Author: Lou Covey

Cybersecurity companies underinsured?

Data breaches are a major concern to businesses and governments around the world. So one would think that carrying cyber insurance would be a given. It is not, especially for one particular classification of industry: Cybersecurity.

According to Munich Re, a risk analysis firm, 87% of companies lack coverage. Ransomware payouts doubled to $1.1B in 2023, according to Chainalysis. That’s probably why the cyber insurance industry is booming. The market hit $14B in 2023 and is set to double to $29B by 2027.

Large firms are more likely to carry insurance than small to medium companies (SMCs), even though they are more likely to be targeted by cybercriminals. However, small companies are more likely to carry much larger limits than larger companies.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Preview: Special Issue on NHI

For good or bad, we are in the age of autonomous artificial intelligence systems. They can be categorized as bots, AI, agents, daemons, work flows, digital workers and a dozen others. Some may argue all of that are completely separate things but for the purpose of this article, we will call them all non-human identities (NHI). Their purpose is to eliminate the need for humans to do that same work. The problem is, humans are almost outnumbered by the total of good and bad.

This interview with Mike Towers, chief security and trust officer at Veza previews our coverage of the rise of and issues related to NHI. To read the entire issue, get a subscription today.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Q-Day isn’t as dangerous as our government

The post quantum computing (PQC) industry wants us to believe that Q-day, the day that a quantum computer is right around the corner. It isn’t. But that doesn’t mean what the niche members are working on is worthless. Perhaps the most important task they have is limiting government surveillance of the innocent.

If you don’t already know, Q Day is the day when a quantum computer exists powerful enough to break current military-grade encryption standards. This has been a major disaster predicted by many, not the least being Wired Magazine. Most in the industry claim it will happen in the next decade, if it hasn’t already happened.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here
Read more...

A brief history of bots

Bots have been around for more than half a century to automate repetitive tasks and provide services on early internet platforms. The first was ELIZA, developed as a research project in 1966 at the Massachusetts Institute of Technology (MIT) the goal was to simulate conversations with a human being. ELIZA conversed with users, although it did not understand what the user was saying. Artificial intelligence chatbots are much more sophisticated versions of ELIZA, but still lack human comprehension.

Bots not replacements

The purpose of ELIZA was to determine if computers could replace psychoanalysts. Consequentially, it was the first time the prediction that computer could replace humans had some hard evidence. Today, there are mental-health AI applications with not much better results than ELIZA but projected to have a $8 billion market by 2032.

In 1988, the earliest broad use of bots was Internet Relay Chat (IRC) automating user list management, searches, and providing services like weather updates or game scores. But these were not known as bots at the time. They were called automations and still required a human interface to operate,

Premium Membership Required

You must be a Premium member to access this content.

Join Now

Already a member? Log in here
Read more...

Zero Trust: easy concept, hard to implement

Last week, Dr. Zero Trust, AKA Dr. Chase Cunningham, posted in Linkedin that he was fed up with people who say they don’t understand Zero Trust. To a certain extent, I feel his frustration.
Journalists understand the concept. We have a decades-old saying, “If your mother says she loves you, check it out.” It doesn’t get more zero trust than that.
The problem is that while it’s easy to understand as a concept, it isn’t easy to build a zero trust infrastructure, especially with the misleading gobbledygook most cybersecurity companies put out. Cunningham says there are hundred of books and articles on the subject. He’s right, of course. The question is, which one do you choose?
At the RSAC Conference, We sat down and briefly talked with Dale Hoak, CISO for RegScale, about how easy it is to understand Zero Trust

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Schneier predicts “public” LLMs

ibuted and democratic, according to renowned security technologist, Bruce Schneier, not controlled by corporations. Developments in the past few weeks indicate he may be right.

Speaking at the RSAC Conference in San Francisco last week, Schneier talked of trust and how we give it to people, strangers, organizations, and technology. His description of that process predicted the development of artificial intelligence controlled almost exclusively by the user, rather than the dystopian corporate AI replacing humanity.

Read more...