Transcript
it's like AI in so many ways or well
it's like let's first define what we
mean by AI it's like I mean it's like
because AI has been around in different
kinds of forms in in so many ways for a
very very long time so it's not really
that new in many ways i think what we
often mean when we say AI is in
particular natural language processing
the cap capability to do this at scale
both written as well as spoken i think
what we mean uh frequently is generative
AI that can create content whether it's
text or even images videos sounds like
so it's like I think that that kind of
capability is has been around also for
quite a while but it now has really been
becoming very accessible for everyone
right it's like and I think that's a big
difference that we've seen in terms of
the AI revolution or whatever you want
to call it in these days so it's like if
I look at those kind of like changes
that have been happening there over the
last few years it's it's becoming really
a new tool for both adversaries as well
as defenders right in we've already seen
it's like the use of generative AI to
fake videos to fake the voice of people
it's like sometimes even in in real time
so it's like I'm speaking to you with a
completely different voice completely
different video and the the the the
hardware is now in people's hands to do
this literally in real time that changes
obviously social engineering in very
significant ways in a similar way it's
like if you think about it agentic AI
such as agentic AI can quickly go out
and um uh farm social media and other uh
other kind of like sources on the
internet in order to optimize for uh
spear fishing at scale it's like and
again it's like all of this was
available before some of the changes
that we're seeing today are really that
suddenly things start to happen at much
bigger scale much much larger and faster
than uh this was possible before there's
also um uh generative AI systems uh like
warm GP GPT etc etc who that that are
capable of generating malware um similar
to how you would interact with a chat
GPT or or other kind of AI system so
those un unrestricted uh um generative
AI systems are definitely capable of
um
putting malware into the hands of people
that would not have been able to create
that kind of malware before so in many
ways more scalability more capabilities
of doing things that used to be in the
uh realm of nation state uh nation state
adversaries in the past now basically
for for everyone and that's on the other
side is like requires a lot of
thoughtfulness on the defender side as
well and on the defender side is like we
we've been using AI now in in massive uh
in massive ways as well whether it's uh
around the detection logic um on
endpoints or in in uh our alerting and
monitoring systems so there's there's a
lot of machine learning and AI uh in
there so Edacronis is like we've been
recently uh extending our XDR solution
to include also the capability to query
into the system uh using natural
language and then automatically generate
reports for customers uh through through
a genai kind of capability so instead of
writing for for hours it's like this
this streamlines things quite a bit of
course
[Music]
oh absolutely yeah i mean it's like
you've you've had all kinds of attacks
um against the DNS resolution
infrastructure and if that's possible
through cash poisoning or or other stuff
which we've seen in the past
and more modern uh uh things derived
from that then absolutely it's like you
can you can essentially it's like pose
as a legitimate uh AI system and then
start to start to uh lure people into it
and obviously this this would be a whole
campaign so you need to have to set up
the right infrastructure if you use a
typo squaded
um URLs you you'd have to make sure that
you can defend them long enough and then
uh perhaps use some some flux or double
flux cap technologies in order to to uh
hop around so that people don't catch
you there's there's a bunch of different
ways acronis we work closely with
um with um MSPs some managed service
providers and they're they're the ones
who are really um in many cases not all
of them of course but it's like in many
cases using our technologies in order to
uh secure the um uh environment of the
of the end customers and this can be
small and medium businesses large
businesses you just name it what we're
doing there is like we're offering
different kinds of uh security
technologies so it's like whether it's
an endpoint endpoint protection we have
our well- renowned Acronis backup
capabilities that can protect against
ransomware and some other kind of like
uh things we have email security in
place and some some other technologies
like configuration management
capabilities that that we allow to to
keep things safe right but it's like
that obviously does not necessarily
protect you against social engineering
attacks which are actually based on our
threat reports on the rise so what
becomes really important there is also
to include security awareness training
and it's like include training in
general for the employees of of
companies in order to make sure that
they realize or can recognize social
engineering attacks whether they be
fishing or otherwise through smishing so
as their text SMS or WhatsApp or what
have you in a meaningful
time opportunities abound as always of
course no I think the markets in general
not bad at all it's like um they we've
we've seen the amount of uh chaos that a
well orchestrated attack can can cause
it's like just think it back for example
at Solar Winds it's like the from a
