Latest news with #AIthreats
National Post
5 days ago
- Business
- National Post
LevelBlue Report Reveals Increasing Risks To Healthcare Organizations Are Driving Cyber Resilience
Article content LevelBlue finds that only 29% of healthcare executives say they are prepared for AI-powered threats. Article content DALLAS — LevelBlue, a leading provider of managed security services, strategic consulting, and threat intelligence, today released its 2025 Spotlight Report: Cyber Resilience and Business Impact in Healthcare. The findings reveal how the healthcare industry is protecting itself from increasingly numerous sophisticated attacks. Article content The new report found that 32% of healthcare executives say their organization suffered a breach in the past 12 months, and nearly half (46%) say they are experiencing a significantly higher volume of attacks. As artificial intelligence (AI) promises healthcare organizations unprecedented levels of efficiency, optimized processes, and enhanced automation, the report reveals that only 29% of healthcare executives say they are prepared for AI-powered threats despite 41% believing they will happen. Article content At the same time, the software supply chain remains a blind spot, with only a small portion of executives recognizing the associated risks. 54% say they have very low to moderate visibility into the software supply chain, and only 21% say they are investing significantly in software supply chain security. Article content However, cyber resilience measures are becoming more integral to business operations, with 61% of healthcare organizations now aligning their cybersecurity teams with lines of business, a sign that resilience is increasingly seen as a shared responsibility across departments. Moreover, nearly half (44%) expect to enlist managed security service providers (MSSPs) in the next two years to help them manage the increasingly complex and dynamic threat landscape, an increase from 30% that have done so over the past 12 months. Additionally, 59% of leadership roles are measured against cybersecurity KPIs, and nearly half (43%) say they allocate cybersecurity budgets at the outset of new initiatives – a critical step toward embedding security into innovation efforts. Article content 'With the rising risk of AI-powered cyberattacks and vulnerabilities in the software supply chain, achieving cyber resilience in healthcare is more critical than ever,' said Theresa Lanowitz, Chief Evangelist of LevelBlue. 'Our research shows that healthcare organizations are no longer viewing cybersecurity as just an IT issue; it's now a business priority. Still, there is work to be done to properly prepare and protect themselves.' Article content Healthcare organizations are making progress in integrating cybersecurity across their operations, but there is still work to be done. When asked to what extent their organization is investing in certain measures to prepare for new and emerging types of cyber threats, healthcare executives say they are most likely to invest significantly in: Article content Based on these findings, LevelBlue recommends four specific steps to achieve cyber resilience, regardless of the industry: Push cyber resilience up the organization, embed cybersecurity responsibilities throughout the organization, be proactive (not reactive), and prioritize resilience in the software supply chain. Article content Download the complete findings of the 2025 LevelBlue Spotlight Report: Cyber Resilience and Business Impact in Healthcare at this link here to learn how healthcare organizations are adapting to the changing threat landscape. This report follows the April 2025 release of the 2025 LevelBlue Futures Report: Cyber Resilience and Business Impact, which can be found here. Article content For more information on LevelBlue and its managed security, consulting, and threat intelligence services, please visit Methodology The research is based on a quantitative survey that was carried out by FT Longitude in January 2025. There were a total of 1,500 C-suite and senior executives surveyed across 14 countries and seven industries: energy and utilities, financial services, healthcare, manufacturing, retail, transportation, and US SLED (state, local government, and higher education). To be counted as a cyber resilient organization, respondents must have met the qualifications listed under 'Five Characteristics of a Cyber Resilient Organization.' The total number surveyed in healthcare is 220. Article content About LevelBlue Article content We simplify cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence, and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it. Article content We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence- this enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risks so you can focus on your business. Article content Article content Article content Article content Contacts Article content Media Contact Article content Article content Jessica Bettencourt Article content Article content Article content
Zawya
5 days ago
- Business
- Zawya
Microsoft offers to boost European governments' cybersecurity for free
