Through The Lens of ISMG: AI in Focus - Strengthening Security and Driving Innovation | Insights from Black Hat USA & DEF CON
Information Security Media Group (ISMG)
Inform. Educate. Connect. ISMG is a Global Leader in Cybersecurity Education, Intelligence and Research.
In the rapidly evolving landscape of artificial intelligence and cybersecurity, the need to balance innovation with robust security measures and effective regulation has become more critical than ever. The increasing intersection of AI with national security, regulatory frameworks and cybersecurity protocols is shaping the future of both technology and policy.?
This edition of the newsletter delves into recent insights from industry leaders at Black Hat USA and DEF CON 2024, exploring how AI is being leveraged to strengthen cybersecurity and drive innovation while also addressing the challenges that accompany its deployment.?
AI systems acting autonomously bring risks of large-scale mistakes that current human defenses can't match, says Matt Turek, deputy director at DARPA. He discusses AI agents, adversarial attacks and the need for provable AI safety in both offensive and defensive capacities.?
"Systems might take actions for you, whether that is in the virtual world or whether that is in the real world," Turek said. "Some of the challenges associated with that is that those agents may make mistakes at speed and scale that we're just not prepared to handle. Things can go wrong at speed and scale, and there's potential national security implications for that."
AI's integration into cybersecurity demands a strong foundational approach. Many companies seek advanced AI solutions but struggle with basic cybersecurity practices such as managing assets and patching vulnerabilities, said Michael Thiessmeier, executive director of U.S. NAIC-ISAO.?
"If we don't have data governance figured out, if we don't understand where the data sits, what the value of the data is, what the classification is supposed to be, and it only exists on paper records but not in a computerized form that we can act on it, how are we supposed to do anything beyond that?"
Brandon Pugh of R Street Institute discusses Congress' struggle to balance AI innovation and regulation, the U.S. approach compared to the EU, and the urgent need for privacy laws to protect AI-driven data. He emphasizes education on AI technologies and the ongoing challenge of defining key terms.?
"Many are not experts when it comes to AI, and I think to their credit, they've recognized that," Pugh said. "So it's a matter of learning, 'What do we need to do?' There's not actually even agreement around, 'What is an algorithm?' That sounds so basic, but that is key. So, I think we're in a learning phase."
Kevin Kin, Global Vice President of Systems Engineering at Palo Alto Networks, and Matt Shriner, Global Executive Partner of Threat Management at IBM, outline the role of AI in the cybersecurity landscape, the evolution of threats, and collaborative solutions.?
Trail of Bits' Michael Brown explores the dual challenges of applying AI and ML to cybersecurity and securing these evolving technologies themselves. He discusses the complementary nature of traditional and AI/ML-based approaches and highlights the pressing need for secure development life cycles.?
"The AI/ML systems that we build for achieving security objectives - they tend to excel where our conventional techniques start to fail, and they start to fail where the conventional techniques tend to succeed," Brown said.
AI-powered tools such as Microsoft Copilot can be manipulated by attackers to access sensitive data and perform unauthorized actions, says Michael Bargury, co-founder and CTO of Zenity. Enterprises must address these new security challenges when adopting AI technologies.?
Infosecurity Europe 2024: Latest Insights on Cybersecurity?
The Infosecurity Europe 2024 Compendium features cybersecurity insights from the industry's top researchers, CEOs, CISOs, government leaders and more.?
Our editors spoke with prominent thought leaders on a wide range of topics including the role of generative AI in emerging threats and cyber defenses, the latest trends in cybercrime and ransomware, supply chain vulnerabilities, the regulatory environment, and strategies for responding to cyberattacks.?
Inside this 30-page Infosecurity Europe 2024 Compendium, we have curated a collection of video interviews featured across our news sites. It also includes insightful discussions from our live Editors' Panel updates from the conference and CyberEdBoard Profiles in Leadership interviews featuring members of ISMG's CyberEdBoard community. All the video content has been produced by ISMG.Studio , our state-of-art video studio hosted at major events worldwide.?
