Cybersecurity Snapshot: Cyber Teams Adopt GenAI, Integrated Suites To Boost Defenses
2023-10-20 21:0:0 Author: www.tenable.com(查看原文) 阅读量:3 收藏

Cyber Teams Adopt GenAI and Integrated Suites To Boost Defenses

Cyber leaders are embracing generative AI and product suites, while ditching siloed tools. Plus, check out a guide packed with anti-phishing tips, and another one full of IAM security best practices. Also, discover the skills that cybersecurity recruiters value the most. And much more!

Dive into six things that are top of mind for the week ending October 20.

1 - Study: CISOs bet on GenAI, integrated cybersecurity suites

In: Defensive generative AI technology and integrated cybersecurity suites. Out: Tool sprawl from individual security products that don’t play well together. 

That's one of many findings from the “2024 Global Digital Trust Insights” report from PwC, which surveyed 3,800 C-level business, technology and security executives from 71 countries and across a variety of industries.

In a clear trend towards consolidation of cyber toolsets, 44% of respondents reported using an integrated suite of security products, while 39% plan to adopt one in the next two years.

CISOs adopt GenAI, integrated cybersecurity suites

Meanwhile, the report found that while organizations worry about hackers using generative AI to boost their attacks, they’re also excited about leveraging this technology to strengthen their cybersecurity capabilities.

Specifically, almost 70% said they’ll use generative AI for cyber defense in the next 12 months, while 47% are already using it for cyber risk detection and mitigation. One fifth of respondents report already reaping benefits from their use of generative AI for cybersecurity.

To get more details:

For more information about the impact of generative AI on cybersecurity:

To dive deeper into the value of integrated cybersecurity platforms:

2 - Guide: Anti-phishing best practices

Looking for a primer on how to protect your organization from phishing attacks? Check out the guide “Phishing Guidance: Stopping the Attack Cycle at Phase One”, published this week by CISA, the NSA and the FBI. The 14-page document groups its recommendations under two main attack categories: theft of login credentials and malware deployment. 

Here’s a sampling of the best practices discussed:

  • To prevent phishers from obtaining login credentials:
    • Regularly conduct user training, so that employees learn to identify suspicious emails, links and attachments
    • Adopt the Domain-based Message Authentication, Reporting and Conformance (DMARC) protocol
    • Monitor internal mail and messaging traffic
    • Implement phishing-resistant multi-factor authentication (MFA) for administrators and other accounts with elevated access privileges
    • Roll out a single sign-on (SSO) program

Anti-phishing best practices

  • To prevent phishers from executing malware:
    • Set up denylists in the email gateway, and use them to block malicious domains, URLs and IP addresses
    • Adopt the principle of least privilege for user accounts
    • Implement application allowlists
    • Block macros by default

To get more details, check out:

3 - ISACA: IAM ranks first among most sought-after cyber tech skills 

Identity and access management (IAM) is the cybersecurity skill that hiring managers look for the most, closely followed by cloud computing.

That’s according to ISACA’s “State of Cybersecurity 2023, Global Update on Workforce Efforts, Resources and Cyberoperations,” report, which surveyed 2,100 security leaders globally.

Data protection, incident response and DevSecOps rounded out the list of the top five tech skills that recruiters seek when filling cybersecurity jobs.

IAM ranks first among most sought-after cyber tech skills

Regarding soft skills, communication ranks first, followed by critical thinking, problem solving, teamwork and attention to detail.

And speaking of soft skills, it’s the area with the biggest gap among cybersecurity pros, followed by cloud computing, security controls, coding skills and software development.

Other interesting findings include:

  • 59% of respondents said their cyber teams are understaffed
  • 56% said retaining cybersecurity staffers remains a challenge
  • 62% said their organizations underreport cyberattacks

To get more details, download the report and check out these ISACA resources:

4 - Survey: Password without MFA remains top login method

Entering a password manually without any other form of authentication remains the most common method for logging into online accounts, although it’s considered the least secure.

That’s a key finding from the “Online Authentication Barometer” report, released this week by the FIDO Alliance, a tech industry consortium that promotes alternative login technologies and authentication standards.

