Stuart O'Brien, Author at Cyber Secure Forum | Forum Events Ltd - Page 2 of 61
Posts By :

Stuart O'Brien

Cyber Secure Forum: 50% of delegate places already allocated!

 960 640 Stuart O'Brien
By:
0
0

As a senior professional in the cyber security industry, we’d like to send you an exclusive invitation to a niche event we’re hosting this June: The Cyber Secure Forum.

We have a limit of 45 professionals who can attend, (over half have already been filled)!.

Some details below:

Cyber Secure Forum | Tuesday 25th June | 08:00-17:00 | London

Places are fully funded and include 1-2-1 meetings with suppliers, networking opportunities, lunch, refreshments throughout and educational seminars

Click Here To Register

If you’d like us to send further details, click here or view our website.

If you specialise in Phishing Detection we want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on Cyber Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in April we’re focussing on Phishing Detection solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Phishing Detection solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jenny Lane on j.lane@forumevents.co.uk.

Here’s our full features list:

Apr 2024 – Phishing Detection
May 2024 – Advanced Threat Dashboard
Jun 2024 – Browser/Web Security
July 2024 – Authentication
Aug 2024 – Penetration Testing
Sep 2024 – Vulnerability Management
Oct 2024 – Employee Security Awareness
Nov 2024 – Malware
Dec 2024 – Network Security Management
Jan 2025 – Anti Virus
Feb 2025 – Access Control
Mar 2025 – Intrusion Detection & Prevention

IT experts poll: Elon Musk is ‘wrong’ that no jobs will be needed in the future

 960 640 Stuart O'Brien
By:
0
0

Elon Musk’s claim that AI will make all human jobs irrelevant should not be taken seriously, according to a survey of tech experts conducted by BCS, The Chartered Institute for IT.

During an interview with UK Prime Minister Rishi Sunak for the AI Safety Summit last year, Musk said: ‘There will come a point where no job is needed — you can have a job if you wanted to have a job … personal satisfaction, but the AI will be able to do everything.’

But in a poll by BCS, The Chartered Institute for IT, 72% of tech professionals disagreed with Musk’s view that AI will render work unnecessary. Some 14% agreed (but only 5% ‘strongly’ agreed), with the rest unsure.

In comments, many IT experts said Musk’s statement was ‘hyperbole’ and suggested it was made to create headlines.

Those currently working in computing agreed that AI could replace a range of jobs, but would also create new roles, including oversight of AI decision making – known as ‘human in the loop’.

They also said that a number of jobs, for example hairdressing, were unlikely to be replaced by AI in the near future, despite advances in robotics.

BCS’ AI and Digital in Business Life survey also found AI would have the most immediate impact this year on customer services (for example chatbots replacing human advisers).

This was followed by information technology, then health and social care, then publishing and broadcasting, then education.

Leaders ranked their top business priorities as cyber security (69%), AI (58%) and business process automation (45%).

Only 8% of participants told BCS their organisation has enough resources to achieve their priorities.

Cyber attacks were most likely to keep IT managers awake at night in 2024 – this result has been consistent over the last 11 years of the survey.

Rashik Parmar MBE, Chief Executive of BCS, The Chartered Institute for IT said: “AI won’t make work meaningless – it will redefine what we see as meaningful work.

“Tech professionals are far more concerned about how ‘ordinary’ AI is affecting people’s lives today, for example, assessing us for credit and invitations to job interviews, or being used by bad actors to generate fake news and influence elections. The priority right now is to ensure AI works with us, rather than waiting for a Utopia.

“To build trust in this transformational technology, everyone working in a responsible AI role should be a registered professional meeting the highest standards of ethical conduct.”

The BCS poll was carried out with over 800 IT professionals, ranging from IT Directors and Chief Information Officers, to software developers, academics and engineers.

