Category: CISO

Meet Wendy Holmquist: Cloud Expert of the Month – December 2019

Cloud Girls is honored to have amazingly accomplished, professional women in tech as our members. We take every opportunity to showcase their expertise and accomplishments – promotions, speaking engagements, publications and more. Now, we are excited to shine a spotlight on one of our members each month.

December Cloud Expert of the Month is Wendy Holmquist
Wendy Holmquist has 20+ years of professional experience working in emerging technologies and go-to market sales strategies. Her experience includes time at Adobe, Oracle, Centurylink, and Verizon working with a wide range of customers and strategic alliance partners in both public sector and enterprise. She is able to provide clients with invaluable market knowledge, comprehensive strategies, and effective solutions to transform business initiatives, markets and organizations. She has a broad base of technology expertise in IaaS, PaaS, SaaS, DRaaS, software, AI, data center, security, network, and digital media.

Wendy has just returned from a 10-month sabbatical and is currently working at Splunk managing global systems integrator alliances for State, Local, and Higher Education (SLED) nationally. She is passionate about driving initiatives, personally and professionally, that have meaningful impact on communities and improving the lives of others. Wendy holds an MBA from the University of San Francisco and Bachelor’s of Science degree from California Polytechnic University in San Luis Obispo, California.

When did you join Cloud Girls and why?
I am one of the original Cloud Girls. I was invited to join what was an informal group of women coming together monthly via conference call to discuss cloud technologies in 2012, back when no one really knew what cloud meant. I joined the first Board of Directors and planned our first Cloud Girls off-site retreat in 2014. The first retreat was a game changer for all of us because it allowed us to physically come together as group and map out our mission and vision for the organization.

What do you value about being a Cloud Girl?
I value the friendships that I have made over the years and the unbiased approach to uplifting our unique community of women. I love and live by our mission to not only support each other, but other young women in their technology aspirations.

What is the biggest risk that you’ve taken?
When I started considering taking some time off from my career to recharge and focus on my family and uninterrupted personal development, it felt like it was too big of a risk to consider, professionally and financially. Ultimately, I allowed myself to take the risk. It’s remarkable how much you learn about yourself, your values, and how to be grateful when you take time to breathe and slow down the chaos of our daily lives. In my time off I learned to ensure that everything I do going forward, at home and as a woman in technology, will reflect authenticity and my core values. As I move step into a new role after a 10 month break, I realize that what felt like a big career risk at the time, is actually extremely beneficial to my career, as I can now move forward with more purpose in my job every day.

How do you define success?
Success to me is not only meeting expectations but exceeding them in areas that may not be tangible. When I am working with clients, I try to figure out what the impact of an initiative means to them personally, such as freedom, stress reduction, and/or happiness. A successful project or event is one that impacts people and their lives, and my view of success is always to build towards that ultimate goal.

What are the most exciting opportunities for women in tech?
This is such an extraordinary time for women in technology. As I started to talk to people about my next career move, I found that companies and hiring managers were purposefully looking to add women to their staff to not only add diversity to their teams but to promote women as a new generation of leaders inside technology companies…[…] Read more »…..

 

How Password Reuse Puts Your Enterprise at Risk

You might remember the 2016 LinkedIn data breach disaster when Russian hackers released 117 million breached passwords online.

Just in February 2019, TurboTax maker Intuit locked several users out of their accounts after discovering that an undisclosed number of accounts were hacked. The method used was a credential stuffing attack, which exploited users who had reused a password on multiple accounts.

Instances like these are very common. Data breaches happen every day – it might be happening this very instant.

Why is password reuse a risky business for enterprise owners?

Not trying to sound hyperbolic here, but your customers’ password methods could mean the difference between saving or losing your business to the dark web.

Passwords are the first (and in some cases, the only) defense mechanism that businesses adopt to protect them from attackers.

But herein lies the problem: As employees or enterprise owners, we have the habit of bringing our bad password practices to work. So, when a seemingly irrelevant password from a data breach is leaked online, attackers can use these to access all of your corporate networks.