Microsoft is offering free of charge to European governments a cybersecurity programme, launched on Wednesday, to bolster their defences against cyber threats, including those enhanced by artificial intelligence, it said. After a surge in cyberattacks in Europe, many linked to state-sponsored actors from China, Iran, North Korea and Russia, the programme aims to boost intelligence-sharing on AI-based threats and help to prevent and disrupt attacks. "If we can bring more to Europe of what we have developed in the United States, that will strengthen cybersecurity protection for more European institutions," Microsoft President Brad Smith told Reuters in an interview. "You're going to see other things we are doing later in the month." Increasingly, attackers employ generative AI to amplify the scale and impact of their operations that range from disrupting critical infrastructure to spreading disinformation. Although malicious actors have weaponised AI, Smith said AI also offered defensive tools. "We don't feel that we have seen AI that has evaded our ability to detect the use of AI or the threats more broadly," Smith said. "Our goal needs to be to keep AI advancing as a defensive tool faster than it advances as an offensive weapon," he said. Microsoft tracks any malicious use of AI models it releases and prevents known cybercriminals from using its AI products. AI-driven deepfakes have included a portrayal of Ukrainian President Volodymyr Zelenskiy capitulating to Russian demands in 2022 and a fake audio recording in 2023 that influenced the Slovakian election. Smith said so far audio had been easier to fake than video. (Reporting by Supantha Mukherjee in Stockholm; editing by Barbara Lewis)
Globe and Mail
26-05-2025
- Business
- Globe and Mail
3 Top Cybersecurity Stocks to Buy in May
When it comes to cybersecurity, I don't know much about how it works from an experiential perspective. So, I suppose one could say I'm an outsider. But even an outsider like me understands that businesses must invest in cybersecurity in 2025. And I can appreciate that the need for cybersecurity will only get bigger in the coming years. Research firm Gartner predicts that spending for cybersecurity will increase by 15% in 2025 alone, which is huge when looking at an entire market. Gartner further predicts that the cybersecurity threat will increasingly come from generative artificial intelligence (AI) applications, highlighting how the threat evolves over time. Cybersecurity companies, consequently, must be fast-changing as well. When it comes to the future of cybersecurity, I believe that CrowdStrike (NASDAQ: CRWD), Rubrik (NYSE: RBRK), and Palo Alto Networks (NASDAQ: PANW) are three cybersecurity stocks that investors should consider here in May. Here's why. 1. CrowdStrike: The top dog When it comes to cloud-based cybersecurity, CrowdStrike is routinely recognized as a top player in the space. The company provides a subscription platform for its products, providing it with recurring revenue. It completed its fiscal 2025 on Jan. 31. And it ended the year with annualized recurring revenue (ARR) of $4.2 billion, which was up 23% from the end of fiscal 2024. CrowdStrike's Falcon platform isn't a single cybersecurity product but is composed of 29 separate software modules that customers can use to meet their needs. The company is currently modifying its business model with this. Before, customers would select what they wanted and pay the subscription price. Now, customers can agree to a certain level of spending and use it on the module they want. It's called Falcon Flex, and the hope is that this will lower the bar when it comes to experimentation with CrowdStrike's modules. As customers try new modules for the first time, the hope is that they'll see the value and use them regularly. In other words, CrowdStrike plans to boost growth by making it easier for existing customers to adopt more software modules, which sounds like a good idea to me. As of the end of its fiscal 2025, only 21% of CrowdStrike's customers used eight or more of its software modules. Getting its customers to use more modules is quite significant for its long-term growth. The recent launch of Falcon Flex could help it get there, and it's one reason I like CrowdStrike stock today. 2. Rubrik: The niche up-and-comer Many investors know about CrowdStrike, but far fewer have heard about Rubrik. That's understandable. It only went public about 13 months ago, so it's a new company for most investors. Moreover, with $887 million in trailing-12-month revenue, it's considerably smaller than other publicly traded cybersecurity companies. Whereas CrowdStrike tries to prevent attacks, Rubrik gives customers a secure way to prepare for an attack beforehand and get back to normal after it happens. The reality is that even if cybersecurity players stop most attacks, they don't stop all of them. And the risk of one getting through might only increase with advances in AI. The good thing about Rubrik's focus on this aspect of the market is that it's not a direct competitor with CrowdStrike or others -- in fact, it partners with CrowdStrike. This gives the up-and-coming company its own little corner of the market, and it's growing fast. Like CrowdStrike, Rubrik's fiscal 2025 ended on Jan. 31. It ended fiscal 2025 with an ARR of just over $1 billion, which was up a strong 39%. Investors should consider Rubrik stock now, not only because it's fast-growing. The company also just started generating positive free cash flow. This profitability metric suggests that management can scale its business while maintaining operational excellence. This combination could soon start elevating the attention it receives from the investment community. 