Photo by Arif Riyanto on Unsplash

INTRUSION DETECTION MONTH: Fortressing the Digital Realm from anomaly detection to predictive analytics

 960 640 Stuart O'Brien
By:
0
0

Chief Information Security Officers (CISOs) shoulder heavy responsibility for safeguarding sensitive data and critical infrastructure. Intrusion Detection Systems (IDS) and related services play a crucial role in this ongoing battle, acting as the frontline defence against cyberattacks. This article explores how CISOs in the UK are utilising these technologies and how intrusion detection strategies are likely to evolve in the future…

From Alarms to Advanced Analytics:

Traditional IDS relied on signature-based detection, raising an alert whenever a known malicious pattern was identified. However, modern approaches are becoming more sophisticated:

  • Anomaly Detection: These systems analyse network traffic for unusual patterns that deviate from established baselines, potentially indicating novel or zero-day attacks.
  • Machine Learning and Artificial Intelligence (AI): AI and machine learning algorithms continuously learn and adapt, identifying complex attack vectors and proactively mitigating threats.
  • Behavioral Analysis: By monitoring user activity and system behavior, these systems can detect suspicious actions that might indicate compromised accounts or insider threats.

Beyond the Perimeter: A Holistic Approach

Intrusion detection isn’t just about monitoring network traffic. UK CISOs are adopting a more holistic approach:

  • Endpoint Detection and Response (EDR): These tools go beyond network security, monitoring individual devices like laptops and servers for signs of compromise.
  • Security Information and Event Management (SIEM): SIEM platforms aggregate data from various security tools, providing a centralized view of potential threats and enabling faster incident response.
  • Cloud Security: As cloud adoption increases, robust intrusion detection tools are essential for protecting cloud-based data and infrastructure.

The Future of Intrusion Detection: Proactive and Collaborative

The future of intrusion detection in the UK is likely to be characterised by:

  • Predictive Analytics: Leveraging AI to predict potential attacks before they occur, allowing for preventative measures to be implemented.
  • Threat Intelligence Sharing: Collaboration between organisations and government agencies to share threat intelligence can help identify emerging attack vectors and strengthen collective defences.
  • Automation and Orchestration: Automating incident response procedures and the orchestration of security tools can streamline threat mitigation and minimize damage.

Investing in Expertise and Talent

Optimizing intrusion detection strategies requires:

  • Skilled Security Professionals: CISOs need a team of security analysts who understand how to interpret data, configure IDS tools, and respond effectively to security incidents.
  • Continuous Monitoring and Threat Hunting: Proactive threat hunting goes beyond passively waiting for alerts; it involves actively searching for vulnerabilities and potential threats within the network.
  • Staying Informed: CISOs must stay updated on the latest cyber threats and vulnerabilities to ensure their intrusion detection systems remain effective.

Intrusion detection remains a cornerstone of any robust cybersecurity strategy. By embracing advanced technologies, fostering collaboration, and investing in skilled personnel, CISOs can build a resilient defence against cyberattacks and safeguard their organisations’ valuable data and critical infrastructure.

Are you searching for Intrusion Detection solutions for your organisation? The Cyber Secure Forum can help!

Photo by Growtika on Unsplash

Is defensive AI the key to guarding against emerging cyber threats?

 960 640 Stuart O'Brien
By:
0
0

Google’s recent announcement of an artificial intelligence (AI) Cyber Defense Initiative to enhance global cybersecurity underscores the importance of defending against increasingly sophisticated and pervasive cyber threats.

And according to analysts at GlobalData, AI will play a pivotal role in collecting, processing, and neutralising threats, transforming the way organisations combat cyber risks.

Looking at AI cyber threat detection technology through the lens of innovation using GlobalData’s Technology Foresights tool reveals some compelling insights. Patent filings have surged from 387 in 2018 to 1,098 in 2023, highlighting a robust growth trajectory in AI-driven security solutions. Furthermore, the entry of 53 new companies in 2023, for a total of 239, showcases the expanding interest and investment in this critical area of technology.

Vaibhav Gundre, Project Manager of Disruptive Tech at GlobalData, said: “The ability of AI to improve threat identification, streamline the management of vulnerabilities, and enhance the efficiency of incident responses is key in addressing the continuous evolution of cyber threats. The rapid progression in the field of defensive AI is underscored by a 13% compound annual growth rate in patent applications over the last three years, reflecting a strong commitment to innovation. This trend is also indicative of the recognized importance of having formidable cyber defense systems in place, signifying substantial research and development activities aimed at overcoming new cyber threats.”

An analysis of GlobalData’s Disruptor Intelligence Center highlights the partnership between AIShield and DEKRA as a notable collaboration aimed at enhancing the security of AI models and systems. Through advanced training, assessment, and protection strategies, the partnership seeks to bolster cyber resilience across industries and foster trust in AI technologies.

Similarly, Darktrace’s collaboration with Cyware exemplifies a proactive approach to cybersecurity. By facilitating collaboration among security teams and sharing threat intelligence, the partnership enables organizations to mitigate risks and respond effectively to emerging cyber threats.

