at the summit, a blend of technical practitioners and policy leaders, all grasping the significant impact and challenges AI brings to the field.The episode underscores the crucial balance between embracing technological advancements and maintaining human oversight and governance within cybersecurity. The insights shared by Rock Lambros and Sean Martin offer a nuanced perspective on the current state of AI in the field, emphasizing a collaborative approach to integrating these innovations responsibly.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode’s SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91Britive: https://itspm.ag/britive-3fa6AppDome: https://itspm.ag/appdome-neuv____________________________Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllRo9DcHmre_45ha-ru7cZMQBe sure to share and subscribe!____________________________ResourcesRock's LinkedIn Post: https://www.linkedin.com/posts/rocklambros_ai-cybersecurity-ciso-activity-7226988285410074626-rX3-AI Summit Keynote: Enhancing National Security with AI-Driven Cybersecurity | A Black Hat USA 2024 Conversation with Dr. Kathleen Fisher -- https://redefiningcybersecuritypodcast.com/episodes/ai-summit-keynote-enhancing-national-security-with-ai-driven-cybersecurity-a-black-hat-usa-2024-conversation-with-dr-kathleen-fisher-on-location-coverage-with-sean-martin-and-marco-ciappelliLearn more about Black Hat USA  2024: https://www.blackhat.com/us-24/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Snehal Antani, CEO and Co-Founder of Horizon3.ai, shares insights from his journey as a former CIO to innovating in cybersecurity. He discusses how Horizon3.ai is redefining security with autonomous penetration testing, allowing organizations to 'hack themselves' continuously. Antani highlights the importance of differentiating application from infrastructure penetration testing, using algorithms for efficiency while retaining human insight. The concept of Node Zero Tripwires, enhancing security through honey tokens, illustrates proactive cyber threat management.