Information Week

Six Case Studies and the Journey Toward More Efficient and Secure Operations source

“Talking About a Revolution: Making the Unsolvable Solvable in the SOC Infographic“ A Look into the Past in Order to Move Forward with a Machine-Led, Humna-Empowered Security Platform. Elevate your SOC with Automation and AI Capabilities Designed for the Modern Threat Landscape. In the last few years, the needs of the ­ security operations center (SOC) have changed, but the designs of the SIEM and SOC have not. The security information and event management (SIEM) category has served security operations for years with significant manual overhead and slow incremental improvement in security outcomes. Most other key pieces of the security architecture have been modernized: The endpoint moved from antivirus (AV) to endpoint detection and response (EDR) to extended detection and response (XDR); the network moved from a “hard shell” perimeter to Zero Trust and SASE; runtime moved from the data center to the cloud. In contrast, the SOC still operates on a SIEM model designed 20 years ago.  Explore the Future of Cybersecurity with Cortex XSIAM® – Palo Alto Networks’ AI-Driven Security Operations Platform. Discover how this innovative approach leverages AI to enhance, not replace, your security teams.Dive into our informative infographic to learn more. Offered Free by: Palo Alto Networks See All Resources from: Palo Alto Networks Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. Thank you This download should complete shortly. If the resource doesn’t automatically download, please, click here. source

Cyberattacks in the first half of 2024 have been relentless, with organizations facing a surge in ransomware and data breaches aimed at theft and extortion. Unlike previous years, 2024 has seen major disruptions across industries, with consumers feeling the burn.   Unless you’ve been living under a rock, you already know that today’s ransomware operators are highly sophisticated and target businesses of all sizes across different industries. You’ve likely already deployed technology aimed at protecting against and recovering from a ransomware attack.   However, even with these technologies in place, many organizations find themselves unprepared when an actual attack happens.   Wargaming, a strategic military tool, has found its place in the world of cybersecurity through tabletop exercises designed to simulate these high stakes cyberattacks, such as ransomware. Cyber wargames equip corporate leaders with the skills needed to make swift, informed decisions in the critical first 24-48 hours of a crisis. Beyond backups, these exercises stress-test incident response plans, offering an essential, hands-on approach to disaster recovery.  Here’s what you need to know and how to approach.  What Is a Tabletop Exercise and Why Does It Matter?  A ransomware tabletop exercise is a simulation of a ransomware attack aimed at identifying vulnerabilities in your ransomware protection and recovery plan. Conducting a tabletop exercise is one of the best ways to increase your organization’s cyber resilience and prepare for recovery scenarios you have not yet encountered in the wild.   Ransomware tabletop exercises have other benefits, too. For example, a tabletop exercise could identify areas where you are out of compliance with security frameworks and/or demonstrate to regulators that you have taken steps to address these issues. Exercises can also help shape employee training efforts and technology investments.   There’s no “right” way to conduct a tabletop exercise. However, many exercises include some or all of the following:  A realistic scenario. All tabletop exercises should start with a realistic scenario, designed to challenge both technical and non-technical aspects of the organization’s incident response plan.  Key stakeholders. Key personnel from IT, cybersecurity, legal, communications, and executive teams should be involved to ensure all critical functions are covered.  Well-defined responsibilities. Stakeholders should be assigned a specific role that mirrors their real-world responsibilities during an actual ransomware incident (e.g., IT, executives, public relations).  Ransomware response testing. Technical and non-technical response activities should be tested. This might include IT activities like detection, containment, eradication, and disaster recovery operations. Internal and external communications should be tested as well. We’ll look at testing in more detail below.  A post-incident report. A review of the gaps, successes, and areas for improvement in the organization’s response strategy is critical. This review should be properly documented, both for future reference and to satisfy any regulatory or compliance requirements.  Ransomware Response Testing Food for Thought  Obviously, all aspects of your security stack should be considered in your IT testing. Preventing an attack before it happens is the goal, so testing should be designed to identify gaps in access controls, vulnerability management, employee security awareness training, and more.  Since attacks have the potential to cause prolonged IT downtime, a tabletop exercise should also reveal how long it could take to restore normal business operations following an attack. The exercise should account for the wide variety of restore scenarios IT might face (e.g., restoring a few desktops vs. a server hosting numerous virtual machines) and the recovery time associated with each.  Legal, HR, PR, and executive teams may have important responsibilities during and immediately following a ransomware attack. For example, do customers and/or vendors need to be notified? What about law enforcement? Who is responsible for these communications? Who is responsible for filing a cyber insurance claim? What specifically is required to file a claim?   Tabletop exercises require a good deal of coordination and can be time-consuming. However, they are highly effective and should be considered an essential piece for your security and disaster recovery efforts.  Conclusion  Ransomware tabletop exercises are invaluable for organizations looking to strengthen their defenses against one of the most serious cyber threats today. These exercises help businesses identify vulnerabilities, improve response strategies, and build long-term cyber resilience.   By involving leadership, focusing on realistic scenarios, and emphasizing secure recovery methods, ransomware tabletop exercises offer a practical and insightful way to ensure that your organization is prepared to handle a real ransomware attack.   source

