From healthcare and financial services to government agencies, critical sectors around the globe are embracing the benefits that large language models (LLMs) and other AI systems can provide when it comes to driving efficiencies, enabling data-driven decision-making and powering innovative products and services.

But 2024 has also been the year of the data breach and the cyberattack, with high-profile disruptions downing critical sectors — like healthcare, finance, retail and even government agencies.

As AI technologies become increasingly integrated into our enterprise operations, the potential for misuse and abuse is growing, necessitating robust strategies to safeguard against malicious use.

And with the news Monday (Aug. 2) that Meta has released a new suite of security benchmarks for LLMs, CYBERSECEVAL 3, to empirically measure LLM cybersecurity risks and capabilities, the fundamental need for protecting data privacy in the development and deployment of AI technologies is top of mind for businesses processing sensitive information for algorithmic development and deployment.

Read more: At Your Service: Generative AI Arrives in Travel and Hospitality

Advancing the Evaluation of Cybersecurity Risks in LLMs

Data breaches, like AI systems, are not a new phenomenon, but their scale and impact have grown exponentially in recent years as digital transformation has swept the business world and the cost of computing power has significantly decreased relative to its capabilities.

Against this backdrop, the increasing sophistication of cybercriminals, coupled with the vast amount of data being generated and stored by businesses to train purpose-built AI models for enterprise use, has created a perfect storm for data breaches.

“AI is vulnerable to hackers due to its complexity and the vast amounts of data it can process,” Jon Clay, vice president of threat intelligence at cybersecurity company Trend Micro, told PYMNTS in an earlier discussion. “AI is software, and as such, vulnerabilities are likely to exist which can be exploited by adversaries.”

One of the key risks associated with LLMs is the possibility of data leakage. If a breach occurs during the training phase, sensitive information could be inadvertently exposed within the model itself. For instance, if an LLM is trained on email communications that include sensitive information, such as contracts or financial data, that information could be retrievable from the model even after the training process is complete.

For enterprises using LLMs trained on sensitive data, the implications of a data breach are far-reaching. First and foremost, there is the risk of regulatory noncompliance. In many jurisdictions, companies are required to adhere to strict data protection laws, such as the General Data Protection Regulation (GDPR) in Europe or the California Consumer Privacy Act (CCPA) in the United States. A breach involving sensitive data could result in significant fines and legal action, not to mention damage to the company’s reputation.

PYMNTS Intelligence finds that over a quarter of surveyed firms (27%) use AI for high-risk, complex tasks, while nearly 90% have at least one high-impact use case for the innovative technology.

Read more: Most CFOs See Limited ROI From GenAI, but Boost Its Investment

The Intersection of Data Breaches and AI Security

According to the research paper published by Meta, key strategies in mitigating the risks associated with powerful AI tools include red teaming; adversarial training; robustness checks; transparency in AI development, with comprehensive documentation of models, datasets, and methodologies; and engaging with the broader AI community.

“CYBERSECEVAL 3 assesses 8 different risks across two broad categories: risk to third parties, and risk to application developers and end users,” the researchers wrote.

PYMNTS explored the business impact of Meta’s Llama 3.1 in July, noting that businesses are weighing the implications of access to powerful, cost-free AI against the difficulties related to implementation and security.

And as enterprises increasingly rely on AI and LLMs to drive innovation and growth, the risks associated with data breaches cannot be ignored. The sensitive nature of the data used in training these models, combined with the growing threat of cyberattacks, makes securing AI systems a top priority for businesses across all industries.

But by implementing robust security measures, adopting ethical AI practices and preparing for potential breaches, enterprises can protect their valuable data assets and maintain the trust of their customers in an era where data breaches are everywhere.

The post Data Breaches Are Surging: What That Means for Enterprise LLMs appeared first on PYMNTS.com.

Against this backdrop, credential theft has become the emerging initial attack vector of choice for many hackers, as both the recent information systems breach at Dick’s Sporting Goods and the rising fallout from the April data theft from National Public Data, which exposed billions of individuals’ personally identifiable information, show.

The reasons are relatively straightforward: stolen credentials can grant direct access to internal systems, often without raising immediate alarms. With these credentials, attackers can move laterally within a network, exfiltrate data or deploy ransomware with minimal resistance.

The appeal for cybercriminals lies not just in the immediate access but in the potential to remain undetected for extended periods, allowing them to maximize the damage.

In the case of Dick’s Sporting Goods, hackers exploited stolen credentials to gain access to sensitive customer data, leading to a breach that compromised millions of accounts. Similarly, the breach at National Public Data underscored how the theft of a single set of credentials can have far-reaching consequences, potentially exposing vast amounts of personal information.

But while cyber and data breaches are becoming almost unavoidable, that doesn’t mean businesses should just sit back and take intrusions on the chin.

