In this episode of the SecurityANGLE, our cybersecurity-focused series, I’m joined by Matt Radolec, VP of Incident Response, Cloud Operations, & SE EU at Varonis, for a conversation about navigating the security risks posed by generative AI and thoughts on how organizations can adopt AI but also manage to mitigate risk at the same time.


Varonis hosted one of its Data First Forum events a few weeks ago, which featured over 1,100 registrants and CISOs sharing lessons and insights on all things generative AI.



It was interesting to see that while 67% of organizations reported increasing their investments in generative AI, only about one-fifth of organizations shared they feel their organizations are prepared for the risk that comes along with gen AI, which tracks with our research on this topic as well.



And that is precisely why Matt and I wanted to discuss navigating security risks posed by generative AI in this episode, since it's obviously a very hot topic.



In this discussion, we explored:



- Some of the key risks CISOs are worried about associated with deploying gen AI tools.

- The challenges and concerns especially from a security standpoint, that the Varonis team is hearing from CISOs as it relates to generative AI.

- How business leaders are determining business use cases that provide the greatest potential for organizations and the role of IT teams in that process.

- What a solid game plan looks like for deploying and maintaining copilots safely.

- Thoughts on practices for securing gen AI tools like copilot

We closed the show with some tips and tricks that Radolec recommends for safely deploying gen AI to your enterprise security tech stack.



Hope you’ll join us for what was a fantastic discussion.

This episode of the SecurityANGLE features host Shelly Kramer, managing director and principal analyst at theCUBE Research, and Jo Peterson, analyst, engineer, and member of theCUBE Collective community of independent analysts and Teradata CISO Billy Spears for a conversation exploring data warehouse security strategies.

Today, the average size of a modern data warehouse is over 100 terabytes. For comparison purposes, Walmart achieved the first 1 terabyte data warehouse in 1991.

Data warehouses store data from a variety of sources, including customer information, product information, employee-related personnel information, sales records, and invoices. They are designed to support decision-making through data collection, consolidation, analytics, and research.

We’ve seen the data warehouse evolve into variations: data lakehouse, data cube, data silo, and even a data swamp. And what all of these repositories have in common besides data is the need for security, which is exactly why we're excited to have Billy Spears as our guest today.

Billy is on the CNBC Tech Executive Council, he's a venture advisor for Avenir, a product advisory board member for Palo Alto Networks, a cybersecurity board advisor for Cyvatar — and all this advisory work is work he does in addition to his role as CISO at Teradata.

Our conversation today covered:

- Security concerns that arise when building a data warehouse

- Best practices for data warehouse security

- The impact of concepts like applying the principle of least privilege and Zero Trust Network Access

- How utilizing AI can help as it relates to security and access control in a data warehouse environment.

- Balancing the risk while also utilizing cost-effective ways to protect different categories of data in accordance with the varying degrees of protection required by each.

Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by fellow analyst and frequent co-host Jo Peterson on the SecurityANGLE podcast for a conversation about deception technology, a strategy designed to attract cybercriminals away from an enterprise’s true assess and divert them to a decoy or trap, is gaining traction today.

The deception tech decoy mimics legitimate servers, applications, and data so that the criminal is tricked into believing that they have infiltrated and gained access to the enterprise's most important assets when, in reality, they have not. The strategy is employed to minimize damage and protect an organization's true assets. By populating the network with decoys, the onus is on adversaries to carry out an attack nearly perfectly flawlessly, without falling for any of the decoys and traps laid for them. Once a security team is alerted to their presence, they can analyze the behavior of the cyber attackers and use that intelligence to thwart their efforts.

We explored some of the vendors providing deception tech solutions, which include: Acalvio, Fortinet, Zscaler, Smokescreen, SentinelOne, Rapid7, Morphisec, and Cynet Systems.

There are myriad benefits to incorporating deception technology solutions into your security tech stack, so hang around for the conversation and learn more.

In this episode of the SecurityANGLE, I'm joined by Global Strategy Leader for IBM Security Sam Hector for a deep dive into one of my favorite annual reports, the 19th annual IBM Cost of a Data Breach Report.


This year’s report is based on insights from 604 organizations impacted by data breaches between March 2023 and February 2024. The research is conducted each year by the Ponemon Institute and sponsored, analyzed, and published by IBM.



Some of the things the report covers include:



• The average cost of a data breach

• The most common factors leading to a breach

•. The most common attack vectors

• The mean time it takes organizations to identify and contain a breach

• Costs by geo and industry

• The impact of involvement of law enforcement post-ransomware attack

• Last but not least, the report takes a look at the use of AI and automation in prevention and detection



On the good news front, the IBM report shares that the time to identify and contain a data breach appears to have been significantly reduced to 258 days, 26 days less than the year prior, and a 7-year low.