This was what happened after the LinkedIn data breach case. Hackers got their hands on a password that an employee was using on LinkedIn to access the corporate network’s Dropbox. This led to the exposure of 60 million Dropbox credentials. One reused password was all it took to take down Dropbox.

The consequences of such a breach? Irreparable damage, financial jeopardy, and insurmountable destruction to a brand’s reputation (to name a few).

When it comes to using recycled passwords and how it threatens your enterprise, here are the most important takeaways:

  1. When your customer reuses an already compromised password: Hackers can easily crack open other accounts.
  2. When employees reuse the same password for business and personal accounts: Hackers can breach your entire business network.

Password security is crucial to businesses and it is high time we act on it. We need to change our mindset and find better ways to manage passwords. Here are a few ways to fix the most common password recycling mistakes.

7 remedies for the password reuse epidemic

1. Change default passwords

Sure, default passwords are easy to remember, but they’re a hacker’s go-to for access into accounts. Replace passwords with passphrases, instead! These are usually more difficult to guess, yet easy to remember. To be extra careful, don’t use publicly common phrases, such as popular memes or movie quotes. Use something that only you will know.

2. Do not store passwords in plain text

If you have been storing your business passwords in a spreadsheet, well, don’t. If you’re caught in the ransomware puddle, and that list is exposed, repercussions will be ugly. Paying a ransom will be the least of your problems. The loss of revenue from downtime and customer churn will also take a bite.

3. Do not use easy-to-recognize keystroke patterns

“Zaq12wsxcde3” may seem like a strong password – until you have a closer look at your keyboard. When the pattern is recognizable, it will put your information at risk. Go for a random series of letters and numbers instead.

4. The obvious! Do not reuse passwords

Do not use the same password for two accounts. While this might seem like too much work, you can always opt for password management tools. This will help you securely keep track of your credentials.

5. Adopt a “my passwords are at risk” mentality

Cracking open a business password can be a goldmine for hackers looking to exploit data on a large scale. Therefore, carry the mentality that a hacker may break into your account at any moment. Treat every account as unique and be sure to seal them with complex passwords.

6. Two-factor authentication is a boon

While using long, complex passwords is a good practice, these are not enough for most purposes. That’s where two-factor authentication comes into play. Adding one more step to your login processes, like a fingerprint or iris scanner, can further protect your business from attack.

7. Get creative

Names of celebrities, sports teams or pets are a big “no”. Crooks can easily harvest such information from your social media profiles. A safe way is to use random words and numbers that won’t mean anything.

What else can you do?

Avoiding password reuse is not a robust security plan. Why not? You simply cannot discipline all of your employees, nor can you assure they’re following good password hygiene outside of work. However, there are three things that you can do: […] Read more »

 

 

Watch Out: 7 Digital Disruptions for IT Leaders

Here are seven digital disruptions that you may not see coming.

Be like Apple, not Kodak. Years ago, Kodak was the first to offer digital film. But instead of pursuing the market that would disrupt one it already commanded, Kodak opted to invest in its traditional business by buying a chemical company for its conventional film business. Other companies went on to market digital film. Then came digital cameras and mobile devices with cameras in them. Kodak chose the wrong path.

Apple went down the path of disrupting its own successful product, the iPod MP3 player, to develop and sell the iPhone. It turned out to be the right decision.

Gartner VP, analyst and chief fellow Daryl Plummer recounted these stories in the introduction to his keynote address titled 7 Digital Disruptions You Might Not See Coming at the Gartner IT Symposium recently. So how do you be Apple instead of Kodak?

“It’s really about protecting yourself from what might happen to you,” Plummer said. “Futureproofing yourself means that you are ready for the things that are coming, and even if you don’t know what they are, you can adapt.”

What disruptions may be coming down the pike that you aren’t expecting? Plummer provided a peek into the following 7 digital disruptions that you may not see coming:

1. Emotional experiences

Inexpensive sensors can now track physical biometrics, and organizations are working on providing hyper-personalized digital experiences, according to Gartner. The firm is forecasting that by 2024, AI identification of emotions will influence more than half of the online ads that you see.