America is speeding towards an unusually high-stakes election. The winner in the clash of polar opposite views will oversee drastically different government policies. Here’s a look at what either a Republican or Democratic outcome is likely to mean in terms of tech directives affecting networks. First, it’s important to acknowledge that tensions are likely to spill over after the election and potentially change the policies touted by either candidate in pre-election pledges. Public pressure, both for and against any given policy, would likely have some impact on the final version.   Meanwhile, the unease across the nation is palpable and nearly universal, while fear and anger creep insidiously into several segments of the population. Those tensions are unlikely to dissipate entirely after the election. Indeed, they are expected to become further entrenched, no matter which candidate wins. Come election day or sometime thereafter, one or the other of the top two candidates will be declared the victor. There’s been lots of ink, pixels, and TV and video streams dedicated to what either outcome means in terms of the most obvious social issues and abrasive policy contentions. But few have dug deep to see beyond these to other policy differences that can also impact America in important ways. “Telecom infrastructure remains a crucial yet under-discussed policy issue, and Trump and Harris are proposing distinct approaches,” says Richard Brandon, Vice President of Strategy at RtBrick, a provider of multi-service edge routing software for telcos. Let’s take a look at how networks are likely to be impacted by each candidate should they be the final winner in this election. Overall Candidate Tech Positions “In sum, I think we can expect divergent approaches to regulations, broadband funding, blockchain innovation, and digital assets based on recent policies and public statements made by each candidate,” says Dr. Tonya M. Evans, ESQ., professor of Law at Penn State Dickinson Law and Digital Money Expert at Penn State Dickinson Law. As to the specific points made or eluded to in the candidates’ public statements and other research, Deltek’s key technology findings to apprise government contractors of the two candidates’ positions are as follows: Kamala Harris: Prioritizes winning the global competition in space, AI, quantum computing, and emerging technologies. Advocates continued export controls to prevent Chinese companies from acquiring advanced semiconductor and computing technologies. Supports enforcement of the Biden AI executive order, requiring cross-agency collaboration, procurement decisions tied to risk and performance management, and investment in AI data centers. Promotes investment in Regional Technology and Innovation Hubs and the National Artificial Intelligence Research Resource to integrate AI and machine learning into healthcare technology. A strong proponent of telehealth and further cloud computing modernization. Donald Trump: Plans to invest in AI to compete with China while scaling back elements of the Biden AI executive order that he views as restrictive. Supports continued export controls similar to Harris but would pull back on regulations concerning data bias. Advocates expanding U.S. federal cyber capabilities, including offensive cybersecurity operations and workforce development. Likely to continue supporting cybersecurity investments while revisiting antitrust actions targeting large U.S. tech companies. What these positions will lead to in the way of policy actions remains to be seen. Even so, a recent EY report finds that the outcome of the US election will most impact the following areas of regulation: cybersecurity/data protections, artificial intelligence and machine learning, and user data and content oversight. The report found that 74% of tech leaders believe the results of the upcoming US election will have a major impact on the US tech sector’s ability to stay ahead of global competitors. Overall Candidate Positions on Broadband, Networks “All the presidential candidates have come up with encouraging policies regarding broadband access, but they can be implemented in different ways,” says Chris Dukich, the owner of a SaaS company that provides digital signage to screens called Display Now. As Dukich alludes to, the devil is in the details, so here are a few of the key takeaways for each of the leading candidates. Kamala Harris Harris’s platform “emphasizes her Opportunity Economy approach, which seeks to address the digital divide and expand broadband infrastructure as a means of economic empowerment for marginalized communities. This mirrors previous Democratic-led initiatives like the Infrastructure Investment and Jobs Act, which allocated $65 billion for broadband expansion under the Biden administration,” says Dr. Evans. And how will that likely play out in terms of government funding? “The future of this approach will probably be more government grants and public-private partnerships which will enable moving towards the direction of having high-speed internet access to all the communities within the country,” Dukich said. Other industry players and watchers tend to agree. “A Harris administration would continue investing in cost-efficient network expansion, extending Biden’s initiative of increasing broadband access and bringing digital equity to rural areas through programs like BEAD. Billions of dollars are already earmarked and distributed to states to support the development of next-generation telecom networks,” says Brandon. As to the impact on regulations, Dukich expects