In the past four years, cyberattacks have more than doubled. Cybercriminals are leveraging emerging technologies like artificial intelligence (AI) to facilitate more sophisticated attacks. Geopolitical tumult has increased cyber risk. Couple these factors with a near-ubiquitous desire for businesses to expand their operations, and it’s easy to understand the need for scaling Security Operations Center (SOC) operations. However, scaling SOC operations is no mean feat, especially considering the current threat, economic, and business landscapes. There are many challenges that SOC managers, CISOs...
Author: Josh Breaker-rolfe
With 86% of UK adults using a form of online or remote banking and high street banks closing in record numbers, banking websites have become an integral part of our daily lives. They have changed how we manage our money, allowing us to send and receive money from anywhere in the world, open or close accounts at the click of a button (or tap or a screen), and avoid queuing in physical banks. They have also transformed the UK's criminal landscape. In the '90s, the "Bank Job" was a massive part of British criminal life, with 847 bank robberies taking place in 1992 alone. By 2011, that number had...
Anyone remotely wired into technology newsfeeds – or any newsfeeds for that matter – will know that AI (artificial intelligence) is the topic of the moment. In the past 18 months alone, we’ve borne witness to the world’s first AI Safety Summit, a bizarre and highly public leadership drama at one of the world’s top AI companies, and countless prophecies of doom. And yet, even after all that, it seems businesses have largely failed to take meaningful action on AI. In early May 2024, ISACA, a leading IT governance association, released new research revealing the extent of the AI problem. The crux...
The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state of emergency in seventeen states. Putin’s war in Ukraine has disrupted natural gas supplies across Europe. And now, it seems, it is the electricity providers’ turn to suffer a blow. On March 11th, 2024, the European Commission adopted new cybersecurity rules—the EU network code on cybersecurity for the electricity sector (C/2024/1383)—to “establish a recurrent...
Generative AI tools like ChatGPT and Google Bard are some of the most exciting technologies in the world. They have already begun to revolutionize productivity, supercharge creativity, and make the world a better place. But as with any new technology, generative AI has brought about new risks—or, rather, made old risks worse. Aside from the much-discussed potential " AI apocalypse" that has dominated headlines in recent months, generative AI has a more immediate negative impact: creating convincing phishing scams. Cybercriminals create far more sophisticated scams with generative AI than...
In early April this year, the UK's Department for Science, Innovation and Technology (DSIT) released its Cybersecurity Breaches Survey 2024. It provides a comprehensive overview of the UK's cybersecurity landscape, exploring the different cyberattacks and cybercrimes businesses, charities, and private sector educational instructions face, the impacts on these organizations, and how they respond. The report is a valuable resource for the cybersecurity community. It serves as a sort of cybersecurity "State of the Nation" and provides detailed insight into cybercrime's impact on the UK...
Artificial intelligence (AI) has a long and storied history. Ancient Greeks, for example, told stories of Talos, an enormous automaton that stood guard over Crete’s shores. In the 17th century, Gottfried Leibniz, Thomas Hobbes, and René Descartes explored the possibility that all rational thought could be as systematic as algebra or geometry. By the mid-20th century, British computer scientist Alan Turing was seriously investigating the possibility of “machine intelligence,” and by 1956, “artificial intelligence research” was an established academic discipline. Fast forward to today, and...
Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do. Part of the reason for these staggeringly low conviction rates is that we usually have little idea of what country an attacker is in. We can make educated guesses: if a cybercrime group, for example, launches an explicitly politically motivated attack on the US, we might assume the attack originated in Russia or...
From more broad laws like GDPR to industry-specific regulations like HIPAA , most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated. National Institute of Standards and Technology Special Publication 800-171 (NIST SP 800-171) is one such data protection framework—albeit a particularly specific one. We’ll go into this in a bit more detail later, but NIST SP 800-171 applies only to non-federal...
Tech leaders taking cybersecurity seriously is something of a double-edged sword. While it’s undoubtedly good that organizations are waking up to the genuine threat cyberattacks pose, it’s depressing that they must siphon off so many resources to protect themselves rather than using them for growth and innovation. A recent survey of UK technology leaders, run by UK IT Leaders and the Horizon CIO Network, revealed that over half of those surveyed said cybersecurity was their top priority for 2024. Again, this is both a good and bad thing. The cyber threat landscape is about as dangerous as ever...