RSAC 2024: Cybersecurity Insights From 60 CEOs and Company Founders
The editorial team at ISMG spoke to some of the most well-known and influential leaders in the industry at RSA Conference 2024. Inside this 40-page CEO/Founder Compendium, you'll find insights on leadership, emerging trends in cybersecurity and the latest technologies and services.?
As the event's largest media sponsor, we staffed two video studios at the conference, producing nearly 150 interviews. This compendium features over 60 of those interviews with CEOs and company founders.?
Upcoming #ISMGEvents
Cybersecurity Summit: London
The Cybersecurity Summit in London is the ultimate gathering of elite cybersecurity practitioners, distinguished by its laser focus on the latest industry developments and toughest challenges. At the summit, we will dive deep into specialized topics such as the latest NIS2 directives, DORA resilience strategies, AI-driven cybersecurity innovations and sophisticated ransomware combat techniques.
CIO.inc's Cloud and AI Innovation Summit 2024
CIO.inc 's Cloud and AI Innovation Summit 2024 will unite cloud computing leaders, experts and enthusiasts to explore advancements, trends and best practices shaping business and technology. The summit sessions will include discussions on generative AI models in the cloud, cloud security in the 5G era, cloud computing, cloud interoperability and cyber insurance. Join us to gain insights on how leaders are spearheading excellence across technology implementations, crafting unique user experiences to drive innovative, secure and insightful business growth.
Nordic Cyber Summit
The acclaimed Nordic Cyber Summit returns to Copenhagen on September 12 and 13 for its 7th annual edition, aimed at strengthening the region’s cyber defenses. The summit will gather 150+ cybersecurity leaders from major Nordic organizations, such as Danske Bank, PostNord and Carlsberg to network and share first-hand experiences in a collaborative setting. Topics, including NIS2 Directive, the opportunities and risks of AI and ransomware attacks, will be at the forefront of the agenda.
FranSec
Since 2020, FranSec has been the must-attend cybersecurity event in France, bringing together brilliant minds to discuss the country’s ever-changing cybersecurity landscape. Join us for advice from trailblazing IT security experts from SUEZ, Groupe Crédit Agricole, Club Med, RATP Group, Decathlon and more, on how to become a #CyberResilience expert in the international spotlight, address the cybersecurity skills gap to attract, train and retain the best talent, take advantage of compliance to strengthen security, and more.
Cybersecurity Summit: Africa
With the evolving digital landscape, Africa faces a growing array of cybersecurity challenges. In 2023, ransomware attacks in Africa increased by 50%, with the financial and healthcare industries being the most targeted. African industries faced significant losses due to cyber incidents, with the banking sector alone incurring an estimated $1 billion in damages from cyberattacks in the past year. Governments across Africa are taking proactive steps to enhance cybersecurity. Join the Cybersecurity Summit: Africa to explore the latest cybersecurity trends in Africa. The summit will bring together industry visionaries and thought leaders who will delve into topics including third-party security, the rise in social engineering attacks, cloud defense strategies and cross-border cybersecurity cooperation, among others.
Cybersecurity Summit: Canada East?
Experience the pinnacle of cybersecurity expertise at ISMG's Cybersecurity Summit: Canada East. The summit will bring together leading cybersecurity professionals to delve into the most recent industry trends and address critical challenges. Attendees will benefit from networking opportunities with key figures in the field, fostering the exchange of transformative ideas. Explore in-depth sessions on vital topics such as executive liability, cybersecurity & privacy laws, innovations in AI-driven cybersecurity, and advanced techniques to counteract ransomware.?
CyberEdBoard Profiles in Leadership: Karen Habercoss?
As the chief privacy officer at UChicago Medicine, Karen Habercoss likes to tell her peers, "I know more about security than the average bear." And her knowledge has been put to the test in recent years, with the adjustment to remote work, telehealth and digital transformation.?
That's all for today. We will be back next week.?
Until then, stay current with the latest happenings in cybersecurity by subscribing to our newsletter.?
Have a nice day ahead.?
- ISMG Social Media Desk?