I gave a speech at the The-C2 meeting last week in London. The staff at SE LABS holds the invite-only threat intelligence event called the-C2. Artificial intelligence, supply network security, and computer health were the main topics of conversation at the time of the event, which drew interesting discussion. Unsurprisingly, all three of these were quite interconnected and dominated the discussions in surprising equal ways. Following are a few thoughts on each outcome of the event.
Generative AI Security Tools Technology Goes Right Now
Over the past two years, security tools have undergone generative AI ( genAI ) development, from copilots to claims to the autonomous security operations center. The Blob is back! We’ve seen that many of the functions developed don’t offer the benefit experts truly need. The most prevalent use cases have been knowledge articulation ( such as chatbots ) or content creation ( such as human-readable case descriptions or query language conversion ).
- Although human-readable situation descriptions are book, some security professionals prefer to read paragraphs on paragraphs of text over receiving a swift and direct response.
- Although it is fascinating to translate a query into another language, it only works really well for basic concerns. Additionally, it might result in less effective outcome.
- Chatbots can be entertaining to interact with, but they detract from the analyst’s workflow and demand perhaps more context switching, adversely affecting the analyst experience.
There are a few situations where genAI features have been very helpful, such as translating, localizing, and automating reporting ( i .e., Japanese to English, etc. ). ), and script research. However, AI agents are on the ocean for the real creativity.
Some vendors have now released agents that can be used to automatically screening alerts for phishing use cases, while others, including endpoints, have already been released. Through the use of SIEM query languages and scale-scale parsers, others have developed conceptual AI features to make SIEM movement simpler. Better outcomes for analysts are being achieved by simplifying mundane jobs and doing it all at range in an observable way. Security experts may become looking for feature modifications in these improvements.
The Supply Chain Resilience Is A Messy Hair Ball Really Beginning to Get Messier.
The need for supply chain resilience comes from two sources: securing the supply chain for technology and developing resilience through third-party risk management with the nth-party vendors you employ. As conceptual AI software expand, the complexity of the program provide network increases, particularly when it comes to comprehending how information is being used and how to protect it. In some ways, it’s based on outdated guidelines. In some people, it’s a little unique.
The discussion around software costs of materials ( SBOMs) was one of the features of the conference. SBOMs should be a crucial need for technology producers because they let teams know exactly what application is being used and why. Despite this, the sector has lag. In my Forrester WaveTM examinations, I frequently ask about SBOMs in order to encourage security vendors to take the lead in enabling customers to gain greater visibility into their program supply chain.
If You Don’t Practice Basic Security Hygiene, None of This Things.
The key to managing trade-offs and tools in business security is. All the cutting-edge new technology in the world does contribute only gradually to the solution. In contrast, emphasizing and addressing the issues at the top can have a significant, positive impact if you have a list of essential common vulnerabilities and exposure that you haven’t patched. Research from Forrester on proactive protection tactics demonstrates how to constantly improve visibility, priority, and remediation while tailoring prioritization to your business case.
These three subjects are anticipated to be significant elements in 2025. To learn more about how to protect against the most significant changes taking place this year, see our statement, Major Recommendations For Your Security Program, 2025.
Book an examination or instruction program with me or one of my associates if you have any more questions about AI, supply chain resilience, security health, or other topics.