Harris to continue Biden’s “push for more restraints over tech corporations with a strong emphasis on data privacy, rivalry, and consumer welfare.” Merrill agrees and points to the FTC efforts currently underway as continuing under Harris. “Future regulations in a Harris administration will be the same in support of net neutrality and increase oversight against ISPs,” Merrill adds. But not everyone agrees with the assessment that Harris will follow in Biden’s footsteps. “Harris has signaled a shift from the strict regulatory stance of the Biden administration toward a more innovation-friendly framework. However, her policies are likely to continue emphasizing net neutrality and consumer protections, requiring network managers and architects to adapt to stricter compliance and reporting standards, which could increase opportunities for firms involved in public contracts and broadband development,” says Evans. Cloud infrastructure and distributed networking will also see significant policy impact. Harris has “indicated a focus on cloud security and resilience, integrating support for cloud computing technologies within her broader economic agenda. By

As organizations strive to meet their goals, integrating digital technology into analytics, artificial intelligence and machine learning, and cloud migration has become essential. The end game is to transform businesses’ operations, share information, and deliver customer value.   While digital transformation promises increased efficiency, productivity, and reduced costs, its success fundamentally depends on people. Neglecting the human aspect of transformation is a recipe for failure from the outset.  A BCG study on digital transformation found that 90% of companies focusing on culture during their transformation journey experienced solid financial performance, compared to 17% that didn’t. Despite projections that global spending on digital transformation will reach $3.4 trillion by 2026, there’s a high failure rate — around 70%, according to McKinsey. Much of this failure can be attributed to organizational culture shock, where employees react negatively to sudden changes.  In 1955, Sverre Lysgaard developed a model describing how individuals adapt to a new culture, beginning with a honeymoon phase, followed by culture shock, then adjustment, and finally adaptation. This process mirrors what happens to employees during digital transformation. Companies must invest in addressing culture shock to ensure the success of their digital initiatives.  Related:2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI We recently embarked on a significant digital transformation with the introduction of our solution enablement platform. This platform unites various data and analytic assets built for risk management, marketing, and fraud prevention into one unified environment. This transformation enhances our ability to provide a more accurate picture of consumers across various use cases. From my experience rolling out this platform, I’ve identified five key strategies companies can use to navigate digital transformation successfully and avoid employee culture shock.  1. Foundation setting  It’s essential to communicate your vision and strategy. A well-defined roadmap that outlines the steps to achieve transformation goals is crucial. McKinsey reports that organizations with a clear change management strategy are six times more likely to succeed. Personalizing the vision for each employee ensures they believe in the transformation and actively participate in it.  2. Employee training and education  Training is vital for engaging employees and advancing their careers. Yet only 56% of organizations report expanding training on digital tools and new processes, according to PwC. At our company, we incentivize employees to complete training programs that enhance their skills, which leads to a more engaged workforce. Employees are encouraged to think about the skills they want to develop for their future, ensuring that our digital transformation also benefits their personal career growth.  Related:Curtail Cloud Spend With These Strategies A significant focus of our training has been on our solution enablement platform. We’ve curated specific training for employees, including certifications, across the organization. This approach encourages long-term career development while promoting a deeper understanding of new technologies.  3. Be transparent and share progress  Frequent updates on successes and challenges foster trust and authenticity. Organizations should openly communicate any changes to the roadmap or strategy. At my company, we hold regular meetings where we showcase both the progress and the hurdles we face during our technology evolution. Integration is a crucial theme; we highlight how different teams benefit from the work.  4. Embrace learning and failures  Encouraging a culture that views failure as a learning opportunity fosters innovation. Open lines of communication allow employees to share issues and contribute to continuous improvement. This helps employees feel secure enough to try new things and become active participants in the transformation.  Related:Forrester Speaker Sneak Peek: Analyst Jayesh Chaurasia to Talk AI Data Readiness At our company, we conduct regular retrospectives of our planned releases. When things don’t go as expected, we focus on what can be learned, not the failure itself. This feedback loop is shared transparently, providing valuable insights for the entire team and fostering a culture of continuous improvement.  5. Find champions  Too often, change management is reduced to sending out emails or presentations. While these methods are helpful, true transformation requires more personal involvement. Identifying champions within the organization can significantly boost morale and support. These champions don’t need to be formal leaders but are individuals who believe in transformation and help guide their peers through the process.  Recently, our enterprise capabilities marketing and investor relations teams met with our engineers to better understand the benefits of our solution enablement platform. They became champions of the transformation and shared their enthusiasm with key stakeholders, which in turn had a positive impact on investors.  Conclusion  Digital transformation offers tremendous potential, but it comes with inherent challenges. To succeed, organizations must place people at the heart of the process through training, transparent communication, and fostering a culture that embraces learning from failures. Companies can mitigate culture shock and achieve their transformation goals by following these five strategies.  source

