In this episode of the SecurityANGLE, our cybersecurity-focused series, I’m joined by Matt Radolec, VP of Incident Response, Cloud Operations, & SE EU at Varonis, for a conversation about navigating the security risks posed by generative AI and thoughts on how organizations can adopt AI but also manage to mitigate risk at the same time.


Varonis hosted one of its Data First Forum events a few weeks ago, which featured over 1,100 registrants and CISOs sharing lessons and insights on all things generative AI.



It was interesting to see that while 67% of organizations reported increasing their investments in generative AI, only about one-fifth of organizations shared they feel their organizations are prepared for the risk that comes along with gen AI, which tracks with our research on this topic as well.



And that is precisely why Matt and I wanted to discuss navigating security risks posed by generative AI in this episode, since it's obviously a very hot topic.



In this discussion, we explored:



- Some of the key risks CISOs are worried about associated with deploying gen AI tools.

- The challenges and concerns especially from a security standpoint, that the Varonis team is hearing from CISOs as it relates to generative AI.

- How business leaders are determining business use cases that provide the greatest potential for organizations and the role of IT teams in that process.

- What a solid game plan looks like for deploying and maintaining copilots safely.

- Thoughts on practices for securing gen AI tools like copilot

We closed the show with some tips and tricks that Radolec recommends for safely deploying gen AI to your enterprise security tech stack.



Hope you’ll join us for what was a fantastic discussion.

This episode of the SecurityANGLE features host Shelly Kramer, managing director and principal analyst at theCUBE Research, and Jo Peterson, analyst, engineer, and member of theCUBE Collective community of independent analysts and Teradata CISO Billy Spears for a conversation exploring data warehouse security strategies.

Today, the average size of a modern data warehouse is over 100 terabytes. For comparison purposes, Walmart achieved the first 1 terabyte data warehouse in 1991.

Data warehouses store data from a variety of sources, including customer information, product information, employee-related personnel information, sales records, and invoices. They are designed to support decision-making through data collection, consolidation, analytics, and research.

We’ve seen the data warehouse evolve into variations: data lakehouse, data cube, data silo, and even a data swamp. And what all of these repositories have in common besides data is the need for security, which is exactly why we're excited to have Billy Spears as our guest today.

Billy is on the CNBC Tech Executive Council, he's a venture advisor for Avenir, a product advisory board member for Palo Alto Networks, a cybersecurity board advisor for Cyvatar — and all this advisory work is work he does in addition to his role as CISO at Teradata.

Our conversation today covered:

- Security concerns that arise when building a data warehouse

- Best practices for data warehouse security

- The impact of concepts like applying the principle of least privilege and Zero Trust Network Access

- How utilizing AI can help as it relates to security and access control in a data warehouse environment.

- Balancing the risk while also utilizing cost-effective ways to protect different categories of data in accordance with the varying degrees of protection required by each.

Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by fellow analyst and frequent co-host Jo Peterson on the SecurityANGLE podcast for a conversation about deception technology, a strategy designed to attract cybercriminals away from an enterprise’s true assess and divert them to a decoy or trap, is gaining traction today.

The deception tech decoy mimics legitimate servers, applications, and data so that the criminal is tricked into believing that they have infiltrated and gained access to the enterprise's most important assets when, in reality, they have not. The strategy is employed to minimize damage and protect an organization's true assets. By populating the network with decoys, the onus is on adversaries to carry out an attack nearly perfectly flawlessly, without falling for any of the decoys and traps laid for them. Once a security team is alerted to their presence, they can analyze the behavior of the cyber attackers and use that intelligence to thwart their efforts.

We explored some of the vendors providing deception tech solutions, which include: Acalvio, Fortinet, Zscaler, Smokescreen, SentinelOne, Rapid7, Morphisec, and Cynet Systems.

There are myriad benefits to incorporating deception technology solutions into your security tech stack, so hang around for the conversation and learn more.