Read more: Why Business Email Compromise Scams Target Valuable B2B Relationships

How Enterprises Can Prevent Disasters

In today’s digital landscape, large businesses will continue to be attractive targets for cybercriminals. The combination of valuable data, complex systems and the potential for significant ransom payments makes them particularly vulnerable.

By understanding the methods used by attackers and implementing a multi-layered approach to security, businesses can take key steps that help prevent a disruption from escalating into a disaster.

In interviews for the “What’s Next in Payments” series, executives stressed to PYMNTS that a multilayered security strategy, also known as defense in depth, is crucial for reducing risks at various levels. This approach means implementing multiple defensive measures across the enterprise network.

That’s because when an attacker gains initial access through stolen credentials, the potential for escalation is significant. What might begin as a minor disruption — such as a temporary data breach or unauthorized access — can quickly spiral into a full-scale disaster.

“You may not have realized it yet, but they’re going to hit you,” Amount Director of Product Management Garrett Laird told PYMNTS. “The fraudsters are jerks — and they like to hit you on holidays and on weekends, at two in the morning.”

The larger the organization, the more complex its IT infrastructure tends to be. This complexity can create gaps in security, providing multiple points of entry for attackers. Large businesses often have extensive supply chains, where each link can be a potential vulnerability. Hackers often target these weaker links to gain access to the larger enterprise. Once inside the network, attackers can move laterally, gaining access to more sensitive systems and data. This movement is often done quietly, allowing the attacker to remain undetected.

Read more: Delta, CrowdStrike Fallout Highlights Why Firms Need a Recovery Plan

Reduce the Risk of Initial Access Through Stolen Credentials

As long as there is valuable data to steal or systems to exploit, cybercriminals will continue to innovate and develop new methods to breach even the most secure networks. No organization, regardless of size or industry, can ever be completely immune to cyberattacks. However, while it may be impossible to stop all breaches from occurring, organizations can — and must — take steps to minimize the damage and impact when they do happen.

Having a well-defined incident response plan in place is crucial. This plan should include clear steps for containing a breach, mitigating damage and communicating with stakeholders. Regular drills can help ensure that the plan can be executed effectively under pressure.

According to Dick’s filing with the U.S. Securities and Exchange Commission reporting its recent cyber breach, “immediately upon detecting the incident … the company activated its cybersecurity response plan and engaged with its external cybersecurity experts to investigate, isolate, and contain the threat.”

Segmentation is critical, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches.

David Drossman, chief information security officer at The Clearing House, described it to PYMNTS as building a “labyrinth of control” to offset damage, even if one layer fails.

The post Guarding the Gate: Cyberattacks Won’t Stop, But Their Fallout Can Be Prevented appeared first on PYMNTS.com.

The retailer revealed the incident in a filing with the Securities and Exchange Commission (SEC) Wednesday (Aug. 28), one week after it discovered “unauthorized third-party access” to its systems, including some confidential information.

“Immediately upon detecting the incident, the company activated its cybersecurity response plan and engaged with its external cybersecurity experts to investigate, isolate and contain the threat,” the filing said.

Dick’s added in the filing that it has notified federal law enforcement, that its investigation is ongoing, and that it has no knowledge that the breach disrupted its business operations.

“Based on the company’s current knowledge of the facts and circumstances related to this incident, the company believes that this incident is not material,” the filing said.

The incident comes on the heels of several other high-profile cyberattacks and cyber incidents, such as last month’s Crowdstrike outage, or the more recent breach at the Port of Seattle, which runs the Seattle-Tacoma Airport.

“Traditional cybersecurity measures, while still crucial, are no longer sufficient to safeguard against sophisticated attacks,” PYMNTS wrote earlier this week. “To protect critical assets and maintain operational integrity, organizations must blend established best practices with innovative, emerging security solutions.”

In interviews for the “What’s Next in Payments” series, executives stressed to PYMNTS the same: General best practices should be coupled with emerging security solutions.

A multilayered security strategy, also known as defense in depth, is crucial for reducing risks at various levels. This approach means implementing multiple defensive measures across the enterprise network.

David Drossman, chief information security officer at The Clearing House, described it to PYMNTS as building a “labyrinth of control” to offset damage even if one layer fails. Segmentation is critical, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches.

“You may not have realized it yet, but they’re going to hit you,” Amount director of product management Garrett Laird told PYMNTS, adding, “the fraudsters are jerks — and they like to hit you on holidays and on weekends, at two in the morning.”

The post Dick’s Sporting Goods Uncovers Cybersecurity Breach appeared first on PYMNTS.com.

And over the weekend (Aug. 24), it suffered a “possible cyberattack” that was described as an internet and web systems outage — just weeks after the July Microsoft outage that sidelined critical systems around the world, and not just the Seattle area, although that disruption came as a result of an issue from CrowdStrike, not due to illicit actors.