It’s no secret that cybersecurity concerns are growing. This past year has seen massive breaches, such as the breach of National Public Data (with 2.7 billion records stolen), and several large breaches of Snowflake customers such as Ticketmaster, Advance Auto Parts and AT&T. More than 165 companies were impacted by the Snowflake-linked breaches alone, according to a Mandiant investigation. According to CheckPoint research, global cyber-attacks increased by 30% in the second quarter of 2024, to 1,636 weekly attacks per organization. An IBM report says the average cost of a data breach globally rose 10% in 2024, to $4.8 million. So, it’s probably not that surprising that Orlando, Fla.-based cybersecurity firm ThreatLocker has ballooned to 450 employees since its 2017 launch. InformationWeek caught up with ThreatLocker CEO Danny Jenkins at the Gartner IT Symposium/XPO in Orlando last month. (Editor’s note: The following interview is edited for clarity and brevity.) Can you give us a little overview on what you were talking about at the event? What we’re talking about is that when you’re installing software on your computer, that software has access to everything you have access to, and people often don’t realize if they download that game, and there was a back door in that game, if there was some vulnerability from that game, it could potentially steal my files, grant someone access to my computer, grab the internet and send data. So, what we were really talking about was the supply chain risk. The biggest thing is vulnerabilities: The things a vendor didn’t intend to do, but accidentally granted someone access to your data. You can really enhance your security through sensible controls and limiting access to those applications rather than trying to find every bad thing in the world. Related:2024 Cyber Resilience Strategy Report: CISOs Battle Attacks, Disasters, AI … and Dust AI has been the major reoccurring theme throughout the symposium. Can you talk a little about the way we approach these threats and how that is going to change as more businesses adopt emerging technologies like GenAI? What’s interesting is that we’re actually doing a session on how to create successful malware, and we’re going to talk about how we’re able to use AI to create undetectable malware versus the old way. If you think about AI, and you think about two years ago, if you wanted to create malware, there were a limited number of people in the world that could do that — you’d have to be a developer, you’d have to have some experience, you’d have to be smart enough to avoid protections. That pool of people was quite small. Today, you can just ask ChatGPT to create a program to do whatever you want, and it will spit out the code instantly. The amount of people that have the ability to create malware has now drastically increased … the way to defend against that is to change the way you think about security. The way most companies think about security now is they’re looking for threats in their environment — but that’s not effective. The better way of approaching security is really to say, “I’m just going to block what I don’t need, and I don’t care if it’s good and I don’t care if it’s bad. If it’s not needed in my business, I’m going to block it from happening.” Related:Juliet Okafor Highlights Ways to Maintain Cyber Resiliency As someone working in security, is the pace of AI adoption in enterprise a concern? I think the concern is the pace and the fear. AI has been around for a long time. What we’re seeing the last two years is generative AI and that’s what’s scaring people. If you think about self-driving cars, you think about the ability of machine learning, the ability to see data and manipulate and learn from that data. What’s scary is that the consumer is now seeing AI that produces and before it was always stuff in the background that you never really thought about. You never really thought about how your car is able to determine if something’s a trash can or if it’s a person. Now this thing can draw pictures and it can write documents better than I do, and create code. Am I worried about AI taking over the world from that perspective? No. But I am concerned about the tool set that we’ve now given people who may not be ethical. Related:Beyond the Election: The Long Cybersecurity Fight vs Bad Actors Before, if you were smart enough to write successful malware, at least in the Western Hemisphere, you’re smart enough to get a job and you’re not going to risk going to jail. The people who were creating successful malware before, or successful cyber-attacks, were people in countries where there were not opportunities, like Russia. Now, you don’t need to be smart enough to create successful cyber-attacks, and that’s what concerns me. If you give someone who doesn’t have capacity to earn a living access to tools that can allow them to steal data, the path they are going to follow is cyber crime. Just like other crime, when the economy is down and people don’t have job, people steal and crime goes up. Cyber crime before was limited to people who had an understanding of technology. Now, the whole world will have access and that’s what scares me — and GenAI has facilitated that. How do you see your business changing in the next 5-10 years because of AI adoption? Ultimately, it changes the way people think about security, to where they have to start adopting more zero-trust approaches and more restrictive controls in their environment. That’s how it has to go — there is no alternative. Before, there was a 10% chance you were going to get damaged by an attack, now it’s an 80% chance. If you’re the CIO of an enterprise, how should you be looking at building out these new technologies and building on these new