AI cyber threat detection finds application across diverse use cases, including threat detection in security cameras, real-time malware detection, network threat detection, anomaly detection in critical infrastructure, fraud prevention, and AI-powered surveillance systems.

Gundre concluded: “As organizations harness the power of AI cyber threat detection, they must also confront significant challenges. The rapid evolution of cyber threats, coupled with the complexity of regulatory landscapes, underscores the need for continuous innovation and collaboration. While patents and partnerships lay the foundation for robust cyber defense strategies, addressing these challenges will require a concerted effort from industry stakeholders. By staying vigilant and embracing a proactive approach, organizations can navigate the evolving cybersecurity landscape with confidence, safeguarding critical assets and preserving digital trust.”

Photo by Mitchell Luo on Unsplash

Are these the top cybersecurity trends for 2024?

 960 640 Stuart O'Brien
By:
0
0

Generative AI (GenAI), unsecure employee behaviour, third-party risks, continuous threat exposure, boardroom communication gaps and identity-first approaches to security are the driving forces behind the top cybersecurity trends for 2024, according to Gartner.

“GenAI is occupying significant headspace of security leaders as another challenge to manage, but also offers an opportunity to harness its capabilities to augment security at an operational level,” said Richard Addiscott, Senior Director Analyst at Gartner. “Despite GenAI’s inescapable force, leaders also continue to contend with other external factors outside their control they shouldn’t ignore this year.”

2024 will see security leaders respond to the combined impact of these forces by adopting a range of practices, technical capabilities and structural reforms within their security programs, with a view to improving organizational resilience and the cybersecurity function’s performance.

The following six trends will have broad impact across these areas:

Trend 1: Generative AI – Short-term Skepticism, Longer-Term Hope
Security leaders need to prepare for the swift evolution of GenAI, as large language model (LLM) applications like ChatGPT and Gemini are only the start of its disruption. Simultaneously, these leaders are inundated with promises of productivity increases, skills gap reductions and other new benefits for cybersecurity. Gartner recommends using GenAI through proactive collaboration with business stakeholders to support the foundations for the ethical, safe and secure use of this disruptive technology.

“It’s important to recognize that this is only the beginning of GenAI’s evolution, with many of the demos we’ve seen in security operations and application security showing real promise,” said Addiscott. “There’s solid long-term hope for the technology, but right now we’re more likely to experience prompt fatigue than two-digit productivity growth. Things will improve, so encourage experiments and manage expectations, especially outside of the security team.”

Trend 2: Cybersecurity Outcome-Driven Metrics: Bridging Boardroom Communication Gap
The frequency and negative impact of cybersecurity incidents on organizations continues to rise, undermining the confidence of the board and executives in their cybersecurity strategies. Outcome-driven metrics (ODMs) are increasingly being adopted to enable stakeholders to draw a straight line between cybersecurity investment and the delivered protection levels it generates.

According to Gartner, ODMs are central to creating a defensible cybersecurity investment strategy, reflecting agreed protection levels with powerful properties, and in simple language that is explainable to non-IT executives. This provides a credible and defensible expression of risk appetite that supports direct investment to change protection levels.

Trend 3: Security Behavior and Culture Programs Gain Increasing Traction to Reduce Human Risks
Security leaders recognize that shifting focus from increasing awareness to fostering behavioral change will help reduce cybersecurity risks. By 2027, 50% of large enterprise CISOs will have adopted human-centric security design practices to minimize cybersecurity-induced friction and maximize control adoption. Security behavior and culture programs (SBCPs) encapsulate an enterprisewide approach to minimizing cybersecurity incidents associated with employee behavior.

“Organizations using SBCPs have experienced better employee adoption of security controls; reductions in unsecure behavior and increases in speed and agility,” said Addiscott. “It also leads to a more effective use of cybersecurity resources as employees become competent at making independent cyber risk decisions.”

Trend 4: Resilience-Driven, Resource-Efficient Third-Party Cybersecurity Risk Management
The inevitability of third parties experiencing cybersecurity incidents is pressuring security leaders to focus more on resilience-oriented investments and move away from front loaded due diligence activities. Gartner recommends security leaders enhance risk management of third-party services and establish mutually beneficial relationships with important external partners, to ensure their most valuable assets are continuously safeguarded.

