Category: RSAC

SAN FRANCISCO – The already simmering MSSP global market just got hotter.

Related: The transformative power of GenAI/LLM

This week at RSA Conference 2024, AT&T announced the launch of LevelBlue – a top-tier managed security services business formed by an alliance with AT&T and WillJam Ventures.

I had the chance to sit down earlier with Theresa Lanowitz, Chief Evangelist of  AT&T Cybersecurity /Agent at LevelBlue, to discuss this alliance. “Our job at Level Blue is to manage and mitigate these risks while supporting our clients’ growth and innovation while acting as a strategic extension of your team,” Lanowitz told me

For a full drill down, please give the accompanying podcast a listen.

LevelBlue today also released findings of the 2024Futures Report: Beyond the Cyber Resilience – first-of-its-kind thought leadership research based on a global survey of 1,050 IT and security professionals – examining barriers to cyber resilience, barriers to cybersecurity resilience, the threat landscape, and business agility.

Notably, the research suggests that while companies do understand that new computing innovation increases risk dramatically, organizations are willing to accept the risk because of the benefits the innovation brings.

AT&T Cybersecurity has long catered to large and mid-market enterprises. It’s 2018 acquisition of AlienVault reinforced its portfolio of endpoint detection and response, security operations center as a service (SOCaaS) and compliance management solutions.

WillJam Ventures is a Chicago-based private equity firm that specializes in cybersecurity investments. Founded in 2002 by Bob McCullen, its portfolio includes Viking Cloud, a supplier of PCI data security compliance solutions, and GoSecure, recognized for its Managed Extended Detection and Response (MXDR) services.

Clearly the top-tier MSSPs —  Secureworks, IBM, Cisco, NTT, Verizon,  Symantec, Trustwave, Infosys, to name just a few —  are shifting to models that alleviate mounting compliance pressures and help companies mitigate cyber risk as the pace of change accelerates

Now comes LevelBlue adding to this mix. I’ll keep watch and keep reporting..

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

SAN FRANCISCO — Cloud security is stirring buzz as RSA Conference 2024 ramps up at Moscone Convention Center here.

Related: The fallacy of ‘security-as-a-cost-center’

Companies are clambering to mitigate unprecedented exposures spinning out of their increasing reliance on cloud hosted resources. The unfolding disruption of Generative AI — and rising compliance requirements — add to the mix.

Thus, cloud-native security tools have risen to the fore. I’ve reported in years past on the introduction of cloud access security brokers (CASBs), cloud workload protection platforms (CWPP), and cloud security posture management (CSPM) tools.

In 2024, it’s all about integrating cloud-native security solutions and improving orchestration.

I had the chance to discuss this with Kevin Kiley, chief revenue officer of Lacework, a Mountain View, Calif.-based supplier of advanced cloud security tools solving some of the most complex cybersecurity challenges in the cloud. For a full drill down, please give the accompanying podcast a listen.

Lacework is a cloud security platform that saves teams time and resources by ingesting massive amounts of threat and risk data to monitor for anomalous activity. It’s a Cloud Native Application Protection Platform (CNAPP) that offers code to cloud coverage on a single platform, including: cloud workload protection, threat detection, code security, compliance monitoring, providing visibility into customer environments ranging from pre-deployed code to containers to identity and entitlements to runtime apps, he told me.

For instance, Lacework’s CSPM capabilities enable organizations to continually assess their cloud security posture and identify any vulnerabilities; remediation is automated.

This includes automated checks to assure compliance with PCI DSS, HIPAA, GDPR and CIS benchmarks. Lacework’s platform also integrates with cloud platforms, DevOps tools and legacy security systems.

The shift from reactive, on-premises defense to proactive edge-oriented security is picking up steam. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

At the start, Distributed Denial of Service (DDoS) attacks were often motivated by bragging rights or mischief.

Related: The role of ‘dynamic baselining’

DDoS attack methodology and defensive measures have advanced steadily since then. Today, DDoS campaigns are launched by political activists, state-sponsored operatives and even by business rivals.

Targets can be high-profile web services and critical infrastructure, not just utilities like power and water, but also the telco companies that supply the Internet backbone. High-profile DDoS attacks have spun out of Russia’s invasion of Ukraine, the Israel-Hamas War and unrest in France.

As RSA Conference 2024 gets underway next week at San Francisco’s Moscone Center, dealing with the privacy and security fall out of those back-to-back disruptive developments will command a lot attention.

Ahead of conference, I had the chance to visit with Ahmed Abdelhalim, senior director of security solutions, A10 Networks. We discussed how defensive tools and strategies have advanced, as well, and why it’s more crucial than ever for organizations to make proactive and continuous use of them.

For a full drill down, please give the accompanying podcast a listen.