As quantum computing continues to advance, so too are the algorithms used for quantum machine learning, or QML. Over the past few years, practitioners have been using variational noisy intermediate-scale quantum (NISQ) algorithms designed to compensate for noisy computing environments.   “There’s a lot of machine learning algorithms in that vein that run in that kind of way. You treat your quantum program as if it was a neural network,” says Joe Fitzsimons, founder and CEO Horizon Quantum Computing, a company building quantum software development tools. “You write a program that has a lot of parameters in it that you don’t set beforehand, and then you try to tune those parameters. People call these ‘quantum neural networks.’ You also have variational classifiers and things like that that fall into that category.”  One can also take an existing classical machine learning model and try to accelerate its computation using a quantum computer. Noise is a challenge, however, so error correction is necessary. Another requirement is quantum random access memory (QRAM, which is the quantum equivalent of RAM).   “If we can get lower noise quantum computers, if we can start building the RAM, then there’s really enormous potential for quantum computers to accelerate a classical model or a quantum native model,” says Fitzsimons. “You can play with the variational algorithms today, absolutely, but achieving the more structured algorithms and getting to error-corrected quantum random access memory is five years and several Nvidia hardware generations away.”  Related:IT Pros Love, Fear, and Revere AI: The 2024 State of AI Report QML Needs to Mature While quantum computing is not the most imminent trend data scientists need to worry about today, its effect on machine learning is likely to be transformative.   “The really obvious advantage of quantum computing is the ability to deal with really enormous amounts of data that we can’t really deal with any other way,” says Fitzsimons. “We’ve seen the power of conventional computers has doubled effectively every 18 months with Moore’s Law. With quantum computing, the number of qubits is doubling about every eight to nine months. Every time you add a single qubit to a system, you double its computational capacity for machine learning problems and things like this, so the computational capacity of these systems is growing double exponentially.”  Quantum machines will allow organizations to model and understand complex systems in a computational way, and the potential use cases are many, ranging from automotive and aerospace to energy, life sciences, insurance, and financial services to name a few. As the number of qubits rises, quantum computers can handle increasingly complex models.  Related:Keynote Sneak Peek: Forrester Analyst Details Align by Design and AI Explainability Joe Fitzsimons, Horizon Quantum Computing “With classical machine learning, you take your model and you test it against real-world data, and that’s what you benchmark off,” says Fitzsimons. “Quantum computing is only starting to get towards that. It’s not really there yet, and that’s what’s needed for quantum machine learning to really take off, you know, to really become a viable technology, we need to [benchmark] in the same way that the classical community has done, and not just single shots on very small data sets. A lot of quantum computing is reinventing what has already been done in the classical world. Machine learning in in the quantum world, has a long way to go before we really know what its limits and capabilities are.”  What’s Happening With Hybrid ML? Classical ML isn’t practical for everything, and neither is QML. Classical ML is based on classical AI models and GPUs while quantum machine learning (QML) uses entirely different algorithms and hardware that take advantage of properties like superposition and entanglement to boost efficiency exponentially, says Román Orús, Ikerbasque research professor at DIPC and chief scientific officer of quantum AI company Multiverse Computing.  Related:Sidney Madison Prescott Discusses GenAI’s Potential to Transform Enterprise Operations “Classical systems represent data as binary bits: 0 or 1. With QML, data is represented in quantum states. Quantum computers can also produce atypical patterns that classical systems can’t produce efficiently, a key task in machine learning,” says Orús.   Classical ML techniques can be used to optimize quantum circuits, improve error-correcting codes, analyze the properties of quantum systems and design new quantum algorithms. Classical ML methods are also used to preprocess and analyze data that will be used in quantum experiments or simulations. In hybrid experiments, today’s NISQ devices work on the parts of the problem most suited to the strengths of quantum computing while classical ML handles the remaining parts.   Quantum-inspired software techniques can also be used to improve classical ML, such as tensor networks that can describe machine learning structures and improve computational bottlenecks to increase the efficiency of LLMs like ChatGPT.   “It’s a different paradigm, entirely based on the rules of quantum mechanics. It’s a new way of processing information, and new operations are allowed that contradict common intuition from traditional data science,” says Orús. “Because of the efficient way quantum systems handle information processing, they are also capable of manipulating complex data to represent complex data structures and their correlations. This could improve generative AI by reducing energy and compute costs as well as increasing the speed of the drug discovery process and other data-intensive research. QML also could be used to develop new types of neural networks that use quantum properties that significantly improve inference, explainability, and training efficiency.”  There’s a lot of innovation happening at various levels to solve various pieces of all things quantum, including system design, environmental optimization, new hardware and software.  Román Orús, Multiverse Computing “In addition to developing better quantum hardware to run QML, people are also exploring how to implement hybrid systems that combine generative AI modules, such as transformers, with quantum capabilities,” says Orús.  Like classical ML, QML isn’t a single thing.   “As with other aspects of quantum computing, there are different versions of quantum machine learning. These days, what most people mean by quantum machine learning is otherwise known as a

