Blue Report highlights four ‘impossible trade-offs’ security teams make with threat exposure management
SAN FRANCISCO, Aug. 10, 2023 /PRNewswire/ — Picus Security, the pioneer of Breach and Attack Simulation (BAS) technology, has released The Blue Report 2023. Based on an analysis of more than 14 million cyber attacks simulated by The PicusPlatform*, the report highlights four ‘impossible trade-offs’ limiting modern security teams’ ability to manage their organization’s threat exposure.
“Like a short blanket that covers either someone’s head or feet, not both, security teams can only dedicate their time, money, and resources to so many problems at once,” said Picus Co-founder and VP of Picus Labs, Dr Suleyman Ozarslan. “They deploy their budgets and resources to cover one exposed spot, but this leaves other areas out in the cold. The Blue Report shines a light on these impossible trade-offs and how they hinder organizations’ readiness to defend themselves against the latest threats.”
According to the report, security teams make four trade-offs in deciding:
Which attacks to prioritize
Picus’ Blue Report data shows that, on average, organizations’ security controls (such as next-gen firewalls and intrusion prevention solutions) only prevent 6 out of every 10 attacks. However, some attack types are prevented far more effectively than others. For instance, organizations can prevent 73% of malware downloads but only 18% of data exfiltration attacks.
Organizations also prevent complex, multi-stage attacks less than half the time. This is particularly concerning given the findings of The Red Report 2023, a previous research study by Picus, which found that over a third of malware samples exhibit 20 or more attacker tactics, techniques and procedures (TTPs).
The Blue Report also reveals wide variations in organizations’ ability to prevent specific threats. For example, over a third of organizations can prevent Black Basta and BianLian ransomware attacks but only 17% can prevent Mount Locker. This is despite Mount Locker’s emergence in 2021 before the other two malware attacks.
Which vulnerabilities to remediate
The Blue Report also reveals the limitations of security teams’ approach to managing common vulnerabilities and exposures (CVEs). Analysis of the simulated attacks shows that the list of top 10 CVEs to which they remain most exposed includes mainly critical and high risk vulnerabilities as well as CVEs that have been known for years. Some CVEs discovered in 2019 remain a threat to more than 80% of organizations.
Whether to optimize prevention or detection controls
Generally speaking, the better an organization is at preventing threats, the weaker it is at detecting them, and vice versa. For instance, globally healthcare is the least effective sector at preventing attacks but is twice as successful as the average organization when it comes to detecting them. North American organizations are almost twice as successful at preventing attacks as they are at triggering alerts to detect attacks in progress.
What to log and alert on
Organizations leveraging security event and incident management (SIEM) solutions also face decisions about how much to invest in attack detection. In most cases, organizations routinely prioritize logging over alerting but do neither very well. Simulation data shows that, on average, organizations log 4 out of 10 attacks but only generate alerts for 2 in 10 attacks.
“Since preventing and detecting every threat is practically impossible, security teams will always have to prioritize some aspects of security more than others,” said Dr Ozarslan. “Fortunately, there is an approach that can help them improve their performance. By adopting a more unified approach that incorporates insights from attack simulations combined with attack surface and vulnerability data, security teams can allocate resources efficiently and effectively to address their most critical exposures. As a result, they can simultaneously improve their ability to prevent and detect attacks, rather than making trade-offs between them, and sleep better at night.”
Picus Security will discuss the findings of The Blue Report at Black Hat USA 2023 in Las Vegas on August 9th and 10th. Visit booth #2700 to learn more and discover the benefits of using attack simulations to reduce threat exposure.
* Picus Labs analyzed over 14 million attack simulations executed by The Picus Complete Security Validation Platform between January and June 2023.
About Picus Security
Picus Security helps security teams of all sizes to continuously validate and enhance organizations’ cyber resilience. Our Complete Security Validation Platform simulates real-world threats to automatically evaluate the effectiveness of security controls, identify high-risk attack paths to critical assets, and optimize threat prevention and detection capabilities.
As the pioneer of Breach and Attack Simulation, we specialize in supplying the actionable insights our customers need to be threat-centric and proactive.
Picus has been named a ‘Cool Vendor’ by Gartner and is recognized by Frost & Sullivan as a leader in the BAS market.