supply chain attack it's like it was it
was very intense and it's like obviously
that requires a lot of response so
there's plenty of opportunities left and
right i would say it's like I I don't
haven't heard from anyone that they have
enough staffing available there's you
it's usually relatively easy to to find
a job in in security whether it's on the
compliance side or application security
side detection response side incident
response etc so there's there's I mean
there's also the other things like
there's a lot of uh different
specializations within security that are
really available and that are uh are
needed across the board what I usually
find very hard uh to hire for is uh
application and product security or full
stack security engineers because um you
frequently need on the one side the uh
technical skills of someone who writes
code who creates uh systems and and
services but thinks that looks at this
through the lens of the adversary so
it's like really has that uh uh that red
teameming mindset almost in mind in
order to be able to to look at that and
those kind of like talent those kind of
like engineers are somewhat rarer than
than others so I think uh that's
definitely field if if anyone of your
listeners wants to focus on I would
recommend looking into
[Music]
that it really depends to be honest with
you on the on the kind of specialization
that you want to go into so for example
if you if you're looking into doing risk
management compliance audits um those
kind of like areas it's like you you you
need to have a high degree of uh um the
ability to to go into details to look
look at controls to to manage large
amounts of data that you need to collect
fine information in there so it's like
it's skills that are typical for like a
financial auditor or forensic auditor
for example that would be an excellent
uh um starting point to transition then
into cyber security careers like in into
this so that's that's one skill set just
like I already said it's like from
application security engineer or product
security engineer you need to know how
to build systems and then break them
afterwards basically that's what it
comes down to right detection and
response engineers and and analysts is
like really need to be able to to manage
complex alerting system complex complex
environments that can fire all kinds of
events at all all kinds of times and
then differentiate between the um false
false alerts and uh and true truly true
uh attacks and then have the tenacity to
really dive into the data that gets
presented to them and figure out where
things came from so there's I think
there's like depending on what you do in
security there are different types of uh
um folky and skills that you really need
to develop if you if you're doing a
leadership role there it's like you need
a lot of patience and empathy and uh the
ability not to panic too quickly
the patients um a huge degree of empathy
you need to really also think about how
you communicate because many many times
it's like uh the ability to communicate
either with the right level of and
urgency or the right level of concern
without panicking on the other hand is
like is critically important to guide
you through an incident you also have
it's like outside of incidents you have
the need to communicate correctly
there's many things many times where
security needs to make changes to the
operational environment and uh not it's
not always the fun changes that make
lifeh so much easier and better for
people but it's like they can sometimes
make life a little bit harder it's like
when we introduced multiffactor
authentication it was obviously not uh
easier afterwards it was somewhat harder
so the ability to communicate those in a
um thoughtful manner is like in a again
it's like empathetic manner as well i
was like "Hey guys it's like we
understand that this is not really great
but there's a good reason for this." And
really become a teacher and educator is
is pretty important i would
say that's a seriously interesting
question and it's it's difficult to
answer it's like what I need most is the
skill it's like and the ability to to
learn I would say um and I think both
certifications as well as degrees can
document that ability that ability and
the willingness to learn it's not
necessarily the kind of content that is
uh that that you do learn there thinking
back it's like uh I was advising some
some uh security programs a few years
back at university is they were doing
Java 101 classes and some of the
graduate courses and I'm looking at this
going like guys this is pointless it's
like I mean this may be a good niche uh
uh uh class for certain types of things
that you want to do but at the same time
it's like this is not necessarily the
the very heart of what you need to worry
about but I think what it does both
certificates as well as degrees they
they do demonstrate that people can sit
down for an extended period of time look
at complex problems try to solve solve
them and then apply this in meaningful
ways for for their careers so I wouldn't
I wouldn't want to put an emphasis on
the one or the other i would say as long
as these these somewhat theoretical
exercises are accompanied with plenty of
hands-on experience they can both be
extremely useful uh they can provide the
necessary foundations for for someone to
really build that operational experience
which is ultimately what they're going
to be needing in in their job and it's
like that is something that I would
really emphasize to anyone uh going into
security it's like please do not go to
like a twoe uh certification mill is