Today’s election, which pollsters say is neck and neck in the presidential race between Republican candidate and former US President Donald J. Trump and Democratic candidate, US Vice President Kamala Harris, could determine the future of the $52.7 billion CHIPS and Science Act. The CHIPS Act, signed into law two years ago, is already doling out some of the $39 billion aimed at semiconductor manufacturing, with another 13.2 billion earmarked for R&D and workforce development. The Biden Administration has touted the effort as one of its major accomplishments. Trump recently took to the Joe Rogan podcast to declare: “That chip deal is so bad.” Trump says the US should instead impose tariffs he says would force more chips to be produced in the US. Others say tariffs, which are charged to the importing company and not the exporting country, would have the opposite effect. House Speaker Mike Johnson, in remarks that he recently walked back, suggested that the GOP would “probably” try to repeal the legislation. He later said that he misunderstood the question after pushback from GOP Rep. Brandon Williams, a New York state congress member locked in a tough race with Democrat candidate state Sen. John Mannion. Johnson told reporters that a repeal is not in the works, but “there could be legislation to further streamline and improve the primary purpose of the bill — to eliminate its costly regulations and Green New Deal requirements.” Related:2024 InformationWeek US IT Salary Report: Profits, Layoffs, and the Continued Rise of AI Billions at Stake According to the US Commerce Department, the CHIPS Act is expected to boost US chip manufacturing from zero to 30% of the world’s leading-edge chip supply by 2032. Chip companies like Intel, Micron, Samsung, and TSMC have announced massive US manufacturing upgrades and new construction. Last year, the Commerce Department said more than 460 companies had signaled interest in winning subsidies through the bill. The US has chosen 31 “underdog tech hubs” for potential hotspots that would funnel CHIPS funding into areas outside of traditional tech corridors. Earlier this week, Albany NanoTech Complex was selected as the first CHIPS Act R&D flagship facility, winning $825 million in subsidies to fund a new Extreme Ultraviolet (EUV) Accelerator. US Sen. Mark Kelly, (D-Ariz), was a key sponsor of the CHIPS Act. Since 2020, Arizona netted more than 40 semiconductor deals, with $102 billion in capital investment and the potential for 15,700 jobs. TSMC’s investment in Arizona stands at more than $65 billion. Intel is investing more than $32 billion in two new Arizona foundries (chip factories), and to modernize an existing fab. Related:Curtail Cloud Spend With These Strategies Republicans are staking their political fortunes on the CHIPS Act as well. Sen. John Cornyn (R-TX), also co-authored the bill. And Sen. Marco Rubio (R-Fla.) and Sen. Tom Cotton have been vocal about China-US competition. The CHIPS act could shore up a domestic supply chain that gives North America a real advantage in the chip wars. While the CHIPS Act itself is not on any ballot measures for this election cycle, economic policies that impact power consumption and other key tech-important issues may impact the industry as well. In Arkansas, one ballot measure proposal concerning lottery funds could help create more skilled tech workers, for instance. In Maine, a ballot measure proposes issuing $25 million in bonds to fund research for IT industries. Bob O’Donnell, president and chief analyst at TECHnalysis Research, says the future of US semiconductor manufacturing should not be a partisan issue. “It’s clear to me that the CHIPS Act is incredibly important and hopefully it will cross party lines,” he says in a phone interview with InformationWeek. “There’s no doubt there will be demand down the road. And there’s no question that the geographical diversity of semiconductor manufacturing is way out of whack. This is a US necessity.” Related:Forrester Speaker Sneak Peek: Analyst Jayesh Chaurasia to Talk AI Data Readiness A Question of Workforce Readiness and R&D John Dallesasse, a professor of electrical and computer engineering at the University of Illinois Grainger College of Engineering, says funding from the CHIPS Act will be crucial to workforce and educational needs. “It would be unfortunate if the US government were to backpedal on the investments in semiconductor technology enabled by the CHIPS and Science Act,” he tells InformationWeek in an e-mail interview. “While the [act] provides incentives for manufacturing, there’s also a significant emphasis on new technology R&D and workforce development — both of which will be needed to restore US competitiveness in semiconductors.” He adds, “Without the combination of new technology development and incentives to bring manufacturing back to the US, we will continue on the downward spiral which has brought us from a dominant force in semiconductor manufacturing to a country which only makes 12% of the world’s chips.” source