3. Palo Alto Networks: The relentless consolidator Rubrik is a niche player, but even CrowdStrike could be considered niche compared to how broad Palo Alto Networks is with its vision. It has both hardware and software solutions. Its software products can be used on the cloud or on-premises. It's a large portfolio of products that have been both built and acquired over many years, which makes it one of the best cybersecurity stocks for investors interested in covering all the bases. Indeed, Palo Alto Networks is always eager to acquire another business -- it already acquired one in 2025 by buying Protect AI for $700 million. While there are risks to being a company that makes a lot of acquisitions, the company has historically done it well, and it is paying off with growth. For example, it just completed its fiscal third quarter of 2025, showing good growth in its newer products. Specifically, Palo Alto Networks grew its ARR for Next-Generation Security by 34% year over year to over $5 billion. And demand for its products overall is promising. In Q3, its remaining performance obligations (its future revenue under contract) grew by 19% to a whopping $13.5 billion. In short, the outlook for this company is as strong as ever, making Palo Alto Networks another cybersecurity stock to consider here in May. In closing, the subject of valuation for these companies is also important, but that's a completely different subject from the things that I've discussed here. But allow me to say that the valuation for Rubrik stock is far lower than that for CrowdStrike stock, and it's comparable to the valuation for Palo Alto Networks. But I believe that Rubrik, being a smaller company, has a chance for a better growth rate from here. Rubrik is probably the riskiest of these three stocks, given its size and newcomer status. But for investors willing to take a shot with a less-proven player, Rubrik might be the best value for long-term investors. Should you invest $1,000 in CrowdStrike right now? Before you buy stock in CrowdStrike, consider this: The Motley Fool Stock Advisor analyst team just identified what they believe are the 10 best stocks for investors to buy now… and CrowdStrike wasn't one of them. The 10 stocks that made the cut could produce monster returns in the coming years. Consider when Netflix made this list on December 17, 2004... if you invested $1,000 at the time of our recommendation, you'd have $639,271!* Or when Nvidia made this list on April 15, 2005... if you invested $1,000 at the time of our recommendation, you'd have $804,688!* Now, it's worth noting Stock Advisor 's total average return is957% — a market-crushing outperformance compared to167%for the S&P 500. Don't miss out on the latest top 10 list, available when you join Stock Advisor. See the 10 stocks » *Stock Advisor returns as of May 19, 2025
Tahawul Tech
26-05-2025
- Business
- Tahawul Tech
91% of Security Leaders Admit to Cloud Security Trade-Offs
Gigamon, a leader in deep observability, recently released its 2025 Hybrid Cloud Security Survey, revealing that hybrid cloud infrastructure is under mounting strain from the growing influence of artificial intelligence (AI). The annual study, now in its third year, surveyed over 1,000 global Security and IT leaders across the globe. As cyberthreats increase in both scale and sophistication, breach rates have surged to 55 percent during the past year, representing a 17 percent year-on-year (YoY) rise, with AI-generated attacks emerging as a key driver of this growth. Security and IT teams are being pushed to a breaking point, with the economic cost of cybercrime now estimated at $3 trillion worldwide according to the World Economic Forum. As AI-enabled adversaries grow more agile, organisations are challenged with ineffective and inefficient tools, fragmented cloud environments, and limited intelligence. Key Findings Highlight How AI Is Reshaping Hybrid Cloud Security Priorities AI's role in escalating network complexity and accelerating risk is evident. The study reveals that 46 percent of Security and IT leaders say managing AI-generated threats is now their top security priority. One in three organisations report that network data volumes have more than doubled in the past two years due to AI workloads, while nearly half of all respondents ( 47 percent ) are seeing a rise in attacks targeting their organisation's large language model (LLM) deployments. More than half ( 58 percent ) say they've seen a surge in AI-powered ransomware—up from 41 percent in 2024 underscoring how adversaries are exploiting AI to outpace and outflank existing defences. The study reveals that of Security and IT leaders say managing AI-generated threats is now their top security priority. organisations report that network data volumes have more than doubled in the past two years due to AI workloads, while nearly half of all respondents ( ) are seeing a rise in attacks targeting their organisation's large language model (LLM) deployments. More than half ( ) say they've seen a surge in AI-powered ransomware—up from underscoring how adversaries are exploiting AI to outpace and outflank existing defences. Compromises highlight continued trade-offs in foundational areas of hybrid cloud security nine out of ten ( 91 percent) Security and IT leaders concede to making compromises in securing and managing their hybrid cloud infrastructure. The key challenges that create these compromises include the lack of clean, high-quality data to support secure AI workload deployment (46 percent) and lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic (47 percent) . nine out of ten ( Security and IT leaders concede to making compromises in securing and managing their hybrid cloud infrastructure. The key challenges that create these compromises include the lack of clean, high-quality data to support secure AI workload deployment and lack of comprehensive insight and visibility across their environments, including lateral movement in East-West traffic . Public cloud risks prompt industry recalibration. Once considered an acceptable risk in the rush to scale post-COVID operations, the public cloud is now coming under increasingly intense scrutiny. Many organizations are rethinking their cloud strategies in the face of their growing exposure, with 70 percent of Security and IT leaders now viewing the public cloud as a greater risk than any other environment. As a result, 70 percent report their organization is actively considering repatriating data from public to private cloud due to security concerns