AI nightmare on Bank Street
Welcome to the second installment of ‘Journey to Trustworthy AI’. Here, we continue our exploration of AI security, an area that’s changing at an unprecedented pace. In our first article, we outlined our project testing generative AI with security red team. We could hardly have imagined how quickly fiction would confront a real-world adversary. The…
Behind the AI Curtain: A Journey Toward Trustworthy Artificial Intelligence
Upon gaining access to a top-tier generative Artificial Intelligence (AI) system, I found myself surprised by the revelations I encountered. For those unfamiliar, generative AI encompasses technologies such as GPT-4, the most recent AI system that powers notable chatbots like ChatGPT, Google Bard, Cohere, and DALL-E. Along with my colleagues from Zove Security, I was…
Continue Reading Behind the AI Curtain: A Journey Toward Trustworthy Artificial Intelligence
Honor among thieves or Set an example?
The Dark Angels ransomware group recently secured a record $75 million ransom payment from an undisclosed victim, surpassing the previous record of $40 million paid by insurance giant CNA Financial in 2021. In contrast, Seattle Public Library is suffering from a month’s long attack, and ostensibly not paying a ransom. I wonder who will get…
Google and Wiz – Synergies of a collapsed deal
In the summer of 2023, I wrote an opinion on potential deals in cloud security. The scenario I proposed to a group of investors was Google’s acquisition of Wiz. Here are my curated excerpts on the synergies of the deal. While Google Cloud has made significant strides in security and privacy, it still faces challenges…
Continue Reading Google and Wiz – Synergies of a collapsed deal
AKSHAY’S UNCERTAINTY PRINCIPLE: OBSERVING SOME METRICS CHANGES THEM
Ok, now to get to the point. Leaders are often asked to produce several performance metrics or revenue metrics. Some of these metrics are simple and straightforward Key Performance Indicators (KPIs). KPIs can include net revenue, profit, # of new customers or in our case customer satisfaction numbers. The problem with metrics crops up when we need to measure a property and no mechanism exists to measure it quickly or the metric is not representative of the property being measured.
Continue Reading AKSHAY’S UNCERTAINTY PRINCIPLE: OBSERVING SOME METRICS CHANGES THEM
Avoiding the Security Bottleneck
Digital transformation is the use of digital technology in solving traditional problems where transformation occurs by means of digital innovation, resulting in new solutions. By its nature, it causes constant disruption to new and existing business models, products, services, or experiences enabled by data and technology across the enterprise. The ensuing continuous demand for new…
Navigating the Security Landscape of Blockchains: Understanding Risks and Opportunities
An analysis of the blockchain security landscape by Akshay Aggarwal, CEO of Zove Security, with examples from fintech, banking, insurance, and retail industries. Our experience and insights into the foundational issues, risk factors, and promising use cases associated with blockchain technology. As the blockchain industry continues to grow, with market projections reaching around $20 billion…
Scaled Programs to Secure Connected Systems and Products
Executive Summary What is the cumulative cybersecurity risk of an organization’s connected systems and products (CSP)? Does everyone agree the company is addressing the right risks at the right time? Do all partners understand their roles in responding to security issues? CSP are driving industry growth across every sector of the market due to their…
Continue Reading Scaled Programs to Secure Connected Systems and Products
Skimmer’s Delight: Countering the Rise of ATM Hacks
I spend a lot of thinking about how money is changing. To be specific, I’m curious and concerned about the security of our digital money. Along with my team, I’ve found flaws in BitCoin and compromised chip-enabled EMV card readers. But what I’m writing about today isn’t the ways you’ll be attacked in the future…
Continue Reading Skimmer’s Delight: Countering the Rise of ATM Hacks
IS THREAT MODELING RIGHT FOR YOU?
Several enterprises are increasingly investing time and money in building application security tasks into their existing SDLCs. Some of them have also reached the conclusion that proactive approaches , like threat modeling, have more ROI than reactive approaches. As a result, some enterprises with nascent appsec programs have turned to threat modeling as a panacea…
Rethinking DevOps as DevSecOps
If you’re not already thinking right now that your DevOps teams should be run like a DevSecOps team, you may already be in a world of hurt. Time to wake up! As the adoption of APIs continues to grow, so do the risks to organizations that don’t actively test the security of their solutions.