This trend will reach beyond marketing to consumers. It could also be used in HR applications and be applied to employee evaluations, for instance.

Gartner recommends that CIOs identify emotional trigger-based opportunities with employees and customers, add emotional states evaluation to 360 Review processes, and mitigate privacy concerns with opt-in for-pay emotion mining.

2. AI decency, trust, and ethics

How do we know that the decisions AI is making are fair when there are many examples of questionable results that exhibit bias? What about fake news and deep fakes? Plummer said that this trend will disrupt trust models, certification of developers, auditing rules, and societal norms for trust. Gartner is predicting that by 2023, a self-regulating association for oversight of AI and machine learning designers will be established in at least four of the G7 countries.

CIOs should prescribe principles that establish an AI trust framework for developers and users.

3. Distributed cloud

Plummer said that in its most basic form, this trend means that the responsibility for cloud will shift entirely to the provider. About 75% of private clouds won’t work out in the long run because the DIY effort won’t be as good as what is available in the public cloud. Openshift, Cloud Foundry, and Azure Stack are taking us along this path to distributed cloud.

The trend will disrupt private cloud, hybrid cloud, data location, and data residency.

CIOs should demand packaged hybrid services, identify latency-sensitive use cases, and request explanation of economics of cloud operations.

4. Democratization of space

While it cost 4% of the entire U.S. budget to put a man on the moon, putting a satellite into orbit now costs just $300,000, Plummer said. That has led to a low space orbit getting mighty crowded with hundreds of satellites. It also raises a host of new questions. What rules apply to data residency in space? What laws apply? What about crime in space? Countries and companies will be competing in space, and the cheaper it gets to launch a satellite, the more crowded it will become.

This trend will disrupt the economics of space-based systems, connectivity, and legal issues.

Technology providers will need to explore LEO (low earth orbit) connectivity options as space-based compute options become real.

5. Augmented humans

People will have technology such as chips and storage embedded in their bodies, and it will drive disruptions such as PC thought control, brain computer interfaces, and mind-link technology.

To prepare, tech providers should enhance disabled access to compute technology using brain computer interfaces and begin the shift from lifestyle to lifeline technologies, according to Gartner…[…] Read more »…..

 

Reducing the Risks Posed by Artificial Intelligence

To thrive in the new era, enterprise security needs to reduce the risks posed by AI and make the most of the opportunities it offers.

Artificial Intelligence (AI) is creating a new frontier in information security. Systems that independently learn, reason and act will increasingly replicate human behavior. Like humans, they will be flawed, but also capable of achieving great things.

AI poses new information risks and makes some existing ones more dangerous. However, it can also be used for good and should become a key part of every organization’s defensive arsenal. Business and information security leaders alike must understand both the risks and opportunities before embracing technologies that will soon become a critically important part of everyday business.

Already, AI is finding its way into many mainstream business use cases. Organizations use variations of AI to support processes in areas including customer service, human resources and bank fraud detection. However, the hype can lead to confusion and skepticism over what AI actually is and what it really means for business and security. It is difficult to separate wishful thinking from reality.

What Are the Information Risks Posed by AI?

As AI systems are adopted by organizations, they will become increasingly critical to day-to-day business operations. Some organizations already have, or will have, business models entirely dependent on AI technology. No matter the function for which an organization uses AI, such systems and the information that supports them have inherent vulnerabilities and are at risk from both accidental and adversarial threats. Compromised AI systems make poor decisions and produce unexpected outcomes.

Simultaneously, organizations are beginning to face sophisticated AI-enabled attacks – which have the potential to compromise information and cause severe business impact at a greater speed and scale than ever before. Taking steps both to secure internal AI systems and defend against external AI-enabled threats will become vitally important in reducing information risk.

While AI systems adopted by organizations present a tempting target, adversarial attackers are also beginning to use AI for their own purposes. AI is a powerful tool that can be used to enhance attack techniques, or even create entirely new ones. Organizations must be ready to adapt their defenses in order to cope with the scale and sophistication of AI-enabled cyber-attacks.