Frost Radar™:: Breach and Attack Simulation 2022, Frost & Sullivan
View original content:https://www.prnewswire.co.uk/news-releases/picus-security-analysis-of-14m-attack-simulations-reveals-organizations-only-prevent-6-out-of-every-10-attacks-301897942.html
ComplyCube Unveils No-ID Age Estimation to Address Growing Global Age-Restriction Regulations
SAN FRANCISCO, Oct. 2, 2023 /PRNewswire/ — ComplyCube, the global Identity Verification (IDV) platform, has launched a new Age Estimation feature to safeguard minors online and protect the vulnerable. The new capability complements its existing IDV-based Age Verification solution, offering an alternative to businesses that require a lower level of identity assurance.
The AI company says the new solution leverages advanced biometric technology to derive dependable age estimations from a single selfie in seconds. The bias-tested algorithm also examines the selfie for liveness signals to prevent presentation attacks, including screen replays, 3D masks, and deepfakes.
Furthermore, the new service boasts privacy-by-design capabilities, such as configurable automatic redaction for selfies customizable per jurisdictional regulations or use cases. This makes the service ideal for seamless age-gating across the globe while adding an extra layer of protection against spoofing.
“Our multi-step pipeline and data-centric approach have enabled us to tackle ethnic, genetic, age, and gender variance to provide our clients with a fair and robust age estimation,” explains Harry Varatharasan, Chief Data Scientist of ComplyCube.
The introduction of the new features comes as concerns mount over the ease with which minors can access inappropriate digital content. While some age-verification measures have been put in place, they are disturbingly simple to evade, especially when they are based solely on entering a birth date or are vulnerable to Virtual Private Network (VPN) manipulation. A UK-based study reports that 23% of minors say they can easily sidestep such VPN limitations, while another study highlights that a staggering 56% of children aged 11 to 16 have encountered explicit material online.
In response to these growing concerns, various jurisdictions are introducing robust regulatory frameworks aimed at mandating more rigorous age-verification procedures to enhance the safety of minors online. Key legislative efforts include the UK’s Online Safety Bill, the European Union’s Digital Services Act, and California’s Age-Appropriate Design Code Act. These laws aim to establish stricter guidelines and obligations for digital platforms, thereby creating a safer online environment for younger users.
Dr. Tarek Nechma, CEO of ComplyCube, adds that “the launch of our Age Estimation feature emphasizes our pledge to ensure that minors are shielded from content beyond their years while streamlining user experience for all and building trust at scale.”
Beyond its primary goal of safeguarding children online, the feature provides additional benefits to companies operating in regulated industries that fall under a lower level of scrutiny than financial institutions. Dating apps, e-commerce, gambling, gaming, and similar businesses can now:
Enhance User Experience: Age estimation streamlines age checks, promoting faster onboarding and better retention.Simplify Regulatory Adherence: Industries can effortlessly meet age-specific regulations, safeguarding their reputation and reducing legal risks.Ensure Data Minimization and Privacy: Estimating age masks or limits sensitive data collection, aligning with top-tier data protection standards.ComplyCube’s new Age Estimation solution offers a more streamlined approach to age verification. By reducing obstacles for users and enhancing conversion rates, it brings a balance of efficiency and trust. The one-stop-shop IDV platform also underscores its commitment to responsible digital interactions, especially when it comes to safeguarding minors.
ComplyCube is a top-tier SaaS platform specializing in Identity Verification (IDV), Anti-Money Laundering (AML), and Know Your Customer (KYC) compliance. It serves a diverse client range spanning financial services, telecommunications, transport, healthcare, e-commerce, cryptocurrency, FinTech, and more.
ComplyCube’s platform, which is ISO-certified and has received multiple awards, prides itself on offering the quickest omnichannel integration available in the market. Its Low/No-Code solutions, API, Mobile SDKs, Client Libraries, and CRM Integrations make this possible.
Visit www.complycube.com to learn more.