Notable strides have been made in enhancing detection technologies. A10, for instance, has helped pioneer the development of “dynamic baselining,” a means to adapt detection thresholds in real-time, learning from traffic patterns to differentiate between normal fluctuations and potential threats.

“The old static models just don’t cut it anymore,” Abdelhalim observes. “We need systems that learn and adapt as quickly as the attackers do.”

No one expects the frequency of DDoS attacks to decline; companies need to stay vigilant. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

It took some five years to get to 100 million users of the World Wide Web and it took just one year to get to 100 million Facebook users.

Related: LLM risk mitigation strategies

Then along came GenAI and Large Language Models (LLM) and it took just a couple of weeks to get to 100 million ChatGPT users.

LLM is a game changer in the same vein as the Gutenberg Press and the Edison light bulb. It gives any literate human the ability to extract value from data.

Companies in all sectors are in a mad scramble to reap its benefits, even as cyber criminals feast on a new tier of exposures. As RSAC 2024 gets under way next week in San Francisco, the encouraging news is that the cybersecurity industry is racing to protect business networks, as well.

Case in point, the open-source community has coalesced to produce the OWASP Top Ten for Large Language Model Applications. Amazingly, just a little over a year ago this was a mere notion dreamt up by Exabeam CPO Steve Wilson.

“I spent some time on a weekend drawing up a scratch version of a Top Ten list, partly by having a discussion with ChatGPT about it,” Wilson told me. “The first thing I asked was, ‘Do you know what an OWASP Top Ten list is?’ And it said, ‘Yes.’  And I said, ‘Build me one for LLM.’  It did, but it wasn’t very good . . . I then spent a lot of time feeding it data about things and coaching it and cajoling it and having a discussion.”

By the end of an afternoon of prompting, Wilson had a list he thought was “pretty interesting,” which he socialized in his professional communities. That was a little over a year ago. What happened next is unprecedented. For a full drill down, please give the accompanying podcast a listen.

The pace of change is accelerating. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.

At the close of 2019, API security was a concern, though not necessarily a top priority for many CISOs.

Related: GenAI ignites 100x innovation

Then Covid 19 hit, and API growth skyrocketed, a trajectory that only steepened when Generative AI (GenAI) and Large Language Models (LLMs) burst onto the scene.

As RSA Conference 2024 gets underway next week at San Francisco’s Moscone Center, dealing with the privacy and security fall out of those back-to-back disruptive developments will command a lot attention.

Ahead of conference, I had the chance to visit with Sanjay Nagaraj, CTO and co-founder, Traceable.ai, a supplier of advanced API security systems.

We discussed how enterprises in 2019 were deep into making the transition from on-premises networks to cloud-centric, edge-oriented operations when the global pandemic hit. Instantly, API connections skyrocketed to support connected services for a quarantined world. Then machine learning made a giant leap forward as GenAI and LLMs made AI capabilities directly accessible to every man, woman and child.

At this moment, companies are in a mad scramble to innovate cool, new user experiences, and thus drive-up revenue, Nagaraj observes. Of course, cybercriminals are in intensive innovation mode, as well.

It has become table stakes for companies to discover all of their APIs, now imperative for companies not just to discover all of their APIs, but also to understand them and categorize them according to risk level, Nagaraj argues. For a full drill down, please give the accompanying podcast a listen.

APIs are the synaptic connections of our hyper-interconnected existence. Securing them has become paramount. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.

At the end of 2000, I was hired by USA Today to cover Microsoft, which at the time was being prosecuted by the U.S. Department of Justice.

Related: Why proxies aren’t enough

Microsoft had used illegal monopolistic practices to crush Netscape Navigator thereby elevating Internet Explorer (IE) to become far and away the No. 1 web browser.

IE’s reign proved to be fleeting. Today Google’s Chrome browser —  based on the open-source code  Chromium — reigns supreme.

I bring all this up, because in 2019 Microsoft ditched its clunky browser source code and launched its Edge browser, based on open-source Chromium. And this opened the door to a great leap forward in web browser security: enterprise browsers.

As RSAC 2024 gets ready to open next week, the practicality of embedding advanced security tools in company-sanctioned web browsers is in the spotlight. I had a wide-ranging discussion about this with Uy Huynh, vice president of solutions engineering at Island, a leading supplier of enterprise browsers. For a full drill down, please give the accompanying podcast a listen.

As an open-source project, Chromium promotes web standards compliance, ensuring that web developers can create content that works consistently across different browsers. Island has seized the opportunity to innovate browser security features that enable companies to reduce their reliance on VDI environments and shrink their SaaS authentication sprawl, Huynh told me

Enterprise browsers could emerge as a key component of the evolving network security platforms that will carry us forward. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)