Defensive Opportunities Provided by AI

Security practitioners are always fighting to keep up with the methods used by attackers, and AI systems can provide at least a short-term boost by significantly enhancing a variety of defensive mechanisms. AI can automate numerous tasks, helping understaffed security departments to bridge the specialist skills gap and improve the efficiency of their human practitioners.

Protecting against many existing threats, AI can put defenders a step ahead. However, adversaries are not standing still – as AI-enabled threats become more sophisticated, security practitioners will need to use AI-supported defenses simply to keep up.

The benefit of AI in terms of response to threats is that it can act independently, taking responsive measures without the need for human oversight and at a much greater speed than a human could. Given the presence of malware that can compromise whole systems almost instantaneously, this is a highly valuable capability.

The number of ways in which defensive mechanisms can be significantly enhanced by AI provide grounds for optimism, but as with any new type of technology, it is not a miracle cure. Security practitioners should be aware of the practical challenges involved when deploying defensive AI.

Questions and considerations before deploying defensive AI systems have narrow intelligence and are designed to fulfil one type of task. They require sufficient data and inputs in order to complete that task. One single defensive AI system will not be able to enhance all the defensive mechanisms outlined previously – an organization is likely to adopt multiple systems. Before purchasing and deploying defensive AI, security leaders should consider whether an AI system is required to solve the problem, or whether more conventional options would do a similar or better job.

Questions to ask include:

  • Is the problem bounded? (i.e. can it be addressed with one dataset or type of input, or does it require a high understanding of context, which humans are usually better at providing?)
  • Does the organization have the data required to run and optimize the AI system?

Security leaders also need to consider issues of governance around defensive AI, such as:

  • How do defensive AI systems fit into organizational security governance structures?
  • How can the organization provide security assurance for defensive AI systems?
  • How can defensive AI systems be maintained, backed up, tested and patched?
  • Does the organization have sufficiently skilled people to provide oversight for defensive AI systems?

AI will not replace the need for skilled security practitioners with technical expertise and an intuitive nose for risk. These security practitioners need to balance the need for human oversight with the confidence to allow AI-supported controls to act autonomously and effectively. Such confidence will take time to develop, especially as stories continue to emerge of AI proving unreliable or making poor or unexpected decisions.

AI systems will make mistakes – a beneficial aspect of human oversight is that human practitioners can provide feedback when things go wrong and incorporate it into the AI’s decision-making process. Of course, humans make mistakes too – organizations that adopt defensive AI need to devote time, training and support to help security practitioners learn to work with intelligent systems.

Given time to develop and learn together, the combination of human and artificial intelligence should become a valuable component of an organization’s cyber defenses.

Preparation Begins Now

Computer systems that can independently learn, reason and act herald a new technological era, full of both risk and opportunity…[…] Read more »….

 

Trial Before the Fire: How to Test Your Incident Response Plan to Ensure Consistency and Repeatability

While many organizations go to great lengths to set up effective security operations incident response plans, few proactively test their processes to ascertain how they will work when faced with a real threat.

Fifty-nine percent of incident response (IR) professionals admit that their organizations follow a reactive approach, according to a report from Carbon Black. Essentially, teams assume their processes work reasonably well to address the incident at hand … until they don’t. While organizations must have IR plans in place, it’s even more important that they a) work consistently and b) are updated and improved over time.

Testing incident response processes within the security operations center (SOC) should yield two important results: a clear understanding of whether your plan is likely to work and a list of gaps that should be addressed. There is no point testing them if the findings will play no role in optimizing your processes.

Lessons learned from your tests must be properly documented for them to have real, lasting value for your security operations team. Plus, you don’t want to find out your emergency plans don’t work when disaster strikes. What makes sense on paper or the whiteboard often doesn’t work as planned when put into practice.

Schools run fire drills, so everyone knows what to do when the bells go off. So, why aren’t we applying this logic more broadly in cybersecurity?

What is incident response?

IR refers to the systematic response to and management of events following a cyberattack or data breach. It involves a series of actions and activities aimed at reducing the impact of such an event.

A typical IR plan includes six phases which help the affected organization recover from an incident or simply contain it once it occurs: preparation, identification, containment, eradication, recovery and lessons learned.

