AAPL

TSLA

AMZN

News & Insights

Cybersecurity

Managing Organizational Cyber Risk and Modern Security Solutions

October 21, 2024 — 09:30 am EDT

Written by TradeTalks

On Our Radar

With all of the recent advancement in technology, cyberattacks are also evolving, forcing companies to consider how they should prioritize investing in resources that help protect their business. As Alym Rayani, Vice President of Microsoft Security, noted, once an attacker compromises an organization through a phishing email, for example, it takes 72 minutes for them to get sensitive information, including intellectual property. That means a defender has less than two hours to react. In 2023, Microsoft blocked about 70 billion attacks. At the time, Microsoft had 10,000 employees that were focused on security, so that translates to 7 million attacks per employee, or put another way, 58 attacked blocked per minute. To help combat cyberattacks, Microsoft is leaning into artificial intelligence (AI).

"Microsoft's perspective is that generative AI and AI isn't an optional thing for security; it's actually required and mandatory," Rayani said. "If you look at what attackers are doing, it's really necessary for any security program to scale over time."

The role AI plays in cybersecurity is also critical for the healthcare industry and its inherent responsibility to protect sensitive, personal data. Congresswoman Victoria Spartz, Senior Member of the U.S. House Judiciary Committee, stressed the need for the government to build a framework that balances protecting people's privacy while not harming innovation in the space.

This Week's Guest Spotlight

Ben Turner, Founder and CEO, Verituity

With October being Cybersecurity Awareness Month, there’s a heightened focus on data governance. What are some best practices companies should consider implementing?

In my view, there are four principles that data governance best practices should follow. First and foremost, all policies should respect the right of individuals and businesses to control their own identity and payment account information. Secondly, all policies should mandate data encryption, segmentation and quality checks at every stage of the data lifecycle to ensure your data is safe and maintains its quality. Thirdly, data governance should ensure data rights and usage guidelines are clearly defined and transparent for each type of data. Finally, your policies should demand that you use anonymized data to train and “tune” models to protect your customers rights.

How are new technologies, such as AI and machine learning, affecting data governance?

As AI and machine learning models continue to proliferate, data governance frameworks must evolve to support the need for a continuous stream of high-quality data and transparency of data rights including derived data/insights. For example, Verituity utilizes models to mitigate risk and optimize the control of funds for B2B and B2C payments. In addition to the standard security and data privacy policies, our data governance emphasizes policies and processes that:

Enable a real time stream of predictable input data.
Require data quality checks throughout the data lifecycle for all raw data and data compilations.
Establish clear data rights for input data and the derived insights that power our platforms automated decision-making.