Light Dark
May 2, 2018 By Douglas Bonderud 3 min read
Artificial Intelligence
CISO
Data Protection
Incident Response

April was another eventful month in the cybersecurity world. The 2018 RSA Conference brought together thousands of security professionals from around the world, and network defense got a boost with new machine intelligence offerings. Meanwhile, C-suites struggled to see cyber risk as more than just an IT issue, and new survey data showcased the increasing gap between consumer trust and corporate data privacy policy.

Let’s break down the big hitters in this month’s cybersecurity recap.

New Trends Take the Spotlight at RSAC 2018

Much of April’s cybersecurity news took place at the RSA Conference in San Francisco. Some of the biggest takeaways from this year’s event included heated debates about the future of blockchain, preparing for emerging threats and the importance of collaboration in security.

Of course, no security meetup these days would be complete without a discussion of Internet of Things (IoT) security. Sessions such as “Eleventh Hour IoT Security,” featuring IBM X-Force Red team members Steve Ocepek and Krissy Safi, examined how to understand the specific challenges around IoT security and “get a handle on this brave new world of embedded devices and new protocols.”

Read the complete Security Intelligence coverage of RSAC 2018

Man and Machine

Artificial intelligence (AI) was also on display at RSAC 2018, where a movement toward “an AI-powered, data-centric model” of cybersecurity was highlighted. This collaboration between man and machine will ultimately impact every industry, and an emerging technology shift should help speed up the process.

As IBM announced at RSAC, the IBM Resilient Incident Reponse Platform (IRP) with Intelligent Organization “dramatically accelerates and sharpens incident response by seamlessly combining incident case management, orchestration, automation, intelligence and deep two-way partner integrations into a single platform,” according to IBM Security General Manager Marc van Zadelhoff. In addition, new IBM X-Force Threat Management services leverage multiple AI engines to query current security incidents against 600,000 historical use cases to help automate threat response.

Not My Problem?

Eighty percent of U.S. executives recognize cybersecurity as a “significant challenge” for their business. But as noted by Chris Esemplare, global vice president and general manager of IBM Security Services, 6 in 10 boards believe that while cybersecurity risk is real, it is an “IT problem.”

The problem with this “not my problem” attitude is that, as IT has become fundamental to business functioning and a key driver of return on investment (ROI), attacks against IT infrastructure can potentially cripple operations.

Still not convinced? Consider the following:

  • Cybercriminals are organized, coordinated and willing to share tools.
  • Attack exposure is growing daily thanks to cloud services and connected devices.
  • Malicious actors don’t always have to do the heavy lifting — inadvertent insiders may unknowingly expose networks to attack risks.
  • The cybersecurity skills gap is getting bigger, meaning more work for fewer available employees who are being actively recruited by the competition.

Cybersecurity risk is business risk. Combating the problem means developing a plan, aiming for robust rather than perfect, and cultivating a culture of top-down cyber risk responsibility.

Consumers Expect Increased Security and Privacy

Last up on the April cybersecurity recap is data privacy. As noted by a recent Harris Poll and IBM survey, public perception of data privacy isn’t stellar: Just 20 percent of U.S. consumers say they “completely trust” organizations to keep their data private. In addition, 73 percent of those surveyed said businesses focus on profits over the need to protect consumer privacy rights.

Consumer attitudes are changing along with their view of data security. For example, 75 percent of survey participants said they would not buy products from a company if data privacy was an issue. What’s more, 67 percent said companies should cover the cost of any third-party data protection after a breach, and 7 in 10 thought governments should take a more active role in data protection “given that businesses have not been able to do enough.”

What does this mean for data-driven organizations? Consumer privacy is no longer a luxury. Without trust, customers won’t risk handing over payment, personal or potentially compromising data.

April was a busy month for cybersecurity: AI enjoyed a speed boost, C-suites demonstrated a flawed perspective and data privacy took center stage among consumers. Read more of the top stories here.

https://securityintelligence.com/series/rsa-2018
 |  |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from Artificial Intelligence
April 25, 2024

NIST’s role in the global tech race against AI

4 min read - Last year, the United States Secretary of Commerce announced that the National Institute of Standards and Technology (NIST) has been put in charge of launching a new public working group on artificial intelligence (AI) that will build on the success of the NIST AI Risk Management Framework to address this rapidly advancing technology.However, recent budget cuts at NIST, along with a lack of strategy implementation, have called into question the agency’s ability to lead this critical effort. Ultimately, the success…

April 24, 2024

Researchers develop malicious AI ‘worm’ targeting generative AI systems

2 min read - Researchers have created a new, never-seen-before kind of malware they call the "Morris II" worm, which uses popular AI services to spread itself, infect new systems and steal data. The name references the original Morris computer worm that wreaked havoc on the internet in 1988.The worm demonstrates the potential dangers of AI security threats and creates a new urgency around securing AI models.New worm utilizes adversarial self-replicating promptThe researchers from Cornell Tech, the Israel Institute of Technology and Intuit, used what’s…

April 10, 2024

What should an AI ethics governance framework look like?

4 min read - While the race to achieve generative AI intensifies, the ethical debate surrounding the technology also continues to heat up. And the stakes keep getting higher.As per Gartner, “Organizations are responsible for ensuring that AI projects they develop, deploy or use do not have negative ethical consequences.” Meanwhile, 79% of executives say AI ethics is important to their enterprise-wide AI approach, but less than 25% have operationalized ethics governance principles.AI is also high on the list of United States government concerns.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature