Google’s record acquisition Wiz for US$32 billion marks a pivotal moment in the industry. Security solutions are no longer defined solely by their technical depth, but also by their usability and integration. Now, Wiz as part of Google gives them a unique insight into the other hyperscalers by integrating their cloud workloads into Wiz security monitoring.
The rapid advancement of AI technologies has intensified global concerns regarding security vulnerabilities and ethical implications. While the broader international community demonstrates a predominant focus on securing AI systems against potential threats, the regulatory landscape,… Global Interest in AI Security versus EU Regulatory Priorities: A Comparative Analysis
The intersection of the Cyber Resilience Act (CRA) and the German product liability law (Produkthaftungsgesetz) creates a pivotal shift in the relationship between companies, their products, and third-party vendors. On one hand, the CRA mandates… Navigating the Dual Dynamics of Cyber Resilience and Vendor Liability
AI has transitioned from experimental applications to real-world use cases. In 2024, many of us are harnessing AI to enhance our work efficiency, yielding tangible productivity gains. Concurrently, AI models and services are becoming more… AI: The Catalyst for Next-Gen Technological Ecosystems
Consumer trust is becoming more important and challenging in the digital age, especially for security vendors. Companies will take more rigorous action in the future if they find out that their trust has been violated by the security vendors, such as switching to alternative solutions, filing lawsuits, or reporting to regulators.
If you went into a house with the key in the door, this is still against the law. In cybersecurity it is only breaking the law if „the attacker circumvented security mechanisms“. Also, while using passwords, the state of technology includes additional security measures that help securing access (besides access security measures such as MFA, salting, biometrics, …).
I sat down with Shlomi and David from Cybellum to discuss trends in OT security, AI, automotive cybersecurity, and everything in between.
The UNECE R160 regulation introduces a mandate for installing Event Data Recorders (EDRs) in vehicles, essentially automotive “Black Boxes.” However, it’s crucial to note that security is not a focus within this regulation, as cyber security management and software updates at OEMs are addressed separately under R155/6.
Cyber Risk Management is a complex chess game of specified risks and unpredictable Black Swan events. While we assess and quantify known cyber risks, the challenge lies in acknowledging and preparing for Black Swans. Overfitting our risk strategies to past experiences may blind us to emerging threats. It’s not just about playing the regular moves but also being ready for the surprise checkmate.
Our security efforts have in large parts concentrated on implementing controls for business applications. However, it’s crucial not to overlook the security provided by our infrastructure and networks. The situation with OT underscores that, even when vulnerabilities cannot be resolved, a secure infrastructure can prevent large-scale cyber incidents.