Smart threat defense thanks to AI-powered threat intelligence and security awareness training

So
What a title. Great. So over the last days and hours, we have spent so many times with AI leveraging data, getting data before and after, and breach and having all these informations, and knowing that AI is responsible for so many things. But this track is based on leveraging the human factor. So what my pre presenter said is, we have to, don't forget the, the persons, the human factor as it is obviously one of the basics of getting into a bridge, into
Stolen data, into losing money, et cetera. So we all know this, we all, we all are aware of, of all these attacks and all these campaigns and all these methodologies. We know that there are SMS that there are WhatsApps, that there are emails and we don't have to click on it. And we know that everything is around losing data and getting into a company. But we all have to be aware of certain activities that are not maybe on a technical side. Have you been aware of conversation at the bar? Like you get been flirted and attached by whoever, and maybe you are then at the, at the point that you will give them access to your LinkedIn network or whatever. So be aware of everything. And it's obviously really interesting that there are so many, so many things around this that it is important to talk about AI and the person and the human factor. So what is the human factor? Step back, relax, and listen. If there are persons inside a company, and if we are talking about humans working in a company, they will be attacked. Of course sometime you don't know when, but they will be attacked. And if there are criminals who know about this and they have lots of energy in their criminal mind, they will find the weak point.
That's a fact. So what you do, these statistics are known and you know about this. So have you heard about the Equifax Bridge years ago? So this could have been avoided if the employee had have had the right configuration and the right update on his device.
And it is necessary to have your software fixed and up to date. So, and this is not an anomalous case. It is normal, it is revealed that 94% of organizations have experienced insider data breach is in the last year. And the human error being the top cause of serious incidents as now according to 84% of IT leaders have been surveyed on this. So human factors is playing a big role. And is it is misused, misbehavior, misconfiguration. And this is caused by so many things. We have heard about this stress, whatever the workload, and this is most common. And beside misconfigurations, we also have this asset emails and everything that is coming into my daily, daily business. So we have this, we have this on a real base. Have you read this? 45%. This is one of our servers we made. So once you get noticed about the data breach, how many would send, reset their passwords after you have been notified of being breached? It's 45%. It's really 45%. The thing is, and it's really funny, we have done this, this survey on our booth, and all the persons in my age, I'm 54 and older, they said, of course I will reset my password. Yes, it's 95% will do this.
Hmm.
If I get conversation with students, the younger ones, the generation that let's call it, so they say, ah, it's 5% what? 5%? Yeah, it's humans. So there is this discrepancy. The next thing is it is interesting that we all know about password, password rules, second factor and everything like this. We heard about this. How many will reuse their password? Amazon made a survey. 44 millions are reusing their passwords.
Hmm.
And which type of employee inside a company is the most common person who will reuse their password?
Hr
Nope. No, no. It professionals by 50%. The normal users, the normal users, employees, they say, okay, it's by 35%. They're not reusing. So, Hmm. So we have the fact, the human factor, and we have all these AI policies and all these strengthens. So human factor is the most important part in having these speeches. And the, the thing is that we have to talk about this. So it is, it is really common to have this. Have you heard about the clueless factor ever? No. Believe it or not, many people are still in the dark when it comes to online safety. They may not know what the basics about cybersecurity, even if it's common, even if we read about this all the time, then there is the oops factor. Oops, I did it again. Sorry.
People just make mistakes. Yes, of course. Let them make mistakes. Mistakes are important. They do make, they do need to make mistakes. The thing is learn about your mistakes. I have done lots of mistakes in my life. Yes, obviously. So I've done different roads, different jobs. So learn about these mistakes. Do it in your, in your book of experiences as one chapter and learn to not do this failure again. Then we have the fisherman. You heard about the fisherman, all these phishing males, et cetera. Yeah. Okay. Phishing and AI is now becoming the most imposs, most impacting threat. You know about this. All about, I do, I do do not replicate all these statistics, but be aware of the fishermen and something that is the snafu factor. I haven't heard about the software snafu. If there are softwares in place, I would expect that they are hopefully tested enough and well, but there are tons of vulnerabilities on this software. Oh my God. And this is being now confrontated with, with threat actors and threat intelligence means that it is, you have this dogs and cats and the mice and the, the, the race between. So you don't know who is in front and who will be the next one in front. But to know about this is so much important to know that this is a factor and this is a major crime and this is the incident. If you know this, you are one step before changing.
And it is possible. It is possible. We have to talk about it on a daily base, on an hourly base. Education is key. Education in everything is key. So yeah, there are weak and vulnerable passwords maybe. And thinking that I'm not interested enough, my company is not interested enough. It is, no, we are Nitish. No, no, I won't get attacked. No. This lack of awareness brings the threat actor in the position. Okay. I will show you how and I will get there, obviously. And it is based on facts. It is. I repeat myself, it's based on facts. So as my, as Patrick just mentioned, the human factor is key in this. Education is key in this. Education is key in everything. But education in this is key. And create an environment where failures are allowed. Create an environment where cybersecurity is, is key. And there is a position to go and say, look, dear cybersecurity officer, I have a problem, but can you please help me? And making this open space and sharing information, sharing all these statistics, and don't blame people. Blaming is one of the misbehaviors ever. Next thing is, as an organization, you need to know your enemy.
