Mediaboss Marketing

I spent almost all of last weeks 2023 RSA Conference (RSAC) on the show floor as a technical asset, which has been my usual role for many years.

It was very clear that the pandemic was still affecting overall attendance in show attendees and in how vendors approach the show.As usual, there were a range of vendors from mature incumbent companies that have been fixtures for many years to small startups that were making their first appearance at RSAC. Even with the recent financial uncertainty, the attitude in general remains positive. While there have been a lot of layoffs in the tech sector overall, cybersecurity remains a priority for many organizations and the lack of qualified technical talent remains an issue.

One of the major topics of discussion at the show was artificial intelligence. There were several technical sessions that delved into the promise and challenges of AI technology, while there were a lot of conversations on the show floor about the subject as well. Its a hot topic and it doesnt seem like the hype will quiet down any time soon.

AI and machine learning have been factors in security products for many years, with various levels of emphasis versus actual effectiveness, but the ChatGPT conversation being the interface thats caught the publics imagination has taken center stage. Its a different conversation than in previous years where it felt like AI or machine learning were just buzzwords that were added more for marketing purposes than as a functional part of the product. MLwasa functional part of a lot of products, but it wasnt as powerful as it was often promised.

Now, numerous vendors mentioned that they were exploring how they could incorporate generative AI into their products, or how it was already on the roadmap. Though, at this point, I found that very few vendors had anything specific to show. The consensus was that generative AI can offer multiple benefits in the cybersecurity world, but were still having to figure out exactly where and how it will fit into our security stacks.

In talking to people from a range of specialties, industries, and technical capacities, there was some frustration with trying to pick the valid benefits and threats out of the media hype cycle. To paraphrase, the most common take I heard was that it could give some real advantages in triage as a kind of Intelligent SOC Assistant, and for helping with education and dealing with common security issues that the average users face.

Theres also a place for AI in dealing with the data overload a lot of security teams face. As machine learning and related fields improve, they get better at drawing connections out of disparate data. The generative AI aspects can help draw insights out of that parsed and filtered information. Were seeing this already in some areas, and itll continue to grow.

Some, myself included, have expressed worry about this latest generation of AI being used for social engineering, but there was much less concern about threat actors using it to develop malware. Overall, the impression was that those of us in cybersecurity had more to gain from this than the threat actors we are trying to stop will. Also, the hype about it being used to create unstoppable malware was highly exaggerated.Theres no doubt that AI will continue to make waves, and I expect well see a lot more of it over the rest of the year.

Overall, the mood was positive, with a general feeling that even with the downturn, there was still a positive need for investment in cyber. Though thats tempered with organizations needing to use their sometimes-limited resources to the best effect.On some level that best effect idea was apparent in the show booths. While the show was well attended, the displays were subtly toned down from years past.

A personal highlight was the National Security Agency (NSA) booth. The NSA has been bringing one of their vintage Enigma machines to RSA for years, and this year they broughttwoof the three-rotor machines with matching rotors. Having two machines with the same rotors let people use them to send encrypted messages, a rare treat for anyone interested in cryptography.

Mike Parkin, senior technical engineer, Vulcan Cyber

Original post:
The AI message at RSAC was long on hype and short on specifics - SC Media

The British sheep sector will be heavily showcased as part of the Coronation celebrations, with the King being a strong advocate for lamb and mutton.

King Charles' support for British sheep farmers and his passion for lamb and mutton are well documented.

Thousands of finely crafted woollen military uniforms will feature in the celebrations, and lamb will be a feature ingredient on the official Coronation menu.

In 2004, the King, alongside the sheep sector, launched the Mutton Renaissance campaign, which promoted the eating of quality mutton.

The campaign brought farmers, abattoirs, chefs and retailers together and set minimum standards for Renaissance mutton ensuring its eating quality and traceability.

It is also reported that the King regularly requests sustainably produced sheep meat be served in his royal residences.

And it is lamb, used in a recipe from celebrity chef Ken Hom, that is to be enjoyed as part of the Coronation menu.

