The 2024 RSA Conference has officially wrapped, and this year’s event served as the perfect backdrop for us to make our re-introduction to the industry.

This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts.

Just when you think bad actors cannot sink any lower, they find a way to. In a recent chilling evolution of ransomware tactics, attackers are now also targeting the families of corporate executives to force compliance and payment. Mandiant's Chief Technology Officer, Charles Carmakal, highlighted this disturbing trend at RSA last week: criminals engaging in SIM swapping attacks against executives' children.

Everywhere we look, organizations are harnessing the power of large language models (LLMs) to develop cutting-edge AI applications like chatbots, virtual assistants, and more. Yet even amidst the fast pace of innovation, it’s crucial for security teams and developers to take a moment to ensure that proper safeguards are in place to protect company and customer data.

Cybercriminals are notoriously tricky to pin down. They are experts in obfuscation and misdirection, masters of avoiding consequences. Not since the early days of the Wild West have criminals managed to evade capture and maintain anonymity as effectively as modern cybercriminals do. Part of the reason for these staggeringly low conviction rates is that we usually have little idea of what country an attacker is in.

As AI adoptions become increasingly integral to all aspects of society worldwide, there is a heightened global race to establish artificial intelligence governance frameworks that ensure their safe, private, and ethical use. Nations and regions are actively developing policies and guidelines to manage AI’s expansive influence and mitigate associated risks. This global effort reflects a recognition of the profound impact that AI has on everything from consumer rights to national security.

Threat actors have responded to better protections in the operating system and improved endpoint detection and response (EDR) capabilities by moving down the stack to find entry points with full visibility and privileges into the stack above.

System hardening is the process of configuring a system to a more secure state. Many technology solutions are not securely configured by default, so system administrators must harden systems while retaining their desired functionality. Thankfully, system administrators do not have to figure out system hardening on their own. Instead, they can reference security benchmarks which describe recommended secure configurations for a system.