and 54 percent are reluctant to use AI in public cloud environments, citing fears around intellectual property protection. Once considered an acceptable risk in the rush to scale post-COVID operations, the public cloud is now coming under increasingly intense scrutiny. Many organizations are rethinking their cloud strategies in the face of their growing exposure, with of Security and IT leaders now viewing the public cloud as a greater risk than any other environment. As a result, report their organization is actively considering repatriating data from public to private cloud due to security concerns and are reluctant to use AI in public cloud environments, citing fears around intellectual property protection. Visibility is top of mind for Security leaders. As cyberattacks become more sophisticated, the limitations of existing security tools are coming sharply into focus. Organisations are shifting their priorities toward gaining complete visibility into their environments, a capability now seen as crucial for effective threat detection and response. More than half (55 percent) of respondents lack confidence in their current tools' ability to detect breaches, citing limited visibility as the core issue. As a result, 64 percent say their number one focus for the next 12 months is achieving real-time threat monitoring delivered through having complete visibility into all data in motion. Deep Observability Becomes the New Standard With AI driving unprecedented traffic volumes, risk, and complexity, nearly nine in 10 (89 percent) Security and IT leaders cite deep observability as fundamental to securing and managing hybrid cloud infrastructure. Executive leadership is taking notice, as boards increasingly prioritise complete visibility into all data in motion, with 83 percent confirming that deep observability is now being discussed at the board level to better protect hybrid cloud environments. 'Security teams are struggling to keep pace with the speed of AI adoption and the growing complexity and vulnerability of public cloud environments', said Mark Jow, technical evangelist, EMEA, at Gigamon. 'Deep observability addresses this challenge by combining MELT data with network-derived telemetry such as packets, flows, and metadata, delivering increased visibility and amore informed view of risk. It enables teams to eliminate visibility gaps, regain control, and act proactively with increased confidence. With 88 percent of Security and IT leaders agreeing it is critical to securing AI deployments, deep observability is fast becoming a strategic imperative'. 'With nearly half of organisations saying attackers are already targeting their large language models, AI security can't be an afterthought, it needs to be a top priority', said Mark Walmsley, CISO at Freshfields. 'The key to staying ahead? Visibility. When we can clearly see what's happening across AI systems and data flows, we can cut through the noise and manage risk more effectively. Deep observability helps us spot vulnerabilities early and put the right protections in place before issues arise'. Image Credit: Gigamon
Tahawul Tech
15-05-2025
- Business
- Tahawul Tech
Nozomi Networks enhances critical infrastructure security amid evolving cyber threats
The cybersecurity landscape is rapidly changing, with digital technologies increasingly integrated into industrial control systems. This digital transformation has introduced new risks, especially with the rise of AI-driven cyber threats. Nozomi Networks is leading the way in securing critical infrastructure, offering solutions that ensure comprehensive protection across OT, IoT, IT, and wireless assets. In this interview, Anton Shipulin, Industrial Cybersecurity Evangelist at Nozomi Networks, discusses how the company addresses these evolving threats and helps organisations comply with stringent regulatory requirements while safeguarding critical and renewable infrastructure. How does Nozomi secure critical infrastructure in the region amid evolving cybersecurity threats, and how does it contribute to improving operational efficiency? Critical infrastructure is vital for a nation's cybersecurity and the functioning of the country. Essential services such as water, electricity, and oil and gas energy rely heavily on these systems, and it is crucial to ensure their continuous, uninterrupted operation. With the rapid digital transformation and the integration of advanced technologies into control systems managing critical infrastructure, these systems are increasingly dependent on digital components. However, this dependence introduces new risks. Unauthorised access and potential cyberattacks pose significant threats to these systems, as malicious actors can exploit vulnerabilities to gain control. It is crucial to monitor these systems closely and identify any deviations from normal operations. Detecting cyberattacks, process anomalies, or other irregular behaviours at an early stage is essential for maintaining security and ensuring the longevity of these facilities. Nozomi Networks addresses these challenges by providing real-time monitoring of network traffic, process telemetry, vulnerabilities, and asset changes within industrial control systems. This approach allows for the timely detection of anomalies and attacks, enabling prompt responses to safeguard critical infrastructure and ensure its resilience. How can organisations achieve full-spectrum protection across OT, IoT, IT, and wireless assets, and what solutions does Nozomi offer to address these complex security challenges? Our primary focus is on securing industrial control systems and cyber-physical systems, including the Internet of Things (IoT). When it comes to industrial control systems, they often comprise a variety of components, including pure OT elements like controllers