The National Sheep Association (NSA) said it "comes as no surprise" to see the sector feature heavily in the Coronation celebrations.

The body said the sustainable farming methods used to rear sheep in the UK were "in tune with the Kings environmental values".

"It has produced sheep breeds that are adapted to their local conditions and so maintain and enhance that environment for us all to enjoy," the NSA said.

"This celebration of sustainability, agricultural heritage and culture are also key elements of the British Heritage Sheep project, run by NSA."

Bob Kennard, from the project said King Charles support for British lamb and mutton had shared a positive message on behalf of the farming community.

"His Majesty has also championed small local abattoirs, which have been in long-term decline, yet are essential to the short supply chains which enable farmers to tell the story of their meat," he said.

"His awareness of rural issues such as this will be highly appreciated by the communities living in these areas

King Charles is also a Patron of the Campaign for Wool. As highlighted by this campaign, wool will be a feature of many parts of the Coronation.

Read the original:
Sheep sector in spotlight as part of King Charles' Coronation - FarmingUK

LAS VEGAS (KLAS) Cyberattacks on companies and people are at an all-time high. At the moment, there are just not enough cybersecurity professionals in the country to help protect the world wide web.

Right now, there are three quarter million open positions in cyber security we a have a huge challenge in this country, UNLV Computer Science professor, Yohwan Kim said.

Kim helps run the GenCyber Camp at UNLV, a National Security Agency and National Science Foundation-funded cybersecurity camp for CCSD high school students.

My big wish with this industry is to just bring about innovation in the world, Leonard Guerrero said.

Guerreros dreams are out of this world. Guerrero is a junior at Clark County Adult Education. He said hes constantly studying cybersecurity. The GenCyber camp has helped him take his aspirations and talents to new heights.

Its a great, fun, intuitive program to network and communicate with other students who are passionate about the same things, Guerrero said.

He joined 60 students from all over the county on Saturday at the UNLV College of Engineering for the summer session of the GenCyber Camp.

Kim has been running the program with UNLV computer science professor, Juyeon Jo, since it started five years ago and told 8 News Now that the country needs young minds like Guerreros.

We do need to defend our system we need to protect our assets and we dont have that many experts to protect ourselves, Jo said.

Thats where UNLV comes in. The hope is that students from the GenCyber camp will return to UNLV to study computer science and cybersecurity. Some of the campers already have. A few are now teacher assistants in this summers program.

After this camp, they realize how this field is interesting and that its good and they choose the computer science major and then become a cyber security expert, Jo said. Were excited to see them growing and showing those who are also interested.

CCSD high school participants learn from cybersecurity experts about topics such as cybercrimes and protection, encryption techniques, and more through hands-on activities.

We want to give them impress on the cybersecurity, its not just technical stuff butits fun more like its fun. So, they can choose the cybersecurity career, Kim said.

The no-cost program is offered each year across three seasons to about 60 students all passionate about the same thing: cybersecurity.

When youre in contact with other children that are like doing the same thing it kind of just boosts your passion, Guerrero said.

The theme for 2023 is helping the community. Students assess small businesses systems and offer better solutions.

When youre in contact with other children that are like doing the same thing it kind of just boost your passion, Jo said.

Protectors of the world wide web, its something Guerrero told 8 News Now is what he and his GenCyber camp mates are working so hard for.

Having a world where you can be very protected, and you can just be safe. Its a crazy world out there, especially in the digitized world, Guerrero said.

You can still sign your child up for the Fall session and of course the 2024 sessions. Find out more about the GenCyber camp here.

Here is the original post:
UNLV teaching next generation of cybersecurity professionals with NSA-funded GenCyber Camp - KLAS - 8 News Now

SAN FRANCISCO Russian hackers are focused on using ransomware to attack supply chains both within Ukraine and in European countries being used to provide weapons and humanitarian aid in support of the Ukrainian war effort, a top National Security Agency official said Wednesday.

And as the war drags on, Russian hackers could be looking to attack logistics targets more broadly, including in the United States, said Rob Joyce, the NSAs director of cybersecurity. The NSA is seeing a significant amount of intelligence gathering into the Western countries, to include the U.S., in that logistics supply chain, Joyce said during a briefing at the RSA Conference.