Video – https://www.youtube.com/watch?v=dOKN9J0TlaoLogo – https://mma.prnewswire.com/media/2148485/4318020/ComplyCube_Logo.jpg
View original content:https://www.prnewswire.co.uk/news-releases/complycube-unveils-no-id-age-estimation-to-address-growing-global-age-restriction-regulations-301944842.html
UNLEASH World Returns to Showcase Fortune 500 Companies Transforming the Future of Work
From startups to the Fortune 500, the event will showcase the leaders and technologies changing the world of workSpeakers include senior HR and business leaders such as L’Oréal Deputy CEO, Barbara Lavernos, JB Academy Founder, Josh Bersin, Spotify CHRO, Katarina Berg, and Sodexo CHRO, Annick de Vanssay, as well as England Rugby legend, Jonny Wilkinson CBEImagine a future where the boundaries of HR are redefined, and business is transformed. That future becomes a reality this year at UNLEASH World 2023, as 5000+ HR leaders from 100+ countries will arrive for the industry gathering of the yearLONDON, Oct. 2, 2023 /PRNewswire/ — UNLEASH, the fastest-growing HR events across Europe and the US, returns to Paris for its 11th year on 17-18 October, 2023. Organised by UNLEASH, a global digital media and events business dedicated to HR, technology, learning and recruitment leaders, the flagship UNLEASH World conference has been the epicentre for HR, recruitment, learning expertise and tech influence for the last decade. This year, it returns to explore the transformative power of technologies such as AI in shaping the future of work.
Set across 12 theaters, UNLEASH World attendees will hear from visionary keynote speakers including CEOs from L’Oréal, Aliaxis and Roullier Group, CHROs from Airbus, Spotify and Sodexo, and Rugby legends, Jonny Wilkinson, CBE and Serge Betsen. With a diverse range of keynote speakers, interactive sessions, and networking opportunities, UNLEASH World provides cutting-edge insights and best practices for everyone – from CEOs to HR leaders and executives.
“UNLEASH is the most influential HR event in the world, where attendees are given the opportunity to meet the who’s who of the industry from some of the most exciting brands and employers in the world – under one roof, over two days of face-to-face meetings,” said Marc Coleman, CEO and Founder at UNLEASH. “Massive thanks too to our Headline Sponsors who are the heartbeat of the HR Industry and help ensure UNLEASH is the go-to global event for HR Leaders, including: AWS, Bob, Deloitte, Eightfold, Phenom, Qualtrics, SAP SuccessFactors, Visier, Workday, and Workhuman”.
Through keynotes on the main stage and further breakout stages, attendees will gain on some of the most pressing topics including:
Creating an Exponential Organization in the Modern EraThe Adaptive Enterprise – HR Technology in the Age of AITech & Human Harmony in a Hyper-Connected WorldHarnessing the Power of Resilience and ReinventionMastering Employee Connection and the Social Contract in Today’s Talent LandscapeThe speaker roster itself is star-studded with 200+ of the best in the HR industry with speakers including:
Jean-Claude Le Grand, CHRO, L’OréalKatarina Berg, CHRO, SpotifyJosh Bersin, Founder & CEO, The Josh Bersin CompanyNatalia Wallenberg, CHRO, Ahold DelhaizeSalim Ismail, Founder, OpenExOAnika Grant, CPO, UbisoftThierry Baril, CHRO, AirbusBeatriz Rodriguez, Chief Talent and DEIB Officer, BayerReza Moussavian, VP of People Products, ZalandoMaud Alvarez-Pereyre, Chief People & Transformation Officer, LVMHAndrew Elston, Global Head, Workforce Strategy Enablement, HSBCLaura Hingel, Global Head of Talent & Employer Branding, Christian DiorHenrik Hansen, VP Global Head of Integrated People Services, PhilipsDenise King, Vice President, Global Benefits and Payroll, MedtronicArtur Nejmark, Head of HRIS Operations, Volvo GroupIntroducing the UNLEASH World Startup Program: A veritable launchpad for trailblazing entrepreneurs in the HR and Future of Work. UNLEASH has been the launchpad for the future of HR Tech, this high-impact platform has already seen its network of startups raise an astounding €10 billion in funding. 2023 UNLEASH World Startup Award offers an unparalleled opportunity for early-stage companies to break through. Established in 2011, this accolade has proven to be more than just a trophy; it’s a gateway to funding and exponential growth. Our last four champions and runner-up’s secured game-changing funding within months. Those interested in entering the award can find out more here.
For more information, including the agenda and how to register for the event, visit https://www.unleash.ai/unleashworld.
UNLEASH is the go-to marketplace for human resources and breakthrough technologies that shape the future of work, and is an essential source of news, analysis and market trends that inspire and empower organisational leaders worldwide. UNLEASH is a platform to share ideas that work, network and do business, and its mission is to be the world’s number one destination and marketplace for human resources, recruitment and learning leaders globally. UNLEASH is headquartered in London, UK with operations across Europe and the United States.