When building an effective IR plan, security teams should determine the following:

  • The purpose of the plan.
  • Details on how to use the plan.
  • Your ability to respond to different incident types – including unauthorized access, malicious code, denial of service and inappropriate usage – and whether your information assets would be affected by such events.
  • Event handling protocols for each incident type and how to respond. This should include a checklist of which playbook needs to be triggered in the event of a cyberattack or breach. (A playbook, also known as a runbook, is common to the SOC and defines the flow of activities associated with a specific security issue and subsequent investigation and response. The goal is to build a consistent set of activities followed in every case, no matter the analyst assigned to it.)
  • Your ability to set up a “war room” for critical decision makers to receive and share information across the organization.
Testing the waters

Once you have a clear, documented plan in place, you should periodically test it through simulations to assess effectiveness and make continuous improvements. So, how can you put your processes to the test? Most security operations teams today use three methods:

1)     Paper tests

The most theoretical and likely the first step for security operations teams who don’t have well-documented processes. However, paper tests leave too much room for error and should only be used to look for small process changes.

2)     Tabletop exercises

These scenarios consist of company stakeholders sitting around a, you guessed it, table and running through a mock security event. While these exercises may appear informal, you should prepare well in advance, make sure the right individuals participate from across the organization and that the scenario is as real as possible. Allow for up to half a day to put key processes through their paces and troubleshoot as you go.

3)     Simulated attacks

The most effective way to pressure test your processes is to simulate a real-world attack to see how your organization will respond.[…] Read more »

 

 

 

 

Digital Trust: More than Just a Business Buzzword

Last year, no business conversation was complete without someone using the words “digital transformation.” This year the essential phrase appears to be “digital trust.” But what does digital trust actually mean and how does it affect the cybersecurity landscape?

In simple terms, digital trust can be defined as the confidence people have in an organization’s ability to keep their digital data secure and to handle it with integrity and accountability. Digital trust is seen as critical to the long-term success of enterprises in a connected world.

What does digital trust mean for cybersecurity?

Cybersecurity has evolved around the need to protect data, devices, networks and processes in the digital world. For the industry, digital trust essentially means two things: a need to build trust in a company’s digital operations, and the ability to ensure they can enable digital trust for you.

Building trust

In the beginning, it was all about computer security confined largely to the IT team. As organizations became more digital and began to understand the value of data, protection evolved into information security, with business-literate security teams and Chief Information Security Officers. Now that connectivity is pervasive and embedded, security is all about trust and integrity, and your role is to build and maintain digital trust across the business and to manage risk and mitigate the impact of cyberthreats.

In other words, in today’s ultra-connected world, cybersecurity is no longer simply about protecting hardware and software, but about safeguarding your digital organization and the vast volumes of data it creates.

As a result, the role and responsibility of cybersecurity has changed. Security now sits at the very heart of a customer’s business, and you should trust your vendor.

Building trust in cybersecurity vendors

The journey to being trustworthy is inevitable in an online world increasingly challenged by uncertainty, headline making cyber-attacks and criminal scams. Regardless of the security provider your company chooses, you deserve to know that your important information is in safe hands.

For individual security vendors this requires they be open about products and processes, and being able to provide evidence of their integrity. This means making source and update code, processes etc., accessible for review by others, despite the potential risks. This gives external sources clear visibility, and strengthens trust for the vendor. We see a continuous and growing interest from businesses to learn more about how our security products work and how our data is processed[…] Read more »….

What Indicators Can I Reference to Gauge My Organization’s Security Posture?

Understanding an organization’s security posture will help to create a clear and present representation of what the cybersecurity capabilities of your organization are. Any information security program is evaluated on the integrity, availability, and confidentiality of the data within a designated secured environment. Several indicators can help to gauge where your organization belongs within the risk management structure, which can help to identify your organization’s security posture and what security challenges the business must confront.

Many cybersecurity information risk management programs suggest businesses should adopt the InfoSec security standards and implement cybersecurity as a key driver of business decision making. The scope of InfoSec is wide-ranging, but the aim is to continuously improve your organization’s information security, year after year.

