A lot has happened since the 2008 financial crisis and credit crunch, including a significant increase in cloud app adoption in financial services and a rise in cyber attacks targeting those apps. To keep the financial sector safe and secure, the EU introduced new rules. Initially, these regulations focused on ensuring banks had enough capital to handle financial problems. However, as cyberattacks became a bigger threat, the EU recognised the need for additional measures.

In the ever-evolving landscape of AI, maintaining compliance standards and ensuring secure usage of generative AI applications remains an important priority for enterprises. Across the globe, regulatory frameworks like the European Union’s AI Act have been established to ensure that AI systems are developed and deployed in a manner that prioritizes safety, transparency, ethics, and fundamental rights.

This blog is part of the ongoing “I&O Perspectives” series, which features insights from industry experts about the impact of current threats, networking, and other cybersecurity trends.

As businesses increasingly rely on digital infrastructures, the threats that aim to exploit these technologies also evolve. It’s no longer just about safeguarding against unauthorized access; it’s about understanding and mitigating the complex risks introduced by AI and machine learning—topics I’ve often discussed, emphasizing the need for an advanced cybersecurity strategy that evolves as quickly as the technologies it aims to protect.

A recently discovered advanced persistent threat (APT) provides a particularly meaningful example of how multiple cloud services can be combined inside the same attack chain to add layers of sophistication and evasion. CloudSorcerer is the name that researchers at Kaspersky have coined to describe an advanced threat actor targeting Russian government entities.

In the age of generative AI, data security is a key concern for organizations to manage. In my previous blog post, I dug into how modern SSE technology helps to better secure genAI. The recently published ebook Securing GenAI for Dummies offers further clarity on strategies organizations can use when it comes to securing and enabling genAI apps. With that in mind, we’ve compiled 10 essential questions to keep in mind as you assess your data security, along with how Netskope can help address them.

The number 42 has gained legendary status in popular culture, largely due to Douglas Adams’ science fiction series, The Hitchhiker’s Guide to the Galaxy. In this series, a group of hyper-intelligent beings build a supercomputer named Deep Thought to calculate the “Answer to the Ultimate Question of Life, the Universe, and Everything”. After much contemplation, Deep Thought reveals the answer to be simply “42”.

Since its mainstream emergence in 2022, generative AI has triggered a seismic shift in data management and security. It is estimated that one in four employees now uses genAI apps daily, often unbeknownst to their employer and IT team. This raises concerns, as genAI is designed with a voracious appetite for consuming both mundane and sensitive data. Effectively securing your data as genAI becomes prevalent is a strategic imperative.

CISOs today intersect with all facets of the business, whether that be liaising with network teams to manage performance, or balancing the costs of IT operations to avoid isolation from core business functions. Successful CISOs navigate these intersections by adopting proactive strategies in order to transition from a back-office role and become recognised as valued strategic partners within their organisations.

Businesses manage a series of balancing acts every day—between innovation and reliability, for instance, investment or profit, speed or security. Each leader contributes to how decisions are weighed and made, and traditionally CISOs have been expected to operate at one end of that scale, as the chief protector of the business.