Cyber criminals will get more important. And all these techniques and all their activities are based on environmental behavior. If you still think that there are these activists, these hacking kids, you be, yeah, there are, they are really there. But we are talking about high profitable organizations with hr, marketing, sales, technology, whatever is needed in an environment, in a an organization, you need to know them as they are, as I just mentioned with this race. They are improving their skills. Phishing as a service. Ransomware as a service. DDoS attacks as a service is available, datas are available, access is available. So threat actors can buy internal access, internal access brokerage, like the insider. We talk about the insider. There is a market outside where I as myself can say, I'm annoying about this company. I hate this company. So, but I also have access as an admin to a hmm, Salesforce, here's my data. And believe me or not, it'll take I guess five minutes that I receive my first offer. And this offer is based on reconnaissance of this redact. They know, okay, on a vertical 45, 55 years old, married two children living in a house, maybe he has some doubts, debits on this house. Maybe he is annoying the company. He's not in a well position. Okay, let's make him an offer that he can't deny.
The second thing is, do you know how many of your accounts are already leaked or compromised?
Leaked credentials. Yeah. Okay, I can go on the website and search for leak credentials. Hmm. Give a fuck on that. A compromised account is interested. So someone made his time, spent his time checking the leak credentials by getting how far it can get. And he still then knows, okay, this email is valid, this password might be not valid. But I do know how this password reset will work. I have a phone number that I can make a WhatsApp account and be an IT administrator. Next thing I can research who is, who is this person that I have my credentials on that he made this and maybe he had been on a conference talking to you. Hmm. Some inconvenience conversations by, Hey, you're looking good, let's have a drink, whatever. Hmm. That's too simple. I know we need more creative on this. Yes, but they are creative. Then they have a package of accounts and if they have accounts, they are then an insider and you not, you then have to have endpoint detection systems in place, which are able to have network detection or do you have user behavior, et cetera to, to see this. So if you ever think I'm not important enough, I'm not attractive enough.
No, your enemy, and this is how AI would support this. Yeah, that's a fact. AI will support this. AI based solutions are far behind of this. We using, we are using AI as well. And I have talked to a student, it is now possible that you could have for instance, chat GPT to give me a good form, a good form of an email. The next thing is I could hand this over to another instance for, okay, please collect all relevant email addresses based on, Hmm. And you could then this give over to the next ai run the campaign please. So three AI bots are able to work together and have a concrete scenario. Then will you be able to recognize this? I'm not sure. And then we are in this fact step back, failures are allowed. Have an environment where all these persons are allowed to make failures. Educate them, educate your environment, educate your environment by I, whatever is needed as we are automated, we are fast, we are concrete, we are there. AI is there. So how do we put this thing together that isn't the important thing that is in your mind, I guess with all this question mark. So I have told about everything and now what is the solution? I don't know,
But I know that is, that it is important to take the seed as an threat actor, to take the position as a threat actor, to have a look on your organization as an threat actor. Where are my weak points? Where are my vulnerabilities, my obviously vulnerabilities. Where are some obviously domain squads, whatever is of interest and don't care about whatever is of interest. Everything is of interest. Everything bits and bytes of interest. So what we then, as a company with all these campaigns are, are doing is we combine this, we give you the position of a threat actor. You can look at your organization and you see all these maybe hints or traps or failures or vulnerabilities. And then we simulate an attack and then we put all these things into some campaigns. So we educate you, we try to educate you. We don't say ba blah ba baba. Nope. Education is key. We educate you. I have talked to some of these Kuppinger guys who had been trapped Monday, I guess Tuesday. Tuesday. Hmm. So, so it happens on a reality base. You don't know who is an enemy as far as you had been in contact and shared some details, et cetera. So be careful and be careful as, as always. So there is a good advice advertisement from, from telecom. I guess you all know this telecom, this media advice where all of these persons from online gaming,
XHamster websites are joining your house and saying, Hey, I'm there. Let's go inside your son that come in and protect yourself as you would protect your house. You won't let any person inside your house as far as you don't know him, you won't give him a seat. Maybe you are so kind and give him a seat. Yes. But you will double check. And that is maybe that is the trick. The trick is, it is important to connect both worlds, the AI world with the human factor and be kind. Don't blame, bring this together, do this on a daily base. Training is based on reputation practice. We as a company, we have this same methodologies as well. So I receive on a daily base, tons of not, not tons, but regular mails where my boss asked me to join this conversation on teams. As we have a document we need to clarify and we need to negotiate on this, and this is urgent, please do join this conversation.
Hmm.
Why is my boss asking me to join this conversation via teams as we are maybe two houses away, and we could have this conversation on a call. It's urgent. Why is it urgent to share this document and negotiate on this document? I don't know. And why he's he not asking myself, Ashford, Hey sir, we need to talk about, Hmm, have I done something wrong? Hopefully not. I don't know. So normally my boss won't say, Hey sir.
Hmm,
Train, educate, don't blame, have an environment. My name is a gel from cyber. If you have conversations and questions, join me on the booth. Thank you so much.