Enterprise IT leaders face a daunting challenge: delivering innovative solutions through new applications, data services, and AI investments while adhering to tight budgets. Cloud computing, often at the heart of these initiatives, presents a particularly uncertain landscape, especially regarding storage costs, which can significantly impact IT budgets. Rising expenses in cloud data storage have prompted many organizations to reconsider their strategies, leading to a trend of repatriation as enterprises seek more control during these unpredictable economic times. A February 2024 Citrix poll revealed that 94% of organizations had shifted some workloads back to on-premises systems, driven by concerns over security, performance, costs, and compatibility. In response, senior business and finance leaders might consider a swift transition back from the cloud to curb expenses. However, cloud repatriation carries its own set of risks, including potential egress fees, the need for new hardware, security investments, and other infrastructure costs. Additionally, companies may face the challenge of re-hiring staff previously laid off. Furthermore, there’s a significant opportunity cost associated with missing out on enhanced collaboration, innovation, agility, and access to advanced cloud-native tools and services, including AI and machine learning. Optimize Your Cloud Strategy Before You Repatriate Deloitte analyzed anonymized data from several FinOps engagements to assess optimization efforts, finding that businesses can save up to 45% (15% on average) on cloud costs by optimizing across waste management, consumption management, and purchasing best practices levers. Common tactics of re-architecting applications, managing cloud sprawl and monitoring spend using the tools each cloud provides are a great first start. However, these methods are not the full picture. Storage optimization is an integral piece. Focusing on cloud storage costs first is a smart strategy since storage constitutes a large chunk of the overall spend. More than half of IT organizations (55%) will spend more than 30% of their IT budget on data storage and backup technology, according to our recent State of Unstructured Data Management report. The reality is that most organizations don’t have a clear idea on current and predicted storage costs. They do not know how to economize, how much data they have, or where it resides. By gaining a thorough understanding of data and its needs, IT can place high-priority data on top-performing storage while moving older, less important data to cheaper storage. The point is that if you don’t efficiently manage data over its lifecycle, both options will be expensive. Six Ways to Cut Storage Costs and Optimize Cloud Investments Get holistic visibility on data to make the best cloud decisions. Understanding the characteristics of enterprise data—which is primarily file or object data not sitting in a database—is critical to optimizing cloud investments and right-place data. Top metrics include top data owners, most common file type, most common file size, total data, data growth rate, and data by time of last access (which indicates active or hot data versus inactive or cold data). Metadata searches can also highlight files containing PII, IP, or other sensitive data that have unique storage and security requirements. Calculate current storage costs across all storage technologies in your data centers and/or the cloud. Since most organizations have a hybrid cloud approach, you need to calculate the cost of both on-premises storage and backups as well as cloud storage. Calculating this across various accounts, buckets, and storage silos can be time-consuming and laborious. Look for automated ways to deliver these costs, such as through a data management solution. Predict future storage costs based on data growth rates. Unstructured data typically grows at 20% or more each year, so when looking at how much you can save, consider current costs and future projections. An ongoing data management strategy is needed to save costs as data continues to pile up. Include backup and disaster recovery costs in your analysis. Even in the cloud, most organizations create additional data copies for backups, snapshots, and multi-site redundancy. Be sure to include these costs in your analysis to get the full understanding of your true costs and potential savings. Model new storage plans for savings opportunities. Your data management analysis should detail how much you can save by leveraging the various cloud storage tiers and right-placing cold data at the appropriate lower tier. In most clouds, the cheaper storage tiers are often 20x less expensive than the performance tiers. Create an ongoing data lifecycle management plan. Rather than moving data to the cloud in a “set and forget” fashion, long-term savings require continuous refinement to accommodate data as it ages or when other conditions materialize, such as the need to move data under compliance rules to secure archival storage. With more than 12 classes of storage on some of the popular clouds, you’ll want to leverage them all at the right time. Don’t keep data in top-tier file storage once it is no longer in active use, such as at the completion of an analytics project or marketing campaign. Ensure that users can access tiered data from the lower storage tier without having to bring it back to a more expensive tier so that you don’t lose the savings. A Final Word on Cloud Storage As organizations look to reduce cloud waste this year, attaining a data-centric perspective has multitude of benefits. Analysis can indicate data growth rates, hot versus cold data, compliant data, and more so that IT can make the best decisions balancing data requirements, business needs, and budget. This way, you can continue to embrace the cloud for digital business initiatives without starting alarm bells in the CFO’s office. source