What exactly should you look for? What are the indicators that will help describe your organization’s security posture? The following information will help you determine what your new approach to cyber risk management should be.

Is there a set budget for infosec?

Understanding if there has been a budget allocated for information security helps to identify if an organization is serious about cybersecurity. In-house cybersecurity can work out to be incredibly expensive; hiring highly-skilled, ethical security personnel is not easy. SecOps engineers are highly sought-after personnel and salary expectations are usually very high. The purchasing of software licenses and security hardware appliances is another considerable cost to consider.

Many organizations realize that the OpEx costs can be high, and many choose to outsource to a reputable cybersecurity service provider who can call upon teams of SecOps architects, engineers, and consultants when needed to install, manage, and maintain any purchased security infrastructure service.

Companies need a pragmatic approach for monitoring and assessing their cybersecurity landscape, and a security program that delivers a return on the security investment (ROSI). Security expenditure needs to be justified by successfully completing external audits that validate security processes are in place, such as:

  • Conducting external vulnerability scans
  • Planning for disaster recovery & incident response tests
  • Conducting phishing and social engineering tests
  • Conducting external penetration testing

Without a realistic security budget, there is a significant risk that an organization may fall short on these scenarios. This can lead to significant gaps and weaknesses in your organization’s cybersecurity policy.

The frequency and sophistication of employee training

Cybersecurity training should be made available to all employees. This is a key area to look for, as training is absolutely essential. Cybersecurity is a highly technical industry where relevant, important security information needs to filter down to every single employee. Security training strengthens employee’s knowledge and understanding of cybersecurity risk management putting each employee in the best position to uphold your organization’s cybersecurity policy.

Collaborating with a skilled cybersecurity vendor will ensure training compliance and improve team understanding of the latest risks and trends in cybersecurity, as well as knowing what the best practices are to reduce the risk.

Cybersecurity training in many industries, such as the financial sector, is mandatory and enforceable by the regulator. There are huge benefits of having teams who are aware of the latest cybersecurity trends and able to spot phishing, scam phone calls, malware and virus attachments.

Technical red flags

You may be surprised by the number of issues that are discovered with organizations that are missing even the most basic technical safeguards to protect the integrity, availability, and confidentiality of data. Reviewing the results of your malware scans is not enough, businesses need to be proactive in providing the basic security requirements:

  • Secure Networking – The network is the first line of defense in cybersecurity. Strong network authentication, encryption, restricting public internet traffic, and blocking common ports on the firewall are the first steps to improving security. Furthermore, network analysis and scanning using Intrusion prevention systems, content filters, email scanning tools, and isolating network assets should all be in place
  • Asset Management – It is important to identify all pieces of equipment owned by the business. An asset list will catalog servers, laptops, tablets and any other infrastructure device. Good asset management reduces waste, capital expenditure and above all else acts as a baseline for the support teams who will know what equipment is available and where it is located.
  • Patch Management – A regular patching schedule is the first step to securing software and operating systems. Vendors publish security patches that prevent exposure to the latest software vulnerabilities and exploits
  • Passwords – Securing a network using unique and complex passwords that are enforced company-wide will help to provide an immediate level of protection. Taking this further and testing user accounts and system accounts for weaknesses using penetration testing software such as Nessus or Backtrack will proactively scan for weakness and non-compliance. Processes can be drawn up to harden password policies or maybe offer training to the worse offenders

There are many further technical safeguards that can be implemented, but these basic first steps will help to prevent misconfiguration and backdoors into your environment. Credible cybersecurity providers recommend an annual internal audit and roadmap check-up is performed. This process will review existing technical safeguards, identify weaknesses, and then suggest recommendations based on industry best practice, as well as a roadmap on the best way to implement the changes […] Read more »

 

 

AR and VR: How Immersive Technology Is Bringing Cybersecurity Scenarios to Life

A PwC survey on corporate digital IQs found that there’s a disconnect between the skills and technologies that companies say matter most and what they’re investing in. With the rapid increase in emerging technologies disrupting every industry, enterprise leaders are feeling immense pressure to fill the resulting glaring void with employees who can pick up the skills necessary to implement this technology into everyday enterprise tasks. Aside from finding the right people, companies also need to ensure that proper training is in place. However, it’s no secret that a lack of engagement exists between employees and the less-than-awe-inspiring learning programs in use.