There are no indications yet that any U.S. companies have been attacked with ransomware in connection with logistics related to Ukraine, he added, noting that how the United States would respond to such a scenario would be a policymaker question. If Russia broadened its attacks beyond Ukraine and its near abroad, that would represent a significant escalation in tactics and capabilities,Joyce said.

Military and humanitarian supplies especially lethal aid from the United States and European countries have played a pivotal role in Ukraines relatively successful effort to fend off the Russian invasion. The U.S. has provided Ukraine with nearly $30 billion in support along with a range of military equipment, including tanks and ammunition. The conflict in Ukraine marks the first time in the history of the European Union that the bloc has supplied lethal aid to another country.

Undermining that external support could provide a boost to the Russian war effort. I think theyre trying to figure out what is the way to disrupt the logistics internal to Ukraine, but especially all of the surge that the West has been able to bring forth, both lethal and the humanitarian goods flowing in, Joyce said.

Joyces warning on ransomware attacks on supply chains comes six months after the first publicly known instance of such an attack. In October, the Russian military intelligence hacking unit known as Sandworm targeted transportation and logistics companies within Ukraine and Poland with ransomware in October, according to Microsoft researchers.

That attack relied on a previously unidentified ransomware variant dubbed Prestige, and some observers perceived the decision to deploy ransomware against supply chains in Poland, a NATO member, as an escalation in Russias willingness to use its cyber capabilities to prosecute the war beyond Ukrainian borders.

More here:
NSA sees 'significant' Russian intel gathering on European, U.S. supply chain entities - CyberScoop

SAN FRANCISCO Artificial intelligence, particularly generative forms such as ChatGPT, was on the lips and minds of many cybersecurity professionals at the RSA Conference, including Rob Joyce, director of cybersecurity at the National Security Agency.

You cant walk around RSA without talking about AI [and] machine learning, Joyce said during a keynote about the state of cyberthreats, emerging risks and predictions for the year ahead.

Generative AI is a technological explosion, Joyce said. I wont say its delivered yet, but this truly is some game-changing technology thats emerging.

Cybersecurity professionals have concerns about AI and large language models fueling more dangerous and sophisticated attacks. That hasnt happened yet, but it could within a year, according to Joyce.

The NSA is tracking advancements for defenders and adversaries, and focusing on three areas as ChatGPT and other generative AI tools gain momentum. Here is what theyre watching.

How adversaries ultimately leverage generative AI and what they do with it remains a top, but not overwhelming concern.

I dont expect some magical technical capability that is AI generated that will exploit all the things, Joyce said.

Adversaries linked to nation states and criminal organizations are just starting to experiment with ChatGPT in their workflows, according to Joyce. Generative AI will eventually reduce the cycle and dwell time for attackers and its already enabling more effective phishing attacks.

AI will help threat actors rewrite code, changing the signature and attributes, to give it a unique look and feel that will impose challenges on defenders in the near term, Joyce said.

Buckle up, Joyce said. A year from now I think well have a bunch of examples of where its been weaponized, where its been used and where its succeeded.

On the fringes of generative AI advancement, Joyce and his colleagues at the NSA are cautiously tracking how adversaries might sow distrust or poison the well-intentioned operation of AI, rendering its benefits ineffective.

As people understand models are out there, theres going to be folks who look to manipulate them, Joyce said. How do we get trust and assurance in some of the things that were going to start counting on in generative AI and other models?

The NSA is also studying how defenders can use AI or machine learning to regain advantages.

Its showing real promise in being able to do rote things at scale scanning across massive amounts of logs, being able to pull patterns out to be able to correlate known CVEs and other things into your data streams, Joyce said.

Generative AI is especially impressive when used to add machine-like focus to troves of data and help defenders prioritize activities.

Thats the accelerant for defense, Joyce said. Its a huge amplification capability to make our defenders better, and I think youll see some of that emerge as well.

Follow this link:
3 areas of generative AI the NSA is watching in cybersecurity - Cybersecurity Dive