like do the cramming there and then come
out as like I got my uh CISSP or
whatever certificate uh security A+ or
what what have you this is not this is
not how you get good at things it's like
you get good at things with a playing
around with technologies like trying to
break it trying to do stuff and then
afterwards taking taking a certification
for example basically without preparing
for it just because you know the stuff
already and it's similar with the degree
programs it's like if you only focus on
passing the tests and uh not really
applying this in like a home lab it's
like then then it's it's it's it's a
it's a lost cause to be quite frank like
I'm sometimes more interested is like
how somebody's home lab or or AWS setup
looks like versus like what kind of
class they took last in in in their
degree program so the the practical
application is is really really
important to to really complement the
theoretical learning as
well so internships are awesome i would
recommend everyone to try to go after
those but I also recognize that not
everyone does get that those kind of
internships it's like they're they're
not it's not like there an infinite
amount of internships available what I
would say is like if you can't get into
an organization to do this it's like set
things up for yourself it's like
literally go out there there's there's
tons of uh labs that are can be
sometimes download or many times
downloaded for free is like you can set
things up for yourself try to solve some
problems for yourself create an
environment uh and then attack it
afterwards this is really is like by by
playing around with the technology and
by learning how how it actually works
you really gain a a lot of information
in terms of like what how how a
adversarial actor would would go about
this as well and this can include
learning some some uh offensive
technique at the same times like I would
also warn people like offensive
techniques is not everything it's like
if you're the perfect hacker that
doesn't necessarily mean that you're
really good at security um it it is is
really that rounding out it's like
looking at multiple different things
build systems tear them down and then uh
try to try to understand and analyze
what what went wrong and why and how you
can improve on that i think that's
really uh the important piece and that's
many times in today's world it's like
it's the stuff that you can do with
almost no cost or very very little cost
by yourselves if you're sufficiently
motivated
yeah yeah i think having a portfolio
there is like would definitely be fun
it's like sometimes participating in
competitions it's like uh a lot of the
um especially some of the smaller kind
of conferences more regional ones they
they frequently have uh capture the flag
exercises and stuff like that
demonstrating that you can do some of
those things is is definitely show shows
effort and shows interest um and would
definitely go a long way in terms of
convincing me is like hey there's
somebody who's who's actually interested
in this and wants to learn more about
things so it again it's like it's not
one simple kind of like way it's like
it's not just like I pass my I pass my
exam and I get my search and then uh uh
life is good it's like show that you're
really wanting and interested thinking
out of the box and quite frankly um I
mean I did never had a formal computer
science education whatsoever is like I
got I did physics and um it's like that
u generally nothing to do with the
computers specifically since it was
theoretical physics so the only thing I
need was a piece of paper and a pencil
but at the same time it's like I did a
lot of things on on the side on my own
and I think that is really something
that you can use to to demonstrate
especially once you start to get into
the interviews and you can talk about
those things it's like think about this
up front what are you proud of in terms
of like what you've done it's like
whether it's being effective at a
particular capture the flag or some some
other exercise or uh participating in a
in a class project um that really built
some some technology uh or or or
defended some technology etc etc i think
all those things are
relevant it's like it's similar to what
uh someone who has has started out in a
security program or computer science
program would have to do as well it's
like really get read up on things like
uh stay stay current with what's going
on i mean there's there's tons of
resources on all kinds of social media
and um blog blogs like podcasts uh what
have you definitely stay on top on top
of those kind of things experiment
yourself get your get your hands dirty
in in in learning what what is going on
and uh drive it from there it's like
like I said it's like one one of the big
values that I see in a degree in general
is demonstrating the willingness and
ability to learn capability to learn and
it's like stay focused on a program for
for a couple of years and that you can
demonstrate that with a uh with a cyber
security degree but you can also
demonstrate this with many many other
degrees as well so it's like I that is
really not that super important to me to
be honest with you what is more
interesting like I said is like how does
your home lab look like like what have
you what have you played around with on
public cloud have you created any kind
of applications that could be kind of
fun have you been in local uh meetups or
uh or or workshops or or stuff like that
of groups that are focused on security
and talk to other people there as well i
think that's really important