Password without MFA remains top login method

Now in its fourth year, the report is based on a survey of 10,000 consumers in Australia, China, France, Germany, India, Japan, Singapore, South Korea, the U.K. and the U.S.

Other important findings include:

  • Biometrics, such as a fingerprint or face scan, ranks as both the preferred sign-in method and the most secure
  • Awareness of other login methods such as passkeys is growing
  • Artificial intelligence is driving an increase in the number and sophistication of suspicious messages and online scams
  • The inability to remember a password is driving up the average number of times per day that a person gives up on an online purchase or on accessing an online service – from 3.18 in 2022 to 3.68 in 2023

It’s promising that respondents are increasingly interested in using stronger authentication methods such as biometrics, Andrew Shikiar, Executive Director and CMO at FIDO Alliance, said in a statement.

“That said, high password usage without 2FA worryingly reflects how little consumers are still being offered alternatives like biometrics, resulting in lingering usage,” he added.

To get more details, read the report’s announcement “FIDO Alliance study reveals growing demand for password alternatives as AI-fuelled phishing attacks rise” and check out the “2023 Online Authentication Barometer” report.

For more information about new methods of authentication:

5 - CISA: MFA, SSO ranks as top IAM security challenges

And speaking of authentication methods, a new document from CISA and the NSA states that, when it comes to securing IAM systems, MFA and single sign-on (SSO) remain thorny challenges for enterprise developers and technology vendors.

The joint document, titled “Identity and Access Management: Developer and Vendor Challenges”, outlines these roadblocks and offers recommendations. 

MFA, SSO ranks as top IAM security challenges

Here’s a sampling of challenges and their recommended solutions for tech vendors:

  • Ambiguous MFA terminology
    • Standardize MFA terms so that definitions and policies are clear to organizations
    • Map IAM products to NIST requirements, such as those in NIST SP 800-63
  • Unclear security properties of certain MFA implementations
    • Expand phishing-resistant authentication methods to more use cases, and simplify and standardize their adoption
    • Make MFA systems “maximally user friendly” to promote higher user adoption
  • Difficult SSO integration into enterprise IT infrastructure
    • Ease integration of SSO with legacy applications by creating an open-source repository of standards-based modules

To get more details, read the “Identity and Access Management: Developer and Vendor Challenges” publication.

6 - U.S. government expands guide for “secure by design” software

Software should be designed with customer security as a core goal, and should be secure “out of the box”, requiring no complex configurations and no extra fees for any security features.

That’s the “secure by design” and “secure by default” vision outlined in the revamped guide “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure By Design Software” jointly released this week by CISA, the FBI, the NSA and cyber agencies from 13 countries. 

“Together, these two philosophies move much of the burden of staying secure to manufacturers and reduce the chances that customers will fall victim to security incidents resulting from misconfigurations, insufficiently fast customer patching, or many other common issues,” reads the guide.

Government expands guide for secure by design software

The document, which was published originally in April, grew from 15 pages to 36 pages, with the bulk of the additions detailing further CISA’s three main “secure by design” principles for software makers:

  • Take ownership of customer security outcomes
  • Embrace radical transparency and accountability
  • Lead from the top

While mostly focused on best practices for software vendors, the document also includes recommendations for software customers, including:

  • Ensure the software you buy complies with “secure by design” and “secure by default” principles, as outlined by CISA and by your own IT department
  • Require that your IT suppliers commit to solving security issues promptly, and that they offer transparency into their existing and future internal security controls and posture
  • When subscribing to cloud services, make sure you understand the shared responsibility model

To get more details, check out:

Juan Perez

Juan Perez

Juan has been writing about IT since the mid-1990s, first as a reporter and editor, and now as a content marketer. He spent the bulk of his journalism career at International Data Group’s IDG News Service, a tech news wire service where he held various positions over the years, including Senior Editor and News Editor. His content marketing journey began at Qualys, with stops at Moogsoft and JFrog. As a content marketer, he's helped plan, write and edit the whole gamut of content assets, including blog posts, case studies, e-books, product briefs and white papers, while supporting a wide variety of teams, including product marketing, demand generation, corporate communications, and events.