“Start by strengthening contingency plans for third-party engagements that pose the highest cybersecurity risk,” said Addiscott. ”Create third-party-specific incident playbooks, conduct tabletop exercises and define a clear offboarding strategy involving, for example, timely revocation of access and destruction of data.”

Trend 5: Continuous Threat Exposure Management Programs Gain Momentum
Continuous threat exposure management (CTEM) is a pragmatic and systemic approach organizations can use to continually evaluate the accessibility, exposure and exploitability of digital and physical assets. Aligning assessment and remediation scopes with threat vectors or business projects rather than an infrastructure component, highlights vulnerabilities and unpatchable threats.

By 2026, Gartner predicts that organizations prioritizing their security investments based on a CTEM program will realize a two-thirds reduction in breaches. Security leaders must continuously monitor hybrid digital environments to enable early identification and optimal prioritization of vulnerabilities to help maintain a hardened organizational attack surface.

Trend 6: Extending the Role of Identity & Access Management (IAM) to Improve Cybersecurity Outcomes
As more organization’s move to an identity-first approach to security, the focus shifts from network security and other traditional controls to IAM, making it critical to cybersecurity and business outcomes. While Gartner sees an increased role for IAM in security programs, practices must evolve to focus more on fundamental hygiene and hardening of systems to improve resilience.

Gartner recommends security leaders focus on strengthening and leveraging their identity fabric and leverage identity threat detection and response to ensure IAM capabilities are best positioned to support the breadth of the overall security program.

Photo by Markus Spiske on Unsplash

Will you be joining us at the Cyber Secure Forum on June 25th in London?

 960 640 Stuart O'Brien
By:
0
0

This unique event will provide you with a rare full working day of industry networking, learning and connection building, through 1-2-1 meetings – The Summit will cover all of your cyber security needs.

Your pass will be fully funded, and includes:

  • A personalised 1-2-1 itinerary of relaxed business meetings with leading industry suppliers
  • A seat at our inspiring and educational seminar* programme
  • Lunch and refreshments provided throughout the day
  • Multiple networking breaks to maximise your business connections and connect with peers at the event

Confirmed seminar sessions include:

“How do dark actors use LinkedIn against you?”

Data is precious, access even more, but many have a LinkedIn “blind” spot. This talk will highlight how it is used against you and how you might use it to help.

Presented by: James Potter, Director – The LinkedIn Man

“Protecting organisations & interests through social engineering threat awareness, managing predominant cyber risks & cyber insurance premiums whilst embedding cyber CSR, next generational awareness and human risk management”

Presented by: Graham Day, Program Manager – CyberGuardian

📢 Further seminar sessions to be announced – Keep an eye out!

Book Online Here, or alternatively, if you would like more information on what to expect at the event, please contact us here.

If you specialise in Intrusion Detection & Prevention we want to hear from you!

 960 640 Stuart O'Brien
By:
0
0

Each month on Cyber Security Briefing we’re shining the spotlight on a different part of the cyber security market – and in March we’re focussing on Intrusion Detection & Prevention solutions.

It’s all part of our ‘Recommended’ editorial feature, designed to help IT security buyers find the best products and services available today.

So, if you’re an Intrusion Detection & Prevention solutions specialist and would like to be included as part of this exciting new shop window, we’d love to hear from you – for more info, contact Jenny Lane on j.lane@forumevents.co.uk.

Here’s our full features list:

Mar 2024 – Intrusion Detection & Prevention
Apr 2024 – Phishing Detection
May 2024 – Advanced Threat Dashboard
Jun 2024 – Browser/Web Security
July 2024 – Authentication
Aug 2024 – Penetration Testing
Sep 2024 – Vulnerability Management
Oct 2024 – Employee Security Awareness
Nov 2024 – Malware
Dec 2024 – Network Security Management
Jan 2025 – Anti Virus
Feb 2025 – Access Control

5G leads business investment, though general wireless network security concerns remain high

 960 640 Stuart O'Brien
By:
0
0

Businesses expect wireless technology investment to boost their productivity by 32% on average in the three years after implementation, but latent concerns remain around security and interoperability.

36% of respondents to a Panasonic Connect Europe survey say that 5G is the most important wireless technology investment for their business, with private campus networks more popular than public networks.

