When ChatGPT debuted in November 2022, it ushered in new points of view and sentiments around AI adoption. Workers from nearly every industry started to reimagine how they could accomplish daily tasks and execute their work — and the cybersecurity industry was no exception. Like shadow IT, new rogue AI tools — meaning AI tools that employees are adopting unbeknownst to the organization they work for — can pose security risks to your organization.

The efficiency, security, and scalability of cloud operations are driving financial institutions’ adoption of the technology faster than ever before. The ability to meet customers where they want to transact, personalize solutions, and leverage new data and analytics solutions (including AI) on-demand is driving this growth. In fact, according to Accenture, the banking industry's workloads in the cloud more than doubled from 2021 to 2022.

In the second part of our breaking down the Elastic Global Threat Report series, we’re focusing on the credential access tactic, which was the third-most common category of behavior we observed. Roughly 10% of all techniques we saw involved one form of credential theft or another and dissecting this class of behaviors is helpful both to improve our understanding of threats and to better understand enterprise risks.

According to reporting by several cybersecurity publications the 3CX Desktop Application has been exploited in a supply chain attack. The 3CX client is a popular VOIP and messaging application used by over 600,000 companies. From the article on Bleeping computer This supply chain attack, dubbed ‘SmoothOperator’ by SentinelOne, starts when the MSI installer is downloaded from 3CX’s website or an update is pushed to an already installed desktop application.

Elastic Security 8.7 helps security practitioners eliminate alert fatigue, reduce MTTR, and better secure cloud environments through integrated SIEM, cloud security, and endpoint security. This release includes the following new features that bring efficacy and efficiency to the modern security operations center (SOC): Security operations centers use SIEM, EDR, and cloud security solutions to detect malicious activity by analyzing their security-related events and information. . .

In cybersecurity as in sports, teamwork makes the dream work. In a world where security analysts can feel constantly bombarded by threat actors, banding together to share information and strategies is increasingly important. Over the last few years, security operations center (SOC) analysts started sharing open source Sigma rules to create and share detections that help them level the playing field.

Cloud environments, in all their dynamic complexity, demand careful monitoring by DevOps and security teams. But the sheer abundance of telemetry data associated with the thousands of resources, users, and roles that comprise these environments can make monitoring a formidable task, causing security risks and other issues to be all too easily overlooked.

Data’s role in business processes continues to evolve. Today, organizations collect, store, process, and transmit more personal data than ever before, and legislative bodies respond by updating privacy laws. In 2016, Turkey passed the first iteration of its Personal Data Protection Law number 6698 (PDPL), which also established the Kişisel Verileri Koruma Kurumu (KVKK), the country’s data protection authority.

Due to economic pressures, staffing reductions, and lack of available talent, CISOs today are facing extreme pressure to do more with less. And retaining your best employees during tough times is becoming a major challenge across industries. Research at Devo shows SOC analysts are feeling stressed over too much work and not enough resources. In fact, more than 71% of SOC professionals we surveyed said they’re likely to quit their job because of information overload and lack of tools.