KnowBe4 Ad Voice (13:34)

And now a word from our sponsor. Know before it's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBeFor, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBeFor's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco. 35 vendor integrations and Counting Security Coach analyzes your security Stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users. At the moment, the risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack or email. Learn more@knowbefor.com SecurityCoach that's knowbe4.com SecurityCoach and we thank knowbe4 for sponsoring our show. The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now employees, apps and networks are everywhere.

Dave Bittner (15:22)

This means poor visibility, security gaps and added risk.

KnowBe4 Ad Voice (15:26)

That's why Cloudflare created the first ever connectivity cloud. Visit cloudflare.com to protect your business everywhere you do business.

Dave Bittner (15:47)

Next up, we've got our bi weekly Threat Vector segment giving you a preview of this week's podcast episode. David Moulton speaks with Palo Alto Network's founder and CTO Nir Zuk about Palo Alto Network's predictions for 2025. Here's their conversation.

David Moulton (16:04)

Here's a quick preview of this week's Threat Vector. Tune in to the full show on Thursday and don't forget to subscribe so you never miss a single episode. Let's get into it.

Nir Zuk (16:15)

Personally, I think that quantum computing is one of Silicon Valley's biggest hoax. It's going to turn out to be a really, really expensive hoax where any physicists that is not working on quantum computing believes that it's not going to happen and only those that work on quantum computing and will benefit from quantum computing think it's going to happen.

David Moulton (16:46)

Welcome to Threat Vector, the Palo Alto Networks podcast where we discuss pressing cybersecurity threats and resilience and uncover insights into the latest industry trends. David, I'm your host David Moulton, Director of thought leadership for unit 42. Today I'm speaking with Nir Zook, Founder and Chief Technology Officer at Palo Alto Networks. Nir's journey began at the age of 16 when he developed some of the earliest computer viruses on his Dragon 64 computer. His passion for technology and innovation is evident. After serving in the military, he worked at Checkpoint Netscreen Technologies and then in 2005 near founded Palo Alto Networks with a vision to revolutionize network security. Today we're going to talk about Palo Alto Network's 2025 predictions. These seven predictions cover a wide range of topics and you can read them all on our website. For today, NIR and I are focusing on three first, in 2025, organizations will shift toward unified data security platforms that integrate co development, cloud monitoring and SoCs for seamless AI driven threat analysis. The consolidation will enhance visibility, streamline operations and dramatically reduce detection and response times. Positioning organizations to better combat advanced threats. Second, establish organizations with massive data sets will lead AI driven innovations their data volume for continuous improvement. Partnerships between incumbents and agile newcomers will drive collaborative breakthroughs. Finally, we'll talk about quantum attacks. While they're not imminent, harvestnow decrypt later tactics by nation states will target sensitive data. Organizations should act now by adopting quantum resistant technologies and preparing with new cryptology standards to safeguard their systems as quantum capabilities evolve. Here's our conversation. Our first was a prediction about how the landscape will transform and the adoption of a unified data security platform that integrates co development, cloud environments and SoCs. So how do you think that the unified data platform will revolutionize Cyber Infrastructure in 2025?

Dave Bittner (19:04)

Sure.

Nir Zuk (19:05)

So it's very clear that it needs to happen. And the reason it needs to happen is because cybersecurity is becoming more and more data based. Meaning more and more cybersecurity functions need a lot of data in order to do what they do versus the past where we were just running signatures or some basic rules on whatever it was, traffic files and so on. And now that more and more cybersecurity functions need a lot of data. What we're observing is that there is a superset of that data that is of course shared across all of them. Meaning if you look at what the soc, the Security Operations center, needs in terms of data to perform its tasks of detecting and responding to attacks very quickly, that data contains pretty much everything that all the other cybersecurity functions need. When I say other functions, I mean things like IoT and OT, security detection based on DNS, cloud security, and quite a few other functions. And then the question is, are we going to see 10 different data lakes, each containing tons of data, or are we going to see one data lake containing all the data? And I just don't see a good reason for the former, not a single good reason and only good reasons why everything will be in the same data lake. It's of course cheaper. It is much more environmental friendly because you store once, you process once. So you need less resources and more importantly, it works better probably if you have all the data in one place. Our very smart engineers and data scientists will be able to use some extra data that's in the data lake to make IoT security better in ways that we didn't think about before. Okay, so bringing all the data in one place just makes a whole lot of sense. Running many different cybersecurity functions of that data lake makes a lot of sense. And that was our first prediction in 2025 we're going to see it start happening.

