What SOC tools miss at 2:13 AM: Gen AI attack chains exploit telemetry lag-Part 1

Sunday at 2:13 and the worst nightmares of SOC teams are preparing to come true.

The attackers on the other side of the planet begin a full-scale attack on the company’s infrastructure. Thanks to the numerous open endpoints that have not seen an update since 2022, they flew in less than a minute.

The abstracts, the ability of a nation-state team, are after the active folder to close the entire network when creating new admin level benefits that will be locked to close them. Meanwhile, other members of the attack team are the leashization of bots to collect products and financial information through an API that is never disabled after the release of customer, employee and financial information.

In SOC, warnings begin to illuminate consoles as the latest Grand Theft Auto in Nintendo. SOC analysts are attached to their mobile phones trying to sleep a six-day week of another six-day week, which lasted about 70 hours.

Ciso receives a call at 2:35 o’clock from the company’s MDR provider at 2:35. “This is not a nervous accounting team, this?” Office space “Trying guy is not again, is he?” Ciso asks semi-awake. The MDR team does not have a device, it comes from Asia and is great.

CyberSecurity’s future storm: Gen AI, Insider threats and ciso burnout rose

Generative AI creates a digital diaspora of Rogue’s attackers, who studied in cyber armies in Cyberwar. Insider threats are also increasing, the work is accelerated with insecurity and growing inflation. All these difficulties and more are the burning of cison’s shoulders and is not more surprisingly, it is not more surprising.

The EU’s meteoric rise for controversial and legal use is in the center of this. To reduce the risks, the most important benefit from AI to develop Kyberecurity is to push to achieve the mission of risks management.

This is not an easy task since the safety of AI is developing very quickly. In Belly last Information on security and risk managementThe analyst was addressed to how the leaders responded to the GEN AI. They found that 56% Organizations are already placing genes AI solutions, however 40% Security leaders accept significant gaps in the ability to manage the risks of AI effectively.

Gener AI is most placed infrasTructure security, here 18% where the enterprises work fully and 27% Today, Gen AI based systems are actively implementing. Second, security operations, where 17% Extensive AI based systems of enterprises are used. Information security is the third most popular use 15% Enterprises using Gen AI-based systems to protect data storage systems and information lakes in clouds, hybrids and anywhere.

Insider threats require a gen-first response

GEN AI, Today, completely ranked the internal threat of every case More autonomous, insidious and c threatenHAYLINGING TO DELIVER. Shadow ai No CISO is a danger that imagined the danger of the danger, which will be available five years ago and is now one of these porous threatening surfaces.

“I see it every week” Vineet Arora, CTO Have a snackHe recently told Venturebeat. “The departments jump on unauthorized AI solutions, because immediately benefits are very attractive to ignore.” Arora shows that employees are not intentionally harmful. “When ensuring that employees effectively use AI technologies, it is very important for organizations that determine solid security strategies,” Arora explains. “Total bans often use AI, only grow the risks.”

“We see 50 new AI apps a day and have already held more than 12,000 catalogs,” said ITamar Golan, CEO and co-founder Emergency SafetyDuring the last interview with venturebeat. “About 40% of these standards can be part of your allied property, which means, for training on any information that you feed.”

Detection models based on traditional rules are no longer enough. Leading security teams are aimed at the Gen AI-based behavioral analysts, which will determine the dynamic bases of employees who can identify anomalies in real time and contain risks and potential threats.

VendorsAmbulance security, including Proof point insider threatening management, and Hero, The next generation of AI-generation AI-generated AI-generation AI-generated AI-generation AI-generation, which works in real time in real time, is updated quickly with aspored engines. Microsoft Purview Insider Risk Management High-risk behavior along hybrid workforces also places the following generation of AI models to repent.

Outcome – part 1

SOC teams are in a race against time, especially if their systems are not connected to each other, and more than 10,000 signals are not synchronized in one day. The planet will be difficult to participate in a attack on 2:19 by one of the two: 19. Cruelty in the delicate regulation of the trader with a wide Ai, it is necessary to be smarter on the more businesses, more enterprises, more of the existing systems.

Push Kibersecurity vendors to convey the maximum value of systems installed in SOC. Take the integration properly and do not slide chairs on the SOC layer to check the integrity of warning from one system to another. Know that an intervention is not a lying alarm. The attackers show a remarkable ability to fly quickly. SOCs have been time and companies that trust them did the same.