The Future of Cybersecurity: AI, Automation, and the Human Factor

New Post has been published on https://thedigitalinsider.com/the-future-of-cybersecurity-ai-automation-and-the-human-factor/

The Future of Cybersecurity: AI, Automation, and the Human Factor

In the past decade, along with the explosive growth of information technology, the dark reality of cybersecurity threats has also evolved dramatically. Cyberattacks, once driven primarily by mischievous hackers seeking notoriety or financial gain, have become far more sophisticated and targeted. From state-sponsored espionage to corporate and identity theft, the motives behind cybercrime are increasingly sinister and dangerous. Even as monetary gain remains an important reason for cybercrime, it has been overshadowed by more nefarious aims of stealing critical data and assets. Cyberattackers extensively leverage cutting-edge technologies, including artificial intelligence, to infiltrate systems and carry out malicious activities. In the US, the Federal Bureau of Investigation (FBI) reported more than 800,000 cybercrime-related complaints filed in 2022, with total losses exceeding $10 billion, shattering 2021’s total of $6.9 billion, according to the bureau’s Internet Crime Complaint Center.

With the threat landscape evolving rapidly, it’s time for organizations to adopt a multi-pronged approach to cybersecurity. The approach should be to address how attackers gain entry; prevent initial compromise; swiftly detect incursions; and enable rapid response and remediation. Protecting digital assets requires harnessing the power of AI and automation while ensuring skilled human analysts remain integral to the security posture.

Protecting an organization requires a multi-layered strategy that accounts for the diverse entry points and attack vectors employed by adversaries. Broadly, these are under four main categories: 1) Web and network attacks; 2) User behavior and identity-based attacks; 3) Entity attacks targeting cloud and hybrid environments; and 4) Malware, including ransomware, advanced persistent threats, and other malicious code.

Leveraging AI and Automation

Deploying AI and machine learning (ML) models tailored to each of these attack classes is critical for proactive threat detection and prevention. For web and network attacks, models must identify threats such as phishing, browser exploitation, and Distributed Denial-of-Service (DDoS) attacks in real time. User and entity behavior analytics leveraging AI can spot anomalous activities indicative of account compromise or misuse of system resources and data. Finally, AI-driven malware analysis can rapidly triage new strains, pinpoint malicious behavior, and mitigate the impact of file-based threats. By implementing AI and ML models across this spectrum of attack surfaces, organizations can significantly enhance their capability to autonomously identify attacks at the earliest stages before they escalate into full-blown incidents.

Once AI/ML models have identified potential threat activity across various attack vectors, organizations face another key challenge—making sense of the frequent alerts and separating critical incidents from the noise. With so many data points and detections generated, applying another layer of AI/ML to correlate and prioritize the most serious alerts that warrant further investigation and response becomes crucial. Alert fatigue is an increasingly critical issue that needs to be solved.

AI can play a pivotal role in this alert triage process by ingesting and analyzing high volumes of security telemetry, fusing insights from multiple detection sources including threat intelligence, and surfacing only the highest fidelity incidents for response. This reduces the burden on human analysts, who would otherwise be inundated with widespread false positives and low-fidelity alerts lacking adequate context to determine the severity and next steps.

Although threat actors have been actively deploying AI to power attacks like DDoS, targeted phishing, and ransomware, the defensive side has lagged in AI adoption. However, this is rapidly changing as security vendors race to develop advanced AI/ML models capable of detecting and blocking these AI-powered threats.

The future for defensive AI lies in deploying specialized small language models tailored to specific attack types and use cases rather than relying on large, generative AI models alone. Large language models, in contrast, show more promise for cybersecurity operations such as automating help desk functions, retrieving standard operating procedures, and assisting human analysts. The heavy lifting of precise threat detection and prevention will be best handled by the highly specialized small AI/ML models.

The Role of Human Expertise

It is crucial to utilize AI/ML alongside process automation to enable rapid remediation and containment of verified threats. At this stage, provisioned with high-confidence incidents, AI systems can kick off automated playbook responses tailored to each specific attack type—blocking malicious IPs [internet protocol], isolating compromised hosts, enforcing adaptive policies, and more. However, human expertise remains integral, validating the AI outputs, applying critical thinking, and overseeing the autonomous response actions to ensure protection without business disruption.