David Moulton (21:26)

Can you talk about some of the potential risks and benefits of centralizing cybersecurity into a single platform?

Nir Zuk (21:36)

So I often hear about concerns from customers when we talk about those things, and the main concern that they have is vendor lock in. And my answer to that is, you know, sorry, that's the way the world is. Meaning you have one CRM solution in your organization. So if you picked salesforce.com, you're kind of locked in with salesforce.com and switching from salesforce.com to another vendor as your main repository for all the data is going to be very difficult. And the same is true for your ERP and other data driven solutions that you have. So there is going to be some vendor lock in. Of course, we need to look at vendors that have partners that use the same data lane for different functions, and we need to make sure that that vendor lock in can be mitigated. So that's probably the biggest risk that I'm hearing about from customers. From their perspective, I think that many other risks are not as relevant. For example, customers say, hey, if I put everything in one place, what if you get hacked? And my answer is, number one, it's much easier to guard one data lake than 10 data lakes. And number two, there's a smaller chance of one data lake getting hacked versus 10 data lakes. So if you spread your data with replication across 10 different data lakes, you are at a higher risk. There is the risk of what if I work with one vendor and that vendor misses an attack that another vendor would have found? The answer to that is usually it's not about the vendor, it's about the data. Meaning machine learning and other types of AI differ from each other not by how good your algorithms are, because these algorithms are all known. They differ a little bit by how good your data models are, but that's only 10% of the picture. 90% of the difference between different AI based solutions is the actual data and it's really the quantity of the data. So this idea that if I work with one vendor versus if I work with five, I might miss something is actually. It's actually the opposite is if you work with one vendor and you put all the data in one place and you work off five times the amount of data, you have a much better chance of detecting things versus separating into different data lakes.

David Moulton (24:13)

Thanks for listening to this segment of the Threat Vector podcast. If you want to hear the whole conversation, you can find the show in your podcast player. Just search for Threat Vector by Palo Alto Networks each week I interview leaders from across our industry and from Palo Alto Networks to get their insights on cybersecurity, the threat landscape, and the constant changes we face. See you there.

Dave Bittner (24:39)

Don't forget, you can catch new episodes of Threat Vector every Thursday on our website and on your favorite podcast app, you can find a link in our show Notes. And finally, a new study shows that being watched even by lifeless CCTV cameras turns us into hyper vigilant gaze detectors, as if we're all starring in our own episode of Big Brother. Conducted by researchers at the University of Technology Sydney and published in Neuroscience of Consciousness, the study found that surveillance tweaks our brains in unexpected ways. Participants under watchful eyes detected faces almost a second faster than their unobserved peers, suggesting an involuntary boost to our built in threat detection systems. Lead researcher Associate Professor Kylie Seymour explains, this heightened face spotting ability evolved for survival, but surveillance may crank it up without us realizing. While participants shrugged off concerns about being monitored, their brains had other plans. This hypersensitivity mimics patterns seen in social anxiety and psychosis, raising questions about the mental health impact of our surveillance heavy society. So the next time you catch yourself scanning for faces on a crowded street, blame Big Brother, not paranoia. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies. This episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Our executive editor is Brandon Park. Simone Patrick Trella is our president, Peter Kilpe is our publisher and I, Dave Bittner. Thanks for listening. We'll see you back here tomorrow.