AI has transitioned from experimental applications to real-world use cases. In 2024, many of us are harnessing AI to enhance our work efficiency, yielding tangible… Read More »AI: The Catalyst for Next-Gen Technological Ecosystems
Consumer trust is becoming more important and challenging in the digital age, especially for security vendors. Companies will take more rigorous action in the future if they find out that their trust has been violated by the security vendors, such as switching to alternative solutions, filing lawsuits, or reporting to regulators.
If you went into a house with the key in the door, this is still against the law. In cybersecurity it is only breaking the law if „the attacker circumvented security mechanisms“. Also, while using passwords, the state of technology includes additional security measures that help securing access (besides access security measures such as MFA, salting, biometrics, …).
I sat down with Shlomi and David from Cybellum to discuss trends in OT security, AI, automotive cybersecurity, and everything in between.
The UNECE R160 regulation introduces a mandate for installing Event Data Recorders (EDRs) in vehicles, essentially automotive “Black Boxes.” However, it’s crucial to note that security is not a focus within this regulation, as cyber security management and software updates at OEMs are addressed separately under R155/6.
Cyber Risk Management is a complex chess game of specified risks and unpredictable Black Swan events. While we assess and quantify known cyber risks, the challenge lies in acknowledging and preparing for Black Swans. Overfitting our risk strategies to past experiences may blind us to emerging threats. It’s not just about playing the regular moves but also being ready for the surprise checkmate.
Our security efforts have in large parts concentrated on implementing controls for business applications. However, it’s crucial not to overlook the security provided by our infrastructure and networks. The situation with OT underscores that, even when vulnerabilities cannot be resolved, a secure infrastructure can prevent large-scale cyber incidents.
Yes, your users are using AI tools.
Yes, you can’t stop them.
And yes, there is risk in new technology.
The key is to be proactive without being restrictive, to educate without intimidating, and to secure without stifling. Yes, AI is here, and yes, it comes with its own set of risks. But with thoughtful planning and strategic adaptation, there’s no need to hit the panic button—instead, it’s time to breathe.