and PLCs, as well as IT components such as network devices, routers, switches, PCs, laptops, and servers running traditional operating systems like Windows. It is critical not to focus solely on protecting OT systems. Rather, organisations must ensure protection across all components surrounding these critical systems. To address this, our solution expands beyond just supporting OT protocols. While we excel in supporting OT protocols with deep packet inspection for anomaly detection and attack identification, we also support IT systems and the most common IT protocols like DNS, SNMP, and others. This is achieved through passive network monitoring, which ensures visibility across both OT and IT environments. For enhanced asset visibility and discovery, we've added active discovery components, including smart polling, which queries devices for details. Additionally, we've expanded our solutions to incorporate various types of sensors, including network sensors and recently, endpoint sensors. These endpoint sensors can be deployed on systems such as Windows, Linux, and MacOS, especially in areas where network sensors cannot be installed. Furthermore, with the increasing adoption of wireless networks in industrial environments, it is essential to monitor and protect these networks to prevent unauthorised access. In some cases, clients may prohibit wireless networks entirely. However, even in such scenarios, monitoring wireless communications remains vital to detect unauthorised devices, such as rogue wireless access points or USB dongles, that could pose a security risk. Overall, Nozomi offers a comprehensive solution that ensures protection across wireless networks, wired networks, and endpoints, providing organisations with full-spectrum security across their OT, IoT, IT, and wireless assets. With the rise of AI-driven cyber threats, how do you see the threat landscape evolving, and what steps is Nozomi taking to stay ahead of these emerging risks? The rise of AI technologies is both a beneficial and accelerating force for cybersecurity, but unfortunately, it is also being exploited by cybercriminals to enhance their attacks. Attackers leverage AI for tasks such as vulnerability scanning, spam generation, and even coding attacks. This makes it easier for them to create new and more sophisticated attacks, accelerating the pace of the threat landscape. For organisations, this presents a significant challenge, as AI-driven threats allow attackers to quickly evolve their methods, making it critical for asset owners to detect these attacks in a timely and precise manner. This is where Nozomi Networks focuses its efforts. Our solution is not only designed for network detection but also for understanding industrial and IoT protocols, which is crucial in accurately identifying attacks. As the frequency and complexity of attacks grow, the amount of data that needs to be processed increases exponentially, making it harder to correlate and analyse all the relevant information. To address this challenge, we integrate AI and machine learning into our platform for alert correlation and generating insights. These technologies help us manage and analyse vast amounts of data, allowing us to detect threats more effectively. Moreover, as more industrial automation vendors and cloud providers implement AI-based systems, it is essential to protect these components from potential threats. AI-based systems themselves are now vulnerable, and our focus includes monitoring attempts to attack these systems, ensuring that they are adequately safeguarded. Nozomi is adapting to the evolving threat landscape by incorporating AI and machine learning for better threat detection and data processing, while also expanding our focus to protect AI-based systems in industrial automation and cloud environments. Could you share insights into Nozomi's complete cyber-physical protection offerings, particularly in securing critical and renewable infrastructure? How do your solutions enable compliance in highly regulated sectors? Nozomi's solution focuses on comprehensive monitoring across a wide range of environments, including wireless networks, endpoint activities, and IoT systems. Our offerings include a diverse set of sensors for network, wireless, and endpoint monitoring, alongside management components for on-premises environments and cloud-based components for information collection and analysis. By providing real-time visibility and continuous monitoring, our solutions ensure that critical infrastructure, including renewable energy systems, is secured against potential cyber threats. Furthermore, our solutions help organisations meet the compliance requirements of highly regulated sectors by ensuring that all systems are continuously monitored, vulnerabilities are detected early, and appropriate actions are taken to mitigate risks in real time. How does Nozomi ensure compliance with highly regulated sectors, especially considering the growing number of cybersecurity frameworks and regulations globally? Compliance with cybersecurity regulations is increasingly important, with various frameworks emerging across the globe, such as those in Europe, the United States (e.g., New York City's cybersecurity regulations), and other regions. One of the key elements of compliance is ensuring proper asset discovery, asset management, threat detection, and vulnerability management. To help organisations meet these regulatory requirements, Nozomi offers comprehensive solutions that focus on asset discovery, threat detection, and vulnerability identification. By addressing these key components, our solutions ensure the security of critical networks and data, enabling organisations to comply with regulations while also enhancing their overall cybersecurity posture. Image Credit: Nozomi Networks
