The risks and best practices of deploying AI to an enterprise – Anurag Lal – ESW #366
- What to be aware of when deploying GenAI
- Key use cases and successes organizations are having with GenAI
- Some of the risks to be aware of
- How to prepare employees for GenAI
- Best practices to prepare for evolving threats
Anurag Lal is the President and CEO of NetSfere. With more than 25 years of experience in technology, cybersecurity, ransomware, broadband and mobile security services, Anurag leads a team of talented innovators who are creating secure and trusted enterprise-grade workplace communication technology to equip the enterprise with world-class secure communication solutions. Lal is an expert on global cybersecurity innovations, policies, and risks.
Previously Lal was appointed by the Obama administration to serve as Director of the U.S. National Broadband Task Force. His resume includes time at Meru, iPass, British Telecom and Sprint in leadership positions. Lal has received various industry accolades including recognition by the Wireless Broadband Industry Alliance in the U.K. Lal holds a B.A. in Economics from Delhi University and is based in Washington, D.C.
- Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.
Shifting Cybersecurity Philosophy from Threat-Centric to Compromise-Centric – Martin Roesch – ESW #366
CEO at Netography. Proven entrepreneur and business leader. Original author of the Snort open source project. Founder of Sourcefire and early pioneer of the Open Core business model.
- You're invited to InfoSec World 2024 at Disney’s Coronado Springs Resort in Lake Buena Vista, FL, from September 23-25. Join top cybersecurity experts for this premier event! Save 25% on your pass by using code ISW24-SW25 when you register at securityweekly.com/infosecworld2024. Don’t miss out on this exclusive opportunity!
Is GenAI Having a Rough Time? We check in to see how it’s doing. – ESW #366
Adrian Sanabria
- FUNDING: Huntress Raises a $150M Series D
$150M Series D at a $1.55B valuation, led by Kleiner Perkins, Meritech Capital, and Sapphire Ventures. Total funding is now $309.8M.
"Huntress is the leading cybersecurity partner for small and mid-sized businesses (SMBs) and the managed service providers that support them."
- FUNDING: Semperis Secures $125 Million in Growth Financing – Semperis
$125M "venture round" (or Series D down round?) led by Hercules Capital and JP Morgan. Total funding is now $498.3M
"Semperis is a developer of enterprise identity protection and cyber resilience for cross-cloud and hybrid environments."
- ACQUISITIONS: NetSPI expands proactive security with strategic acquisition of Hubble
- MARKET UPDATE: Cybersecurity Market Update: May 2024 Insights & Trends
- DETECTION: IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment
The latest in a series of writeups detailing how attacks happen (and apparently a brisk business selling detections as well!)
- DETECTION: A Bird’s-eye view: ShareFinder-How Threat Actors Discover File Shares (The DFIR Report)
An article that doesn't mention AI? What???
The TL;DR is that juicy stuff is in file shares. Attackers like them. Which is why setting a file-share-based trap for attackers is a really good idea.
There actually was an angle for GenAI here - generating file names and file content at scale for these file shares. But it looks like Thinkst is already doing the file/directory structure generation for you, so that's covered!
- DUMPSTER FIRE: Robert Hansen (RSnake) runs some surveys on sentiment around the Gili Ra’anan model
This is largely unsurprising and reminds me of a similar survey I did around how people felt about companies buying fake awards.
If you haven't read the original investigative piece, click here.
- BREACHES: Whistleblower Says Microsoft Dismissed Warnings About a Security Flaw That Russians Later Used to Hack U.S. Government
Some insider insight on the culture of bad decisions that culminated in a breach that will take many years for Microsoft to live down.
- BREACHES: Polyfill.io JavaScript supply chain attack impacts over 100K sites
- ESSAYS: Navigating the Entrepreneurial Journey: Highlights from BuildCon
- AI ESSAYS: How AI Will Change Democracy – Schneier on Security
A thought-provoking essay on all kinds of weird, unintended outcomes AI could result in. If you'd prefer a video version of this essay, it follows Bruce Schneier's RSA talk pretty closely.
- AI ESSAYS: Why AI Will Save the World
An essay that seems largely self-serving, I don't think this is Marc's next "Software is Eating the World" essay. I think it might be more akin to his "Metaverse" moment. Everything we're hearing about AI suggests it can't do any of the things he's suggesting without human assistance.
At least, not right now. I don't think it's a given that this technology will continue to improve and have breakthroughs at the same speed we saw from GPT2 to GPT4o, I suspect we'll start seeing issues and regression at some point.
- AI ESSAYS: I Will Fucking Piledrive You If You Mention AI Again — Ludicity
- AI HYPE CHECK: From Dare Obasanjo on X: “…you aren’t just adopting AI, you’re doing data management as well.”
Just a few tweets, but really cuts to the heart of enterprise challenges in adopting GenAI: if your data is a hot mess, the AI will reflect that mess. GIGO still applies in the age of GenAI. Much of the problem here is a data hygiene/governance problem.
- SQUIRREL: ChatGPT Now Has PhD-Level Intelligence, and the Poor Personal Choices to Prove It
A great laugh. I predict 50% of the folks you share this with won't realize it's satire.