Just as I was finishing my tenure as the CSO of Dell, we introduced “Gamification” into our security and ethics training and noticed an uptick in the engagement it engendered amongst our millennials. Given what had been my 20-year “uphill” battle in the space of awareness training, this offered a welcomed glimmer of hope. Now add to that what augmented reality (AR) and virtual reality (VR) bring to the field and the prospects get even brighter.

When the phrases AR and VR started being tossed around, many of us could not even fathom how these technologies would impact our lives. Fast forward to today, and these technologies are right in the palms of our hands. AR and VR have opened new doors for innovation and created a more immersive user experience, especially for IT and security teams. While perhaps not the earliest adopters of these technologies, companies are beginning to use AR and VR to their advantage when it comes to providing cybersecurity training to their employees.

How exactly does AR training work? First, let’s break down what AR is in a broader sense. AR allows the user to see the real world with virtual objects superimposed or composited with their reality. Essentially, users can interact with on-screen digital objects within the scope of the physical world they see on a daily basis. Now imagine the use of AR in a corporate training environment. Not only does AR provide employees with a more interactive platform, but one that can be customized to accommodate unique learning needs.

For companies with a multigenerational workforce, this creates a profound opportunity to present their employees with training that is both more relevant and realistic. This is extremely valuable in high-touch industries like the cybersecurity sector, where the skills gap is already an area of concern. With AR, a new employee could be sitting at their desk and have a training system present various cyber threat scenarios through AR glasses, prompting them to identify the issue and solve the problem. It is interactive programs like this that will help employees remain more engaged in their training and generate better results overall.

And it doesn’t stop there. Companies like Inspired eLearning have made it their mission to provide training around security, cybersecurity and compliance with the help of VR. Called Security First Solutions, their product takes data from a multitude of tests and simulations to deliver an immersive training program on the latest and most popular cyber threats like phishing and SMiShing, all behind a VR headset. What’s more, immersive technology is also opening the eyes of young minds and showing them what a career in cybersecurity could entail […] Read more »….

.

Meet Michelle Hyde: Cloud Expert of the Month – October 2019

Cloud Girls is honored to have amazingly accomplished, professional women in tech as our members. We take every opportunity to showcase their expertise and accomplishments – promotions, speaking engagements, publications and more. Now, we are excited to shine a spotlight on one of our members each month.

October Cloud Expert of the Month is Michelle Hyde
Michelle Hyde, president and founder of Hyde Group, has been serving Pacific Northwest enterprises with excellence for more than 20 years. Her history of applying the right technology at the right time to critical business issues that clients face has propelled the Hyde Group’s success and advanced its reputation as a true client advocate. Hyde Group has a passion for finding solutions to client challenges during their digital transformation through teamwork and enablement of scalable solutions in cloud, SaaS and emerging technologies. Hyde currently serves on the Advisory Council for Cloud Girls and is a past member of its Board of Directors.

When did you join Cloud Girls and why?
I joined Cloud Girls right at the formation of the association in Jan of 2012 and helped with the formation of our monthly endeavor.  I then joined the board in Jan 2013 as the Operations Chair role until Jan 2018, and then took the Finance Chair and moved into the role of Advisory Council member after that in Jan 2019 where I still serve.  It was an exciting endeavor to be part of the founding members of what would become a true premier organization; creating vision, structure, process and growth over the years.

What do you value about being a Cloud Girl?
The Cloud Girls organization is a true point of pride for me, not just being a part of its foundation, but being aligned with such amazing women that have become sincere friends, endearing colleagues and so many that have guided and influenced me over the years.  I can honestly say that I would not be as far in my career or with such success without the aid of the women in this organization.

