3 Interesting Articles

AI will replace humans in cybersecurity. Our new job will be to protect it
Fortune: The rising influence of artificial intelligence (AI) in cybersecurity hints at a transition where AI might soon oversee primary defense mechanisms. With the AI software market expected to soar to $64 billion by 2024, and the acute scarcity of cybersecurity personnel (69 for every 100 job openings), AI’s assistance is crucial. However, this shift is causing an identity crisis among cybersecurity experts who have traditionally been the sole protectors. For now, while AI can automate routine processes and manage daily threats, human expertise is still required for high-stakes decisions and exceptional cases. Yet, as AI’s capabilities grow, the human role will pivot from instructing AI to safeguarding it from potential AI-targeted threats and ensuring it operates on high-quality data.

Damage Control: Addressing Reputational Harm After a Data Breach
Information Week: Data breaches carry substantial costs, including direct expenses and the more intangible reputational damage. The degree of reputational harm hinges on the nature of the data compromised, the organization’s sector, and the breach’s magnitude. Quantifying brand damage is intricate, but changes in stakeholder sentiment can be tracked through periodic brand research. A holistic crisis management plan, merging both technical and communication strategies, is vital. Effective post-breach communication is crucial, and errors like prematurely commenting or shifting blame can intensify brand harm. To ensure long-term brand restoration, organizations should undergo breach post-mortems, ideally with external perspectives, to improve their response tactics and enhance security defenses.

Uber’s Ex-CISO Appeals Conviction Over 2016 Data Breach
Dark Reading: Former Uber CISO Joseph Sullivan’s conviction regarding a 2016 data breach has been challenged, with his lawyers contending it endangers the use of bug bounty programs by corporations. Sullivan’s defense team views the conviction as based on shaky grounds concerning his responsibilities during his tenure at Uber. The heart of the matter is a $100,000 payment Sullivan authorized to two hackers, which he described as a bug bounty — a common practice where companies reward individuals for pointing out security vulnerabilities. However, prosecutors see this payment as a cover-up of the breach. Many in the industry perceive the treatment of CISOs like Sullivan as scapegoats for broader corporate security failures. The appeal process is ongoing, with a decision expected in 2024.

2 Stats You Should Know

Nearly half of cybersecurity leaders will change jobs by 2025, 25% for different roles entirely, due to work-related stress.(source)

A recent survey shows that only 28% of IT Directors are extremely confident they have the right people in place to execute an effective approach to risk management. (source)

1 More Thing

A little humor for #CyberSecurityAwarenessMonth (source)

We’ve patched the vulnerability that you reported