This summer, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Defense Cyber Crime Center (DC3) released a joint advisory on Iran-based threat actors and their role in ransomware attacks on organizations in the US and other countries around the globe.   With the US presidential election coming to a close, nation state activity from Iran could escalate. In August, Iranian hackers compromised Donald Trump’s presidential campaign. They leaked compromised information and sent stolen documents to people involved in Joe Biden’s campaign, CNN reports.   What are some of the major threat groups associated with Iran, and what do cybersecurity stakeholders need to know about them as they continue to target US organizations and politics?   Threat Groups  A number of advanced persistent threat (APT) groups are affiliated with the Islamic Revolutionary Guard Corps (IRGC), a branch of the Iranian armed forces. “[Other] relatively skilled cyber threat actor groups … maintain arm’s distance length from the Iranian government,” says Scott Small, director of cyber threat intelligence at Tidal Cyber, a threat-informed defense company. “But they’re … operating pretty clearly on behalf [of] or aligned with the objectives of the Iranian government.”   Related:2024 Cyber Resilience Strategy Report: CISOs Battle Attacks, Disasters, AI … and Dust These objectives could be espionage and information collection or simply disruption. Hack-and-leak campaigns, as well as wiper campaigns, can be the result of Iranian threat actor activity.  And as the recent joint advisory warns, these groups can leverage relationships with major ransomware groups to achieve their ends.   “Look at the relationships [of] a group like Pioneer Kitten/Fox Kitten. They’re partnering and collaborating with some of the world’s leading ransomware groups,” says Small. “These are extremely destructive malware that have been extremely successful in recent years at disrupting systems.”  The joint advisory highlights Pioneer Kitten, which is also known by such names as Fox Kitten, Lemon Sandstorm, Parisite, RUBIDIUM, and UNC757, among others. The FBI has observed these Iranian cyber actors coordinating with groups like ALPHV (also known as BlackCat), Ransomhouse, and NoEscape. “The FBI assesses these actors do not disclose their Iran-based location to their ransomware affiliate contacts and are intentionally vague as to their nationality and origin,” according to the joint advisory.   Many other threat groups affiliated with Iran have caught the attention of the cybersecurity community. In 2023, Microsoft observed Peach Sandstorm (also tracked as APT33, Elfin, Holmium, and Refined Kitten) attempting to deliver backdoors to organizations in the military-industrial sector.   Related:Juliet Okafor Highlights Ways to Maintain Cyber Resiliency MuddyWater, operating as part of Iran’s Ministry of Intelligence and Security (MOIS), has targeted government and private sector organizations in the oil, defense, and telecommunications sectors.   TTPs   The tactics, techniques, and procedures (TTPs) leveraged by Iranian threat actor groups are diverse. Tidal Cyber tracks many of the major threat actors; it has an Iran Cyber Threat Resource Center. Small found the top 10 groups his company tracks were associated with approximately 200 of the MITRE ATT&CK techniques.   “Certainly, this is just one data set of known TTPs, but just 10 groups being associated with about a third of well-known TTPs, it just demonstrates … the breadth of techniques and methods used by these groups,” he says.   The two main avenues of compromise are social engineering and exploitation of unpatched vulnerabilities, according to Mark Bowling, chief information, security, and risk officer at ExtraHop, a cloud-native cybersecurity solutions company.   Social engineering conducted via tactics like phishing and smishing can lead to compromised credentials that grant threat actors system access, which can be leveraged for espionage and ransomware attacks.   Related:Beyond the Election: The Long Cybersecurity Fight vs Bad Actors Charming Kitten (aka CharmingCypress, Mint Sandstorm, and APT42), for example, leveraged a fake webinar to ensnare its victims, policy experts in the US, Europe, and Middle East.   Unpatched vulnerabilities, whether directly within an organization’s systems or its larger supply chain, can also be a useful tool for threat actors.   “They find that vulnerability and if that vulnerability has not been patched quickly, probably within a week, an exploit will be created,” says Bowling.  The joint advisory listed several CVEs that Iranian cyber actors leverage to gain initial access. Patches are available, but the advisory warns those will not be enough to mitigate the threat if actors have already gained access to vulnerable systems.   Potential Victims   Who are the potential targets of ongoing cyber campaigns of Iran-based threat actors? The joint advisory highlighted defense, education, finance, health care, and government as sectors targeted by Iran-based cyber actors.   “What is … the case with a lot of nation-state-sponsored threat activity right now, it’s … targeting a little bit of anyone and everyone,” says Small.   As the countdown to the presidential election grows shorter, threat actors could be actively carrying out influence campaigns. This kind of activity is not novel. In 2020, two Iranian nationals posed as members of the far-right militant group the Proud Boys as a part of a voter intimidation and influence campaign. Leading up to the 2024 election, we have already seen the hack and leak attack on the Trump campaign.     Other entities could also fall prey to Iranian threat actor groups looking to spread misinformation or to simply create confusion. “It’s possible that they may target government facilities, state or local government, just to add more chaos to this already divided general election,” says JP Castellanos, director of threat intelligence for Binary Defense, a managed detection and response company.   Vulnerable operational technology (OT) devices have also been in the crosshairs of IRGC-sponsored actors. At the end of 2023, CISA, along with several other government agencies, released an advisory warning of cyber activity targeting OT devices commonly used in water and wastewater systems facilities.   In 2023, CyberAv3ngers, an IRGC-affiliated group, hacked an Israeli-made Unitronics system at a municipal water authority in Pennsylvania. In the wake of the attack, screens at the facility read: “You Have Been Hacked. Down With Israel, Every Equipment ‘Made In Israel’ Is CyberAv3ngers Legal Target.”  The water authority booster station