Nuanced understanding is what humans bring to the table. Also, analyzing new and complex malware threats requires creativity and problem-solving skills that may be beyond machines’ reach.

Human expertise is essential in several key areas:

Validation and Contextualization: AI systems, despite their sophistication, can sometimes generate false positives or misinterpret data. Human analysts are needed to validate AI outputs and provide the necessary context that AI might overlook. This ensures that responses are appropriate and proportionate to the actual threat.

Complex Threat Investigation: Some threats are too complex for AI to handle alone. Human experts can delve deeper into these incidents, utilizing their experience and intuition to uncover hidden aspects of the threat that AI might miss. This human insight is critical for understanding the full scope of sophisticated attacks and devising effective countermeasures.

Strategic Decision Making: While AI can handle routine tasks and data processing, strategic decisions about overall security posture and long-term defense strategies require human judgment. Experts can interpret AI-generated insights to make informed decisions about resource allocation, policy changes, and strategic initiatives.

Continuous Improvement: Human analysts contribute to the continuous improvement of AI systems by providing feedback and training data. Their insights help refine AI algorithms, making them more accurate and effective over time. This symbiotic relationship between human expertise and AI ensures that both evolve together to address emerging threats.

Optimized Human-Machine Teaming

Underlying this transition is the need for AI systems that can learn from historical data (supervised learning) and continuously adapt to detect novel attacks through unsupervised/reinforcement learning approaches. Combining these methods will be key to staying ahead of attackers’  evolving AI capabilities.

Overall, AI will be crucial for defenders to scale their detection and response capabilities. Human expertise must remain tightly integrated to investigate complex threats, audit AI system outputs, and guide strategic defensive strategies. An optimized human-machine teaming model is ideal for the future.

As massive volumes of security data accumulate over time, organizations can apply AI analytics to this trove of telemetry to derive insights for proactive threat hunting and the hardening of defenses. Continuously learning from previous incidents allows predictive modeling of new attack patterns. As AI capabilities advance, the role of small and specialized language models tailored to specific security use cases will grow. These models can help further reduce ‘alert fatigue’ by precisely triaging the most essential alerts for human analysis. Autonomous response, powered by AI, can also expand to handle more Tier 1 security tasks.

However, human judgment and critical thinking will remain indispensable, especially for high-severity incidents. Undoubtedly, the future is one of optimized human-machine teaming, where AI handles voluminous data processing and routine tasks, enabling human experts to focus on investigating complex threats and high-level security strategy.

maybe a little bit generic of me, but i adore the dream land four!

magolor and bandee are tied for tippy top favourite, but this whole group just mean everything to me and i am extremely normal about them. after these guys it's probably a very close galacta knight and marx!

king dedede was actually my first ever played exposure to the franchise (through smash multiplayer at a party where i picked him due to Bird) and marx was my first 'character i recognised + played + was obsessed with outside the mains' in star allies so i still consider him my original Little Freak (affectionate)

ask answer for @trainerbob23!

New era is here: I get way grumpier

Persona 3 Girls Week 2024 will be starting next week Monday! Are you excited? 💗✨

As promised, here is the Google Form for off-site users (e.g. Twitter, Instagram, etc.) to submit links to their entries to the masterlist! For more details on how the off-site masterlist will be formatted, check out the form!

https://forms.gle/XW67pF1wgXSKL9wp6

2024 Prompt List ♡ Rules and Guidelines ♡ AO3 Collection ♡ Askbox

@TotallyNotChatNoir: i'm not a magical girl!!!! D:(

@Ladybug: Magical Girl™ is a gender neutral term, chat.

@Ladybug: your a Magical Girl.

@Ladybug: I'M a Magical Girl.

@Ladybug: even *Hawkmoth* on a TECHNICAL Level IS Magical Girl.

@Ladybloger: pfft hawkmoth is a magical girl! It's canon now, @djnino pass it on

@djnino: alya why tf are u awake at 4am we hvae a science test n medeliv's class tmorror

*#Hawkmothisamagicalgirl is now #1 on trending*

alicent haters are wild they'll be like "she's such an ungrateful vindictive hypocritical bitch. why isn't she nicer why didn't she have a spine and stand up for herself when her dad groomed her into being a child bride" like child brides are victims with no autonomy, which often affects how they develop (as they are busy being brides who are children in those crucial developmental years, where they learn things like how to cope with (the) stress (of being a child bride) and feelings of jealousy (over other people not having to suffer through being a child bride) and self hatred (over your body being used without your consent as a child bride)). she isn't capable of being your perfect madonna figure because of the being sold as a child by her father to her best friend's father. as his bride. hope this clears things up!

