In today’s episode of Smarter Everything I will be once again talking with Jason Keirstead, VP of Security Strategy for Simbian and former Distinguished Engineer from IBM Security.

Last time Jason and I spoke a bit about the three legged stool of security technology, especially in the context of AI. We also discussed why securing generative AI is such a problem and reviewed a few real world examples. Today we will continue our discussion and look into how threat actors are using AI and how AI can be used to improve cybersecurity.

As cyber criminals, crime syndicates, and threat actors pummel the internet with malware, phishing attacks, and various malicious campaigns, the need for organizations to understand these attacks and learn how to detect and prevent them has grown exponentially over the past 10 years. No longer can organizations wait for and trust some random blog post about an attack to learn what they should do or not do. They need accurate, verifiable, and actionable intelligence that is created and delivered in cyber relevant time.

In today’s episode of Smarter Everything I will be talking with Jon Baker, the co-founder of MITRE Engenuity and its Center for Threat-Informed Defense.

The Center is a research and development organization where Jon partners with sophisticated cybersecurity teams to systematically create practical resources that help all organizations improve their defenses. Jon has extensive experience leading research teams and collaborating with industry to advance cybersecurity capabilities globally.

He has done amazing work leading several key programs, departments, and initiatives at MITRE, for example he led MITRE’s Cyber Threat Intelligence and Adversary Emulation Department and oversaw the work on CALDERA and MITRE ATT&CK®. He also led MITRE’s team in the early development of the OASIS STIX and TAXII standards while supporting the Department of Homeland Security. In addition he led MITRE’s security automation team through the development of SCAP, he managed the CVE team, and was a co-creator of OVAL, a standard language for describing and checking for the presence of misconfigurations, vulnerabilities, and other endpoint artifacts.

As anyone who was able to recently attend BlackHat can attest, right now it seems like it is impossible to talk about cybersecurity without hearing someone bring up AI - but it also seems like everyone means something different when they talk about AI and Security. Not only is it hard to unpack hype from reality, it is seemingly hard to even agree on what reality we are talking about.

In today’s episode of Smarter Everything™ I will be talking with Jason Keirstead, VP of Security Strategy for Simbian. Jason is a former Distinguished Engineer from IBM Security and an expert in threat management, as well as a passionate believer in open security, working in many different open-source and open-standards bodies over the years including OASIS Open, the Open Source Security Foundation, the MITRE Center for Threat Informed Defense, FIRST.org, and more.

Jason is now at Simbian, working to accelerate cybersecurity using Generative AI. We are going to spend some time today trying to deconstruct generative AI and cybersecurity, determine what you should be concerned about, and identify some actions that any organization should be taking right now in order to keep up with the rapid changes in this space.

Today on Smarter Everything™ I will once again be talking with Dr Saurabh Shintre, an expert in advanced AI solutions. In our last few episodes we and I talked a lot about AI, where it is going, and the risks around it. Today we will be focused on the international stage and what is going on with laws and regulations.

Today I will once again be talking with Dr Saurabh Shintre, a leader in advanced AI solutions. In our last two episodes Saurabh and I have been talking about where AI is going and how far it has come and the impacts for the enterprise. Today we will be talking about the various risks, problems, and hacks against AI systems and the overall risk for data privacy and intellectual property theft.

In the world of cyber security, teams of specialized and highly trained individuals work together in what is called a Security Operations Center or SOC. These teams are often on the frontlines of a never ending battle with threat actors and intrusion sets that are trying to pillage, exfiltrate, and destroy computer networks, systems, and data around the world. But this cat and mouse game or mack-a-mole game is hard to win or even gain some sort of an advantage.

It seems like everyday we hear of another company or organization that has fallen victim to the onslaught. It seems like no one is safe.

In today’s episode of Smarter Everything I will be talking with Vaughan Shanks, the founder and CEO of Cydarm. A company that is trying to help the Security Operations Center be more efficient and solve everyday problems in cyber relevant time.

Over the past several years, cyber threat intelligence or CTI along with threat hunting has become a mainstay in most organizations. However, for a long time CTI has been nothing more than just the sharing of indicators of compromise or IOCs. Basically the IP addresses and file names or hashes for known attacks.

Then with the creation of STIX and TAXII, MITRE ATT&CK, and the pyramid of pain the industry has begun to talk about higher order concepts like the techniques, tactics, and procedures or TTPs of a threat actor. These TTPs help defenders understand more about how a threat actor or intrusion set is actually doing what they are doing. The idea being that simple indicators like IP addresses and file hashes are simple to change, but TTPs are really difficult to change.

But now there is a new effort from the US Cybersecurity and Infrastructure Security Agency or CISA and Johns Hopkins University’s Applied Physics Laboratory to start using Indicators of Behavior.

Today on Smarter Everything™ I will be talking with Charlie Frick, a Chief Scientist from Johns Hopkins University’s Applied Physics Laboratory. Charlie has led many key initiatives and research efforts around cybersecurity, threat intelligence sharing, and cybersecurity automation for over 2 decades. He is also leading the effort around Indicators of Behavior for US Critical Infrastructure.

Today I will once again be talking with Dr Saurabh Shintre, a leader in advanced AI solutions. In our last episode we talked about the changes to AI over the past 12 months and where AI is going. Saurabh also broke down what an AI model is and how it actually works. Today we will continue our discussion and focus a bit more on the privacy issues and security considerations, especially for the enterprise.