Why the Biggest Breaches Still Come Down to the Basics | Nicole Perlroth at Black Hat

At Black Hat last year, Garrett Hamilton asked Nicole Perlroth what she wanted the next five years of security to look like.

She didn't give the optimistic answer. She said she was genuinely terrified. Zero-day exploitation at scale, fully automated. Attackers turning AI into infrastructure of their own.

A year isn't five. But it's enough to check the tape.

Within weeks of that conversation, a state-sponsored group hijacked an AI coding tool to run most of a cyber-espionage operation with limited human direction. It found and exploited weaknesses faster than any human team could. The five-year fear was already operational.

The more instructive thing she said was that most breaches still come down to fundamentals, not novel technique. That has held too.

When Microsoft disclosed the Storm-2949 campaign last month, there was no malware involved at all. The attackers took a single compromised identity and moved through tokens and permissions the environment already trusted. A cloud-wide breach built entirely on access that was broader than it should have been.

AI has not opened a new door into the enterprise. It has collapsed the time between the moment a control drifts from its intended state and the moment that drift becomes a breach.

The optimism Nicole allowed herself rested on the same point: getting the fundamentals right, continuously, is still what decides this. The work is less about adding tools than about verifying that the controls already in place are doing what they were bought to do.

What are security leaders like yourself saying about drift?

Read here → https://bit.ly/43lvJBY

#ai #cybersecurity #configurationdrift