Tag Archive for: Providers

What’s Holding Managed Security Service Providers Back?

/in


As CEO of Logpoint, Jesper is an expert on business and cybersecurity innovation.

Managed security service providers (MSSPs) enable organizations to outsource their security operations cost-effectively. Rather than devoting spend to building and maintaining an in-house security operations center (SOC), organizations can obtain such services from the MSSP and benefit from their scalability and expertise.

However, to obtain their business, MSSPs must compete effectively by delivering real-time managed detection and response SOC services. All indications are that they are currently struggling to do that.

We conducted a survey of MSSPs and found that 65% thought their SOC operations might be losing time due to inefficient processes, creating an increased risk to their customers through slower incident response times. Some SOCs were not integrated with other technologies, for instance, and only 25% were using automated playbooks or procedures for alert response—meaning the vast majority were manually reviewing their system alerts.

Consequently, over half (57%) said the gap between mean time to detect (MTTD) and mean time to respond (MTTR) was below expectations. It’s a gap being widened by SOC operations failing to automatically feed threat intelligence to security solutions such as endpoint detection and response (EDR), firewalls and user management—delaying detection and response further. Moreover, a third of those questioned (35%) said they did not have the best processes or tools for building detection patterns, preventing them from identifying emerging threats.

Forward-Thinking

There is a clear understanding of where MSSPs are today versus where they want to be, with most stating they intend to create new services over the next 12 to 24 months—including EDR, network detection and response (NDR), managed computer security incident response team (CSIRT), security orchestration and response (SOAR), managed detection and response (MDR), and SOC for small and medium-sized businesses. In order to roll out such services, MSSPs need to reassess their business processes now and explore how they can implement automation and orchestration.

Automation sees technology used…

Source…

Everyone wants to make AI chips, UK antitrust hawks eye cloud providers, and MGM rebuffs ransom demand

/in


Generative artificial intelligence continued to dominate the news this week as Anthropic reportedly is raising an additional $2 billion from Google and others, and reports indicated that gen AI partners OpenAI and Microsoft are each looking to design their own AI chips during a severe shortage of graphics processing units from Nvidia.

Meanwhile, U.K. antitrust authorities zeroed in on cloud computing providers, in particular Amazon Web Services and Microsoft. On this side of the pond, the Justice Department’s antitrust case against Google plodded ahead, though some have doubts about the Federal Trade Commission’s similarly sweeping case against Amazon.

On the cybersecurity front, MGM Resorts International declined to pay a ransom following a costly attack that took out its systems, a contrast to Caesar’s Entertainment’s decision to pay $30 million after an attack last month.

Finally, chipmaking giant Intel keeps spinning things out, this time its programmable-chip business, to shore up its finances.

Hear more about this and other news in theCUBE Pod, John Furrier’s and Dave Vellante’s weekly podcast, out now on YouTube. And don’t miss Vellante’s weekly Breaking Analysis, coming Saturday, in which he will dig into how higher interest rates may depress tech spending for longer than many people may assume.

So here’s the news we reported this week:

AI everywhere

It appears Google isn’t out of the Anthropic AIverse yet: Anthropic seeks huge investment from Google just days after Amazon invested billions It’s quite a bit behind OpenAI on revenue apparently, but its enterprise focus and seemingly more open partnership strategy would seem to bode well.

Billions of dollars burning a hole in OpenAI’s pocket? Maybe, but they gotta get more compute somewhere: Report: OpenAI could develop custom AI chips

And late-breaking Friday, Microsoft also may do its own AI chip.

More fun with more realistic weird images: Microsoft integrates OpenAI’s DALL-E 3 into Bing for enhanced image creation

And just a whole heck of a lot of new gen AI-powered business applications — but aren’t they all today?:

Dell enhances its generative AI hardware and software portfolio…

Source…

Cyber attacks against health providers on the rise: Trustwave, IBM

/in


2. ChatGPT, other large language models will make certain attacks harder to identify.

Generative artificial intelligence is the capability of algorithms to automatically generate content from user queries such as text, video and images. It’s also a potential threat to data security, according to the Spiderlabs report.  

While many companies have already begun investing in their own models, there were initial fears large language models would begin writing malicious code. That threat hasn’t yet fully materialized because the models require someone ro first understand how to code before the models produce malicious results, Sigler said.

But Sigler said AI is making it harder for employees to identify phishing scams or malicious emails. 

“When you have an AI engine that speaks that language natively, and understands exactly what you’re trying to say, that becomes a lot more compelling,” Sigler said. “Those red flags, those grammatical errors, those spelling errors tend to disappear.”

The report also said healthcare systems may face an increased risk of exposure due to their reliance on third-party vendors that may incorporate generative AI into their products. 

3. Healthcare lacks accurate inventory of devices.

The increased number of connected devices in healthcare further amplifies the vulnerability of the industry’s infrastructure, the report’s authors said. Devices ranging from an employee’s cell phone to medical equipment are all at risk. 

Sigler said many providers don’t have an accurate inventory of connected devices.  

“I see that as the biggest problem,” Sigler said. “Having a current, proper and ongoingly updated inventory of what you have, and how valuable they are to your organization…is going to help you prioritize the security controls you’ve put in place.”

Once an organization has an accurate inventory, Sigler said organizations should prioritize issuing a value to each area of data. Clinical data, for example, would likely have more controls and greater value within an organization than website analytics or marketing email lists.

“I think a lot of people just put the cart in front of the horse,” Sigler said. “They start setting up…

Source…

Empowering MSSPs and MDR Service Providers to Control the Chaos Caused by Advanced, Highly Evasive Malware

/in


Source…