What is the biggest risk that you’ve taken?
The biggest career risk I have taken is certainly starting my own consulting firm 3 months after having a second child and right after my 39th birthday.  I chock it up to the fact my hormones were not all there postpartum, and having the mindset of “what could possibly go wrong here?”  Starting a business, a tangent from what I was doing at the time, thinking I knew more than I did, and simply wanting success and autonomy in my world seemed to be the right mix.  I did all that I could to establish myself and created an amazingly supportive network around me that wanted me to also have success.  There are certainly days and weeks over the last 10 years I have had to throw elbows around to get my voice heard or my point across, but I would not change a thing.  Now that nearly 10 years have passed, I am getting pretty comfortable in my skin and am ready to take it to the next level and start looking at greater risks to take!

What is the best professional/business book you’ve read and why?
With my drive to get to the next level in my business, I am reading a book called ‘Scale – 7 Proven Principles to Grow Your Business and Get Your Life Back’, and although I have listened to it on Audible, I have to get the book because the worksheets are essential here.  I am examining merging with 2 other companies and this book will directly pertain to us.  It identifies where we are at in the 3 stages, and the 7 principles of getting through the next stage(s) for a successful small business growth trajectory.  There are other books I am reading right now too, Getting Things Done by David Allen and Power Trips, by a friend of mine, Norman Rawlings and How to Train A Wild Elephant and Other Adventures in Mindfulness, by Jan Chozen Bays MD.  There is no shortage of things I want to read – my nightstand is stacked a foot high with desired reads […] Read more »…..

 

What’s the Real Role of AI and ML in Cybersecurity?

Artificial intelligence (AI) and machine learning (ML) are being heralded as a way to solve a wide range of problems in different industries and applications, such as reducing street traffic, improving online shopping, making life easier with voice-activated digital assistants, and more.

The cybersecurity industry is no different. However, we need to be careful of the “hype” around AI and ML. And there is a lot of hype out there! A simple Google search of the term “artificial intelligence” yields about 630 million results, and AI continues to dominate the headlines and has even made its way into mainstream TV advertising. However, the cybersecurity industry needs to set the record straight – contrary to popular belief, AI and ML will not solve all of our problems.

The industry needs to separate what is real from what is simply hype when it comes to AI/ML in cybersecurity. In particular, a key issue that enterprises need to be aware of is that AI/ML cannot do causation – meaning that AI/ML is not able to tell you why something happened. Understanding why is a key component of cybersecurity, especially as it relates to security incident investigations and analysis.

Judea Pearl, an early pioneer in the field of AI and one of its leading experts, discusses the problems with AI in his latest book, “The Book of Why: The New Science of Cause and Effect.” He argues that the AI permeating the tech industry today has been handicapped by an incomplete understanding of what intelligence really is. Pearl explains how the hyper-focus on probabilistic associations has led us to simply evolve into more advanced applications of the same simple reasoning that AI was doing in the early 1980s.

This problem is at the core of why AI is still not solving enough real problems for cybersecurity. Based on how AI is often marketed, many in the industry assume that AI-powered cybersecurity technology can simply replace humans. And while its ability to ingest and process vast amounts of information is important, AI’s lack of causal reasoning is why human intelligence – especially from experienced security analysts and incident responders – is still critical. Highly-trained security teams play an important role in detecting, identifying and protecting against a wide range of cybersecurity threats – and will continue to do so for a long time.

Other experts agree that misconceptions exist around AI. In a July 2018 article in Elsevier, Dr. Gary Marcus, a Professor of Psychology and Neural Science at New York University, and former CEO of the machine learning startup Geometric Intelligence (acquired by Uber in 2017) stated: “I think the biggest misconception around AI is that people think we’re close to it. We’re not anywhere near that…Humans can be super flexible – they can learn something in one context and apply it in another. Machines can’t do that.”

However, there are some important benefits of AI/ML, including its ability to correlate vast amounts of data from a variety of sources. This level of correlation is important for informing security teams about the incidents that they are investigating and making teams more educated and efficient at processing analytics. For example, AI/ML can provide details on potential incidents using anomaly detection and clustering. It can also assist with risk scoring of incidents needing investigation. This data can be used to better inform humans who are working to make decisions about security incidents. But AI/ML cannot make the decision for you […] Read more »….