View original content:https://www.prnewswire.co.uk/news-releases/unleash-world-returns-to-showcase-fortune-500-companies-transforming-the-future-of-work-301944735.html
BACARDÍ® RUM TO LAUNCH THE FIRST A.I. POWERED ALBUM PRODUCED BY GRAMMY WINNER BOI-1DA
The latest evolution of the iconic rum brand’s Music Liberates Music programme will use cutting-edge generative A.I. software to give a global collective of artists including UK singer/songwriter Bellah access to Boi-1da’s best-in-class production talent.
HAMILTON, Bermuda, Oct. 2, 2023 /PRNewswire/ — Continuing its mission to support emerging talent, BACARDÍ and Grammy Award-winning producer Boi-1da are once again partnering to launch this year’s evolution of the longstanding ‘Music Liberates Music’ programme: The A.I. Powered Album. Dropping this November, The A.I. Powered Album will champion works by five global up-and-coming artists in a one-of-a-kind project exploring how A.I. can be positively leveraged to provide emerging talent unprecedented opportunities. For the first time since the campaign’s inception, each artist will have the opportunity to try out multiple demos with Boi-1da’s star-powered beats, using a generative A.I. trained on the award-winning producer’s sound, to ultimately finalise one incredible track. Together, the tracks will be offered to fans as the first-ever A.I. powered EP produced by Boi-1da.
The A.I. Powered Album will feature tracks from UK-based singer Bellah as well as Ghanian-raised rapper Blackway, American R&B singers Floyd Fuji and Kyle Dion, and Canadian R&B artist Savannah Ré. Over several weeks, each artist will feed their tracks into a state-of-the-art generative A.I. tool, which has been trained on a selection of beats from Boi-1da’s unreleased catalogue and will learn the sounds and cadence of his unique musical style. After submitting their demos to Boi-1da, each artist will work alongside him to refine their works, resulting in the EP’s final set of songs to be released this November.
Bellah, from North London, has a special knack for gliding over classic R&B instrumentals and captivating audiences. With a handful of EPs under her belt, the burgeoning British/Nigerian singer/songwriter has proven why she is at the forefront of the UK R&B industry. In her third and most recent piece, Adultsville, Bellah explores what it means to evolve into a woman in the modern world. It’s the inner page of a journal that, in looking back on her life and work as a whole, she describes as the “most transforming, traumatic, eye-opening, beautiful, and awful chapter of my life.”
With a style that combines traditional R&B with an Afro influence, Bellah’s very likable and sincere lyricism shines just as brightly as her voice. Her British-Nigerian ancestry lends an Afro influence to that unfiltered R&B, a sound that has been praised by Complex and BBC 1Xtra, which named her first hit their Track Of The Week. As a rising star in the music and entertainment industry, she’s already garnered a MOBO nomination, cementing her status as one of the most promising talents in the UK music scene. With over 1 million monthly listeners on Spotify, Bellah has captivated a wide audience with her music.
As with each Music Liberates Music programme, all proceeds from the project will directly benefit the participating artists. All copyright and subsequent revenue from the tracks will remain with the artists and Boi-1da. Fans can enjoy The A.I. Powered Album available for purchase as a limited-edition vinyl as well as for free on streaming platforms, such as Spotify, this November.
“This is the fifth year we’re bringing Music Liberates Music back for artists and fans alike. We’re proud to continually support emerging talent with new resources that fuel creativity and collaboration,” said Laila Mignoni, Global Head of Brand Marketing Communications for BACARDÍ rum. “Ultimately, our goal is to provide opportunity and access to rising artists in the industry, so it’s been exciting to broaden Boi-1da’s capabilities, allowing him to work with multiple artists on multiple tracks, simultaneously as one producer. We know the conversation around AI has been a challenging one, so approaching this project with the utmost respect and protection for the artist was key in developing this new tool. The technology is, and always should be, complementary to each artist’s work and protective of all the creatives involved.”
“I’m thrilled to work with BACARDÍ on this ground-breaking new iteration of Music Liberates Music exploring AI as a tool to enrich human creativity,” says Boi-1da. “One of the most fulfilling responsibilities I have as a producer is to work with up-and-coming talent. Through the A.I. Powered Album, we’ve provided unprecedented access to my personal production style. I’m able to work with an international collective of artists simultaneously, while still honouring their creative autonomy. Music as an art has continually grown thanks to innovative technology, and with AI, I believe we can revolutionise the music industry for good if we view it as a way to provide opportunities that enhance music’s human element, rather than replace it.”
