Content by Michael Novinson

Why a Wiz-SentinelOne Deal Makes Sense, and Why It Might Not

Michael Novinson  •  August 28, 2023

Venture-backed cloud security firm Wiz swallowing up publicly traded endpoint security firm SentinelOne would be one of the most unorthodox and surprising acquisitions the cybersecurity industry has ever seen. But despite the major financial hurdles, the potential technology synergies are obvious.

Training LLMs on Private Data for Higher Accuracy

Michael Novinson  •  August 28, 2023

Large language models have revolutionized various industries by automating language-related tasks, enhancing user experiences and enabling machines to communicate more naturally with human beings, according to Rodrigo Liang, CEO of SambaNova Systems.

The Silent Threat: Negligent Users in SaaS Cybersecurity

Michael Novinson  •  August 28, 2023

Insider threats continue to pose significant concerns in today's digital landscape. While malicious insiders have garnered attention due to harmful intent, negligent users often make unintentional mistakes, contributing to potential cybersecurity risks.

Advanced Malware: Why AI Can't Help All Hackers

Michael Novinson  •  August 28, 2023

The fear that ChatGPT could turn a low-sophisticated hacker into a sophisticated adversary is unfounded, said Howard Marshall, global intelligence lead, Accenture Security. He says most hackers lack the expertise and education to create sophisticated malware.

Trojanized Advertisements: Russian Hackers' New Move

Michael Novinson  •  August 25, 2023

Malicious actors often devise ingenuous ways to infiltrate networks. Michael Sikorski, CTO and vice president of engineering of Unit 42 at Palo Alto Networks, shed light on an unconventional tactic deployed by Russian hackers: the Trojanization of legitimate advertisements.

Thinking of Deploying Generative AI? You May Already Have

Michael Novinson  •  August 24, 2023

Enterprises have been keenly exploring the potential of generative AI, deploying it to fuel innovation. But stealthy integration of AI features into products already owned by organizations has cybersecurity experts worried, said Jeff Pollard, vice president and principal analyst at Forrester.

DDoS-for-Hire Services: Trends and Enforcement

Michael Novinson  •  August 24, 2023

The demand for DDoS-for-hire services has surged significantly in recent years. Cameron Schroeder, chief of the Cyber and Intellectual Property Crimes Section at the U.S. Attorney’s Office, said the increase is driven by accessibility, ease of use and the need for only minimal technical proficiency.

The Changing Landscape of Cybersecurity Education

Michael Novinson  •  August 23, 2023

As the digital landscape evolves, security teams need skills and training platforms that can provide the right resources for an organization "by showing what someone has got in terms of skills, without necessarily fully relying on their CVs," said Jess Burn, senior analyst at Forrester.

Securing the CISO: Navigating Liability and Investigations

Michael Novinson  •  August 23, 2023

Recent legal actions against CISOs have spawned a debate on whether security leaders should be held accountable for security incidents. CISOs should manage this shifted liability through real-time documentation and collaboration with law enforcement, said attorney Stephen Reynolds.

What CISOs Must Implement in Their First 90 Days on the Job

Michael Novinson  •  August 23, 2023

Grant Bourzikas shared his experience as the new CISO at Cloudflare, highlighting a 90-day period during which he engaged with customers, internal nonsecurity personnel, executives and his team to gather insights on Cloudflare's security landscape.

AI vs. Deepfake: Detecting, Disrupting and Defending

Michael Novinson  •  August 22, 2023

The nature of fraudulent content has taken on new dimensions with the emergence of generative AI. This new era has ushered in tools capable of creating fake images, voices and videos that can be difficult to distinguish from genuine content, warned Bryan Ware, chief development officer at ZeroFox.

The Role Generative AI Can Play in Threat Detection

Michael Novinson  •  August 22, 2023

Chen Burshan, the CEO of Skyhawk Security, wants to use the power of generative AI as part of the threat detection flow. Organizations with risk management tools in place and risk reduction occurring are still getting breached and therefore need to focus more on threat detection, he said.

Zero Authority: Future of Security and Business Enablement

Michael Novinson  •  August 21, 2023

In the ever-evolving landscape of cybersecurity, zero authority is giving defenders a new perspective on security and business enablement, said Jake Seid, general partner at Ballistic Ventures. "Zero authority is an architectural change that affects every area of security," he said.

Why Ransomware Gangs Opt for Encryption-Less Attacks

Michael Novinson  •  August 21, 2023

In encryption-less attacks, ransomware gangs steal large volumes of sensitive data, including terabytes of information, without locking up systems. Attackers leverage the value of the stolen data as a means to coerce organizations into paying ransoms to avert data release.

The Hidden Benefits of Negotiating With Ransomware Attackers

Michael Novinson  •  August 21, 2023

Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather important information through negotiations, slow down the process and even lower the ransom demand.