Another bit of very good news is that it appears internal security teams (and/or managed security services providers) are getting exponentially better at detecting their own breaches as opposed to discovery by a third party and/or notification by a threat actor.



Join Sam and me for a walk through the report, a discussion about what's happening in the industry as it relates to cyber security, the challenges customers face, and the technology solutions they are relying on to help mitigate those challenges.

In this episode of the SecurityANGLE our conversation revolves around cyber resiliency and how embracing a proactive security approach can not only help address gaps in visibility, but also ensure organizations the business resilience they seek, as well as help them keep up with the rapid pace of innovation that is our reality today.

My guest today is Tom Parker, the CTO of NetSPI. Tom is the former founder of Hubble Technology, a cyber asset surface management technology (CAASM) company acquired by NetSPI this past June to expand its proactive security approach.

The main focus of our conversation in this episode centered on what’s happening in the industry and what we’re seeing from customers as it relates to their challenges and pain points. One thing we know for certain is that a lack of visibility is a significant challenge, as is the understanding that the attack surface – both internal and external — is at the root of many of these issues.

It's a challenging time for businesses from a security standpoint. The attack surfaces are rapidly expanding, teams are challenged by a dearth of highly skilled talent, threat actors are getting more sophisticated, in many ways enabled by AI, and the data breaches, they keep coming. I highlighted some of the concerns I see from customers in the market as well as from our research, and Tom shared what he and his team are seeing and hearing from customers about the security challenges they have and how they are addressing those.

We also explored cyber attack surface management and how NetSPI's Hubble acquisition has added value to the NetSPI portfolio, along with the importance of gaining full visibility into internal and external attack surfaces, and we discussed the challenges organizations face in doing that.

Bottom line: If business resilience is the goal, it's safe to say that you can't have a reactive approach to security. Proactive security leads to an improved state of business resilience by providing a more holistic, accurate understanding of an organization's risk profile.

There is still a long way to go in enabling businesses to have the agility they need to achieve a state of cyber resilience as they keep up with evolving tech. Rather than siloed solutions that only address one part of the problem, organizations need a complete picture of their threat environments through a more proactive security approach. So yes, absolutely, visibility matters!

In this episode of the SecurityANGLE, Jo Peterson and I break down some key takeaways from Black Hat 2024, a look at Ivanti's State of Cybersecurity 2024 Report and some of its findings, as well as an overview of some of the briefings we were most interested in, along with vendors who either had interesting news and/or cool product launches/updates that we wanted to delve into.

In this episode of the SecurityANGLE, our podcast series on all things security, Shelly Kramer, managing director and principal analyst at theCUBE Research. I’m joined by my friend and fellow analyst, Jo Peterson, for a conversation today about Secure Enterprise Browsers and how we see these as the new endpoint.

Browsers. It’s hard to think that the first web browser was developed almost 30 years ago, but it's true! And today, the humble browser is often our collective window to not only the world, but to our world of work as well.
The question that you might be asking yourself right now is this: What does the enterprise browser have to do with security? The answer is a lot! And to take it even further, let’s consider this: are secure enterprise browsers the new endpoint? The answer is yet again another resounding YES.

In fact, Gartner predicted that by 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices, delivering a seamless hybrid work experience.

This rise in interest in and the enterprise embrace of secure enterprise browsers makes perfect sense: almost every high-value activity and interaction in the enterprise takes place on a browser today. Authentication, access, communication and collaboration, administration, and even coding are all browser-based activities in the modern enterprise. But this gateway to work is also the gateway to sensitive corporate information and it represents a considerable risk vector, which is what we explore today.

This episode of the SecurityANGLE features Shelly Kramer, managing director and principal analyst at theCUBE Research and Tanium CEO Dan Streetman, for a conversation about the renewed interest in business resilience and business continuity following the massive CrowdStrike outage of a few weeks past as well as the fact that multi-cloud is becoming interesting at a whole new level as a potential multi-resiliency strategy.

The conversation covered mitigating and prevention and what we're collectively seeing and hearing from industry peers on this front in terms of how to protect against something like this happening in the future. We explored customer concerns on the resiliency and continuity front and how incidents like this impact other vendors in myriad ways.

We explored how the Tanium team has discussed this situation with customers and the importance immediate data insights and speedy corrective actions are when it comes to preventing similar occurrences in the future.

We also discussed AI and automation and the role they can play in circumventing similar instances moving forward.