Related Articles

  • Cloud
  • Cybersecurity Snapshot
  • Exposure Management
  • Federal
  • Government
  • Risk-based Vulnerability Management
  • SANS

Cybersecurity News You Can Use

Enter your email and never miss timely alerts and security guidance from the experts at Tenable.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable Vulnerability Management

Formerly Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable.io. A representative will be in touch soon.

Try Tenable Nessus Professional Free

FREE FOR 7 DAYS

Tenable Nessus is the most comprehensive vulnerability scanner on the market today.

NEW - Tenable Nessus Expert
Now Available

Nessus Expert adds even more features, including external attack surface scanning, and the ability to add domains and scan cloud infrastructure. Click here to Try Nessus Expert.

Fill out the form below to continue with a Nessus Pro Trial.

Buy Tenable Nessus Professional

Tenable Nessus is the most comprehensive vulnerability scanner on the market today. Tenable Nessus Professional will help automate the vulnerability scanning process, save time in your compliance cycles and allow you to engage your IT team.

Buy a multi-year license and save. Add Advanced Support for access to phone, community and chat support 24 hours a day, 365 days a year.

Tenable.io

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy.

Your Tenable Vulnerability Management trial also includes Tenable Lumin and Tenable Web App Scanning.

Tenable.io

BUY

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

65 assets

Choose Your Subscription Option:

Thank You

Thank you for your interest in Tenable.io. A representative will be in touch soon.

Try Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to our latest web application scanning offering designed for modern applications as part of the Tenable One Exposure Management platform. Safely scan your entire online portfolio for vulnerabilities with a high degree of accuracy without heavy manual effort or disruption to critical web applications. Sign up now.

Your Tenable Web App Scanning trial also includes Tenable Vulnerability Management and Tenable Lumin.

Buy Tenable Web App Scanning

Formerly Tenable.io Web Application Scanning

Enjoy full access to a modern, cloud-based vulnerability management platform that enables you to see and track all of your assets with unmatched accuracy. Purchase your annual subscription today.

Try Tenable Lumin

Visualize and explore your exposure management, track risk reduction over time and benchmark against your peers with Tenable Lumin.

Your Tenable Lumin trial also includes Tenable Vulnerability Management and Tenable Web App Scanning.

Buy Tenable Lumin

Contact a Sales Representative to see how Tenable Lumin can help you gain insight across your entire organization and manage cyber risk.

Thank You

Thank you for your interest in Tenable Lumin. A representative will be in touch soon.

Request a demo of Tenable Security Center

Formerly Tenable.sc

Please fill out this form with your contact information.

A sales representative will contact you shortly to schedule a demo.

* Field is required

Request a demo of Tenable OT Security

Formerly Tenable.ot

Get the Operational Technology Security You Need.

Reduce the Risk You Don’t.

Request a demo of Tenable Identity Exposure

Formerly Tenable.ad

Continuously detect and respond to Active Directory attacks. No agents. No privileges.

On-prem and in the cloud.

Request a Demo of Tenable Cloud Security

Exceptional unified cloud security awaits you!

We’ll show you exactly how Tenable Cloud Security helps you deliver multi-cloud asset discovery, prioritized risk assessments and automated compliance/audit reports.

Thank You

Thank you for your interest in Tenable Cloud Security. A representative will be in touch soon.

See
Tenable One
In Action

Exposure management for the modern attack surface.

See Tenable Attack Surface Management In Action

Formerly Tenable.asm

Know the exposure of every asset on any platform.

Thank You

Thank you for your interest in Tenable Attack Surface Management. A representative will be in touch soon.

Try Tenable Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Tenable Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Try Nessus Expert Free

FREE FOR 7 DAYS

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.

Already have Nessus Professional?
Upgrade to Nessus Expert free for 7 days.

Buy Tenable Nessus Expert

Built for the modern attack surface, Nessus Expert enables you to see more and protect your organization from vulnerabilities from IT to the cloud.


文章来源: https://www.tenable.com/blog/cybersecurity-snapshot-cyber-teams-adopt-genai-integrated-suites-to-boost-defenses
如有侵权请联系:admin#unsafe.sh