IR sniping and the transformative function of AI make cybersecurity much more effective—it’s time to find out why. Credit: Palo Alto Networks In today’s rapidly evolving cybersecurity landscape, having a proficient security team in place is not enough. Organizations must understand the nuances of modern risks. The third and fourth episodes of the Unit 42 Threat Vector podcast shed light on two critical aspects: IR sniping and the disruptive role of AI in cyberattacks. These factors revolutionize incident response strategies and prompt organizations to recalibrate their defense mechanisms against increasingly sophisticated threats. These episodes provide invaluable insights for business leaders and emphasize the need for proactive and agile cybersecurity approaches that adapt to the ever-evolving threat landscape. Let’s look at some of the highlights of episodes three and four of the Threat Vector podcast. You can also read highlights from episodes one and two here and subscribe to hear future segments on CyberWire Daily. Episode 3—Mastering IR sniping: A deliberate approach to cybersecurity investigations with Chris Brewer In the third episode of Threat Vector, Chris Brewer, director at Unit 42 and expert in digital forensics with decades of experience, and David Moulton, director of thought leadership for Unit 42, delve into the world of incident response (IR) sniping — a deliberate and targeted methodology that accelerates investigation results, and a gamechanger for cybersecurity. IR sniping follows three main guiding principles: Low card exchange: Every contact leaves a trace. Occam’s razor: The simplest explanation is often the right one. The Alexiou Principle: What questions are you trying to answer?What data do you need to answer those questions?How do you analyze that data? What does that data tell you? IR sniping makes cybersecurity more efficient by answering the questions people care about: What did the attackers take? Are they still in the environment? Where did they go? How did they get in? IR sniping provides better results, faster, and a constant quality control check on your data. By utilizing IR sniping, most investigations can be solved within 72 hours. For further expert insights and strategies to enhance your incident response tactics, tune in to the five-minute interview here: Mastering IR Sniping A Deliberate Approach to Cybersecurity Investigations with Chris Brewer Episode 4—From nation-states to cybercriminals, AI’s influence on attacks with Wendi Whitmore “AI is game-changing in terms of the impact it’s going to have on attacks and then, in particular, the attacker’s ability to move faster.” Wendi Whitmore, SVP of Unit 42, begins Episode 4 of Threat Vector with this sobering statement. Whitmore was an inaugural member of the first cyber safety review board for the U.S. Department of Homeland Security, serves on the industry advisory board for the Duke University Master of Engineering in Cybersecurity, and is a member of the World Economic Forum’s Global Future Council on the Future of Cybersecurity. Whitmore and David Moulton, director of thought leadership for Unit 42, discuss the increasing scale, sophistication, and speed of cyberattacks — and how organizations can stay vigilant in this rapidly changing threat landscape. Examples like Muddled Libra and Scattered Spider and other nation-state actors and cybercriminals emphasize that attackers understand how IT business processes and IT departments work — and so they leverage commonly used apps to glean information from business environments. This information enables them to operate faster and more effectively, especially by employing social engineering tactics. To protect against quicker, more creative, and increasingly larger-scale threats and respond at every stage of the event, businesses must focus on: The speed of their response Automated integration of security tools Operationalized capabilities and processes Organizations must stay vigilant and up to date on current technology to defend against threat actors amidst the rapidly changing threat landscape. To learn more and to listen to the interview, click here: From Nation States to Cybercriminals AI’s Influence on Attacks with Wendi Whitmore To learn more, visit us here. Related content brandpost Sponsored by Palo Alto Networks What executives should know about SOAR SOAR allows organizations to not only quickly respond to cybersecurity attacks, but also observe, understand, and prevent future incidents, thus improving their overall security posture. By https://www.istockphoto.com/photo/stylish-confident-businesswoman-and-businessman-working-on-a-project-man-holds-gm1173740593-326128117?phrase=it+executives&searchscope=image%2Cfilm 24 Jan 2024 5 mins Data Management brandpost Sponsored by Palo Alto Networks Healthcare cybersecurity: Our hospital’s path to better cyber resilience There are robust strategies cybersecurity leaders can use to support the delivery of secure, high-quality, modern healthcare. By Wendy Roodhooft, Security Officer at AZ Vesalius 24 Jan 2024 6 mins Cyberattacks Security brandpost Sponsored by Palo Alto Networks A new era of cybersecurity with AI: Predictions for 2024 The best is yet to come…join us for a vital discussion on how cybersecurity coupled with AI will change the rules of the game. Hard truth? More and more attacks will utilize AI. By Dr. May Wang, CTO of IoT Security, Palo Alto Networks 24 Jan 2024 12 mins Artificial Intelligence brandpost Sponsored by Palo Alto Networks How to minimize remote access cyber security threats in 2024 6 recommendations organizations can follow to develop a more practical approach to maintaining secure control over infrastructure. Learn more today. By Matt Kraning, CTO of Cortex at Palo Alto Networks 22 Jan 2024 6 mins Security PODCASTS VIDEOS RESOURCES EVENTS SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe