"It's the most wonderful time of the year ... for corporate security bosses to run tabletop exercises, simulating a hypothetical cyberattack or other emergency, running through incident processes, and practicing responses to ensure preparedness if when a digital disaster occurs. "We're ultimately testing how resilient is the organization," said Palo Alto Networks Chief Security Intelligence Officer Wendi Whitmore in an interview with The Register. "It's not if we get attacked, it's: How quickly do we respond and contain these attacks.""
"And this year, organizations need to account for the speed of AI, both in terms of how attackers use these tools to find and exploit bugs, and how defenders can use AI in their response. "Threat actors are exploiting CVEs at an increased rate with AI," Google Cloud's Office of the CISO Public Sector Advisor Enrique Alvarez told The Register. "Tabletop exercises should consider a scenario where a CVE is published affecting a software system in use by the company with an immediate exploit via a cyber adversary.""
Organizations must run tabletop exercises to test resilience and incident processes, practicing responses to cyberattacks and emergencies. AI accelerates attackers' capabilities, enabling faster reconnaissance, automated vulnerability scanning, and rapid exploitation of newly published CVEs. Defenders must integrate AI into response planning while preventing LLM data leakage and managing an expanded attack surface. SOCs ingest massive telemetry that must be synthesized into correlated alerts, with only a tiny fraction requiring tier-three human intervention. Exercises should model scenarios where published vulnerabilities are exploited within minutes and validate detection, containment, communication, and recovery workflows under compressed AI-accelerated timelines.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]