For more information and updates on the launch of The A.I. Powered Album follow @bacardi_uk on all social channels or visit Bacardi.com.
About BACARDÍ® Rum – The World’s Most Awarded Rum In 1862, in the city of Santiago de Cuba, founder Don Facundo Bacardi Massó revolutionized the spirits industry when he created a light-bodied rum with a particularly smooth taste – BACARDÍ. The unique taste of BACARDÍ rum inspired cocktail pioneers to invent some of the world’s most famous recipes including the BACARDÍ Mojito, the BACARDÍ Daiquiri, the BACARDÍ Cuba Libre, the BACARDÍ Piña Colada and the BACARDÍ El Presidente. BACARDÍ rum is the world’s most awarded spirit, with more than 1,000 awards for quality, taste and innovation. Today, BACARDÍ rum is made mainly in Puerto Rico where it is crafted to ensure the taste remains the same today as it did when it was first blended in 1862. http://www.BACARDÍ.com/
The BACARDÍ brand is part of the portfolio of Bacardi Limited, headquartered in Hamilton, Bermuda. Bacardi Limited refers to the Bacardi group of companies, including Bacardi International Limited.
LIVE PASSIONATELY. DRINK RESPONSIBLY.
SOURCE BACARDÍ® Rum©2023. BACARDÍ AND THE BAT DEVICE ARE TRADEMARKS.
Video – https://www.youtube.com/watch?v=QGKG6v3qBQ8Photo – https://mma.prnewswire.com/media/2236543/BACARDI.jpg
View original content to download multimedia:https://www.prnewswire.co.uk/news-releases/bacardi-rum-to-launch-the-first-ai-powered-album-produced-by-grammy-winner-boi-1da-301944568.html
- ComplyCube Unveils No-ID Age Estimation to Address Growing Global Age-Restriction Regulations
- UNLEASH World Returns to Showcase Fortune 500 Companies Transforming the Future of Work
- BACARDÍ® RUM TO LAUNCH THE FIRST A.I. POWERED ALBUM PRODUCED BY GRAMMY WINNER BOI-1DA
- Contactless Smart Cards Market to Reach $21.0 billion, Globally, by 2032 at 8.7% CAGR: Allied Market Research
- Automatic Transfer Switch Market to Reach $1.8 billion, Globally, by 2032 at 10.1% CAGR: Allied Market Research
- Medius Launches Fraud & Risk Detection to catch fraud before it’s too late
- EY and Microsoft expand social impact collaboration and advance sustainability education worldwide with Green Skills Passport
- OKX Announced as Title Sponsor and Premium Partner of Blockchain Economy Dubai Summit
- Englobe partners with OPTEL to ensure full global traceability of its contaminated soil treatment activities
- Safetech Innovations Selected for UK’s Largest Cyber Accelerator, Cyber Runway, to Strengthen British Security
- Altair Enhances Leadership in Optimization Technology by Acquiring OmniQuest
- Locus Robotics to Showcase AI-Enabled Warehouse Automation at Logistics Summit in Dusseldorf, Germany
- Cambrex Completes $38 Million Capacity Expansion in High Point, North Carolina
- Bitsight Identifies Nearly 100,000 Industrial Control Systems Exposed to the Public Internet
- CHANGING Revolutionizes Digital Authentication with Cutting-Edge Solutions and Zero Trust Architecture Certification
Artificial Intelligence2 weeks ago
NightDragon, CyberKnight Partner to Continue Bringing Leading Cyber Innovation to Middle East, Turkey and Africa
Artificial Intelligence2 weeks ago
EchoStar and The Things Industries Collaborate for Hybrid Satellite and Terrestrial IoT Device Connectivity
Artificial Intelligence2 weeks ago
Fractal Accelerates Growth with Opening of New Office in Melbourne
Artificial Intelligence2 weeks ago
Automation Anywhere Announces Winners of its 2023 Global Partner of the Year Awards
Artificial Intelligence1 week ago
Janus Launches in EU to Bring AI-powered IoT Cybersecurity to Critical Industries
Artificial Intelligence2 weeks ago
Hut 8 Provides Update on Business Combination with USBTC
Artificial Intelligence4 days ago
Supermicro Celebrates 30th Anniversary of Growth, Innovation, AI and Green Computing
Artificial Intelligence2 weeks ago
Valiantys Appoints Former Atlassian Executive To Its Supervisory Board