Fic titled “Red Riding Hood” and it’s just gratuitous smut of Tim riding Jason. Maybe “Red Riding Hood” is the name of an NSFW social media account where they post photos/videos of exactly that and nobody is quite sure whether they are the real Red Robin and Red Hood or just some lookalike cosplayers. They get it on in a variety of adventurous ways and public locations (someone swears they saw them on the rooftop opposite their apartment and the analysis of the skyline in Red Riding Hood’s next sexcapade confirms it) but one thing stays constant: Red Robin rides Red Hood.

imagine being Loki and you're on thin ice playing pretend to fit in on a tyrannical mystery garbage planet until you find a safe way to get rid of the murder-happy ruler who you're very clearly keeping up the bit of having no suspicious connections to the shiny new gladiator that was rounded in and then Thor gets angry about it and immediately gives the lie away by saying you two are brothers.

to me, the question of whether hera would want a body is first and foremost a question of autonomy and ability. she has an internal self-image, i think it's meaningful that the most pivotal moments in her character arc take place in spaces where she can be perceived the way she perceives herself and interact with others in a (relatively) equal and physical capacity, and that's worth considering. but i don't think it's about how she looks, or even who she is - and i think she's the same person either way; she's equally human without a body, and having a body wouldn't make her lived experience as an AI magically disappear - so much as it's about how she would want to live.

like most things with hera, i'm looking at this through a dual lens of disability and transness, both perspectives from which the body - and particularly disconnect from the body - is a concern. the body as the mechanism by which she's able to interact with the world; understanding her physical isolation as a product of her disability, the body as a disability aid. the body as it relates to disability, in constant negotiation. the body as an expression of medical transition, of self-determination, of choice. as a statement of how she wants to be seen, how she wants to navigate the world, and at the same time reckoning with the inevitable gap between an idealized self-image and a lived reality, especially after a long time spent believing that self-image could never be visible to anyone else.

it's critical to me that it should never imply hera's disability is 'fixed' by having a body, only that it enables her to interact with the world in ways she otherwise couldn't. her fears about returning to earth are about safety and ability; the form she exists in dictates the life she's allowed to lead and has allowed people to invade her privacy and make choices for her. dysphoria and disability both contribute to disembodiment - in an increasingly digitized world, the type of alienation that feels like your life can only exist in a virtual space... maybe there's something about the concept of AI embodiment, in particular as it relates to hera, that appeals to me because of what it challenges about what makes a 'real woman.' when it's about perception, about how others see her and how she might observe / be impacted by how she's treated differently, even subconsciously. it's about feeling more present in her life and interfacing with the world. but it's not in itself a becoming; it doesn't change how she's been shaped by her history or who she is as a person.

i think it comes back to the 'big picture' as a central antagonistic force in wolf 359, and how - in that context, in this story - it adds a weight to this hypothetical choice. hera is everywhere, and she's never really anywhere. she's got access to more knowledge than most people could imagine, but it's all theoretical or highly situational; she doesn't have the same life experiences as her peers. she has the capacity to understand that 'big picture' better than most people, but whatever greater portion of the universe she understands is nothing next to infinity and meaningless without connection and context. it's interesting to me that hera is one of the most self-focused and introspective people on the show. her loyalties and decisions are absolute, personal, emotionally driven. she's lonely; she always feels physically away from the others. she misremembers herself sitting at the table with the rest of the crew. she imagines what the ocean is like. there's nothing to say that hera having a body is the only solution for that, but i like what it represents, and i honestly believe it'd make her happier than the alternatives. if there's something to a symbolically narrowed focus that allows for a more solid sense of self... that maybe the way to make something of such a big, big universe is to find a tiny portion of it that's yours and hold onto it tight.

.