One in five (22%) view WiFi 6 as the most important type of wireless technology. A substantial upgrade over its predecessor, it offers faster connections and improved resilience for networks with a high connected device load. Interest in Bluetooth and Long-Range Wide Area Networks (LoRaWAN) were similarly high (21% respectively), as organisations seek the right technology for specialist applications in their own sectors, such as supply chain logistics and manufacturing.

Overall, there is rapid progress being made with investment in wireless technology, with 41% of decision makers having already made the decision to invest in wireless projects, or are in the planning process. An additional 38% of respondents are already at the implementation stage.

However, there are challenges to overcome, with 24% of those surveyed admitting to concerns around IT security, while 22% are worried about interoperability and connectivity issues with their existing IT infrastructure. One in five are troubled about the manageability of the wireless network technology and a similar percentage report a lack of confidence in IT resources, knowledge, and skills.

“This research highlights that this is a crucial period in wireless technology investment and decision making. The advent of 5G, the evolution of WiFi, and the innovation around Bluetooth and LoRaWAN are all driving the connected world in ways that would have been unimaginable just a few years ago. Clearly, business leaders believe wireless connectivity presents enormous opportunities, but there are also challenges to overcome,” said Jan Kaempfer, Marketing Director for Panasonic Connect Europe.

“Businesses have a lack of internal expertise and resources and there is a role for technology providers to play in supporting organisations with expertise and education to instil greater confidence and plug some of the resource gaps. But overall, the picture for wireless is very positive, with a strong appetite for innovation and advanced deployment. At Panasonic Connect Europe, we’re committed to helping business leaders understand the dominant drivers for wireless technology investment, the key technologies and their applications, and how to overcome barriers.”

The survey, carried out by independent research company Opinion Matters and commissioned by Panasonic Connect Europe, questioned over 300 senior decision makers with responsibility for wireless and network technologies, across the UK, France, and Germany, in the following sectors: Retail; Logistics & Supply Chain; Manufacturing; Education; Location-based Media and Entertainment; and Public Sector and Emergency Services.

Photo by Frederik Lipfert on Unsplash

ACCESS CONTROL MONTH: Establishing the key pillars of best practice

 960 640 Stuart O'Brien
By:
0
0

Implementing an effective access control regime is paramount for IT security professionals in the UK’s public and private sectors. Access control systems are essential for protecting sensitive information, ensuring that only authorised users can access specific data and systems. Here are the key pillars for establishing a robust access control regime, based from input from attendees at the Cyber Secure Forum…

1. Comprehensive Risk Assessment: The foundation of any effective access control regime is a thorough risk assessment. IT security professionals need to identify the critical assets within their organisation, understand the potential vulnerabilities, and assess the threats. This comprehensive evaluation helps in determining the appropriate level of access control required to protect these assets.

2. Least Privilege Principle: One of the cornerstones of access control is the principle of least privilege. This means granting users only the access rights they need to perform their job functions and no more. Implementing the least privilege principle minimises the risk of accidental or intentional data breaches, as it limits the amount of data and systems to which any given user has access.

3. Multi-factor Authentication (MFA): Relying solely on passwords for user authentication is increasingly seen as inadequate. Multi-factor authentication adds an additional layer of security by requiring two or more verification methods to gain access. This could include something the user knows (a password), something the user has (a security token or mobile device), or something the user is (biometric verification).

4. Regular Audits and Reviews: To ensure that access controls remain effective and relevant, regular audits and reviews are essential. This involves checking who has access to what and ensuring that this access is still required. It also includes reviewing the access control policies and procedures to ensure they are up to date with the latest security threats and technological advancements.

5. User Training and Awareness: An often-overlooked aspect of access control is user training and awareness. Users need to understand the importance of access control measures and how to comply with them. This includes recognising phishing attempts, safeguarding their credentials, and reporting any suspicious activity.

6. Integration and Scalability: As organisations grow and evolve, so too do their access control needs. IT security professionals should seek access control solutions that can integrate seamlessly with existing systems and scale as the organisation expands. This ensures a consistent and manageable access control regime across all areas of the business.

An effective access control regime is built on thorough risk assessment, adherence to the principle of least privilege, the implementation of multi-factor authentication, regular audits, user training, and scalable, integrated solutions. By focusing on these key pillars, IT security professionals in the UK can safeguard their organisations against unauthorised access and the myriad of security threats that accompany it.

Are you searching for Access Control solutions for your organisation? The Cyber Secure Forum can help!

Photo by rc.xyz NFT gallery on Unsplash