7 tips for preventing pernicious password-based breaches - CyberTalk

New Post has been published on https://thedigitalinsider.com/7-tips-for-preventing-pernicious-password-based-breaches-cybertalk/

7 tips for preventing pernicious password-based breaches - CyberTalk

EXECUTIVE SUMMARY:

Remember the infamous 2021 SolarWinds supply chain attack? Cyber criminals were able to coordinate the attack because an intern rendered the password ‘solarwinds123’ publicly accessible via a GitHub repository, in 2018. While this led to an extreme business compromise situation, SolarWinds is not the only organization that’s ever struggled with password management…

World Password Day is celebrated on the first Thursday in May and serves as an annual reminder to reevaluate and upgrade organizational password security.

In fact, research shows that eighty-one percent of corporate data breaches occur due to poor password management — an avoidable problem that can cost an organization as much or more than $4.35 million, which is the average cost of a data breach.

Despite the seeming triviality of passwords, as evidenced by the SolarWinds episode, it can prove exceedingly difficult for organizations to recover – financially and reputationally – from password-based breaches. In this article, brush up on best practices for preventing serious incidents that start with a password.

7 tips for preventing password-based breaches

1. Leverage strong password requirements. Although no password is ever entirely hack-proof, longer passwords are challenging for cyber criminals to guess, decipher or otherwise exploit.

Require a minimum number of password characters, a mix of upper and lower case letters, numbers and special characters. In addition, due to the nature of cyber criminal tactics, consider disallowing the use of dictionary words, common phrases and personal information within passwords.

2. Enable multi-factor authentication (MFA). In the event that a password or multiple passwords are compromised, multi-factor authentication (MFA) provides an extra layer of security. MFA should be applied for all user accounts and critical systems.

One factor in the MFA model is typically a standard password – something that the employee knows. While another factor, like a code received via text, is generally something that the employee has. Biometrics can theoretically represent yet another factor, however, experts advise against widely applying biometric authentication mechanisms for security purposes.

3.“Hashing” and “salting” passwords. These protocols are recommended by the National Institute of Standards and Technology (NIST). In case the terms are unfamiliar, NIST defines a hash as “a function that maps a bit string of arbitrary length to a fixed-length bit string”. In other words, the practice of hashing effectively scrambles the password characters in a way that ensures that a database never exposes a list of plain text passwords to cyber criminals. Salting involves adding supplementary data to passwords ahead of hashing, rendering stored passwords particularly challenging to exploit.

4. Educate and empower employees. Ensure that your organization’s employees are aware of common phishing tactics used to gain passwords. Emphasize that hackers commonly pose as trustworthy parties and/or may send users malicious webpages through which to input credentials. When it comes to employee education, review a variety of plausible scenarios through which cyber criminals may attempt to pinch passwords. Empower employees to protect their credentials.

5. Leverage a lockout mechanisms. NIST suggests locking a user out of password protected accounts in the event that an incorrect password has been input multiple consecutive times. NIST says that no more than 100 login attempts should be permitted. Many organizations opt to lock accounts after three to five incorrect login attempts.

6. Apply the principle of least privilege. Provide employees with the privileges that they require in order to effectively complete job requirements. Avoid providing employees with superfluous permissions. This way, in the event of account compromise, the damage will likely be limited.

7. Respond to suspicious activity. Set up alerts that can provide your team with information about suspicious activities, such as a substantive series of failed login attempts from unfamiliar locations. Ensure that your team investigates and responds to these alerts, as this will help prevent potential breaches.

For more password security insights, please see CyberTalk.org’s past coverage. To receive inspiring cyber security insights, groundbreaking research and emerging threat analyses each week, subscribe to the CyberTalk.org newsletter.

thanks to a very helpful suggestion from a kind commenter, all of my ao3 works are now in one series! so if you'd like to bookmark/subscribe to be able to keep up with what i post on ao3 instead of having to check to see my masterlist update, here you go! i hope this helps for the people who've been looking for easy access of my stuff in one place!

trying to figure out where we're all moving in case tumblr does get nuked in between being like yeah this is the end of my social media era you can reach me by carrier pigeon from now on

Artfight stuff I did this week!

@becachu's Splat

And one more. I got the permission to post it but they don't have a Tumblr so I don't feel like it's fair to post it here. I dunno.

Love how for feminism to be a mainstream thing it has to be a movement that also benefits men, almost as if the mainstream is patriarchal, following that, this so parroted male benefit is antithetical to the work of feminism itself