Still, both incidents serve as an uncomfortable illustration of just how brittle the connected economy’s core internet structure can be, particularly when faced with stressors. But as the world goes increasingly digital, the risk of online systems being targeted by cybercriminals who want to disrupt operations, steal data, or ransom sensitive information is only growing.

That’s why the FBI issued a cybersecurity-centric private industry notification (PIN) in July for infrastructure providers that stressed the importance of embracing a dual-pronged approach where general security best practices are paired with emerging security solutions.

Of course, a month later, an audit from the Department of Justice’s (DOJ) Office of the Inspector General (OIG) identified “significant weaknesses” in the FBI’s own inventory management and disposal of electronic storage media, aka data held on flash drives and other physical devices — highlighting the many-faceted challenges that enterprises face when securing their own perimeters against a rising tide of modern threats.

Read more: NIST’s Post-Quantum Cybersecurity Standards Ready for Enterprise Use

Future of Cybersecurity

Traditional cybersecurity measures, while still crucial, are no longer sufficient to safeguard against sophisticated attacks. To protect critical assets and maintain operational integrity, organizations must blend established best practices with innovative, emerging security solutions.

And for the “What’s Next in Payments” series, eight executives stressed to PYMNTS the same: General best practices should be paired with emerging security solutions, and that being proactive is the first step in protecting the perimeter.

A multilayered security strategy, also known as defense in depth, is essential for mitigating risks at various levels. This approach involves implementing multiple defensive measures across the enterprise network, including firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and network segmentation. By creating multiple barriers, organizations can prevent or contain breaches before they cause significant damage.

Read more: Delta, CrowdStrike Fallout Highlights Why Firms Need a Recovery Plan

Embracing a “defense in depth” strategy involves creating multiple layers of defense to protect an organization’s most valuable assets, often known as “crown jewels.” David Drossman, chief information security officer at The Clearing House, told PYMNTS. Drossman described such an approach as building a “labyrinth of control” to mitigate damage even if one layer fails. Segmentation is critical, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches.

As PYMNTS has reported, many of the fundamental challenges for organizations looking to maintain data security result from the sheer volume of an organization’s data, the many ways users can access the data (on-site versus remote, computer versus mobile device), and the potential for the compromise of valid user credentials being used by unauthorized users.

Effective cybersecurity is not a one-time effort but an ongoing process. Continuous monitoring of networks, systems and endpoints is vital for detecting and responding to threats in real time. Coupled with a well-developed incident response plan, this ensures that organizations can quickly address security incidents, minimizing their impact.

Read more: AWS and Mastercard Lead Call for Urgency in Protecting the Payments Perimeter

At the same time, while best practices provide a solid foundation, the changing threat landscape necessitates the adoption of emerging security solutions. These technologies offer advanced capabilities that complement traditional approaches, enabling organizations to stay ahead of sophisticated cyberthreats.

Artificial intelligence (AI) and machine learning have revolutionized threat detection. By analyzing user behavior and detecting anomalies, AI-driven tools can identify potential threats that may bypass conventional defenses. Behavioral analytics provides a deeper understanding of normal user activities, enabling more accurate detection of suspicious behavior.

Ultimately, the cyberthreat landscape is defined by change. The only constants are vigilance and adaptability, which can be companies’ best weapons when it comes to defending the perimeter.

The post Cyber Outages Reveal Need for Multilayered Defenses Across Digital Economy appeared first on PYMNTS.com.

The meeting, dubbed the Windows Endpoint Security Ecosystem Summit, will be hosted by Microsoft at its Redmond, Washington, headquarters on Sept. 10, the company said in a Friday (Aug. 23) blog post.

“Our objective is to discuss concrete steps we will all take to improve security and resiliency for our joint customers,” Aidan Marcuss, corporate vice president, Microsoft Windows and Devices, wrote in the post.

The event follows the July CrowdStrike outage, the blog post noted.

“The CrowdStrike outage in July 2024 presents important lessons for us to apply as an ecosystem,” Marcuss wrote in the post. “Our discussions will focus on improving security and safe deployment practices, designing systems for resiliency and working together as a thriving community of partners to best serve customers now, and in the future.”

Marcuss added in the post that the presence of government representatives will ensure transparency of this collaborative effort, that the summit will lead to both short-term and long-term next steps, and that updates on these conversations will be shared after the event.

The July outage Marcuss mentioned grounded flights, disrupted banks and financial services, knocked doctors’ booking services offline and caused other havoc when it struck users of Microsoft’s Windows operating system. The outage stemmed from a software update by CrowdStrike, a cybersecurity firm.

“This is a very, very uncomfortable illustration of the fragility of the world’s core Internet structure,” Ciarin Martin, professor at Oxford University’s Blavatnik School of Government, told Reuters when interviewed for a July 19 report on the incident.

The event put software updates under the microscope. Adam Lowe, Ph.D., chief product and innovation officer at CompoSecure/Arculus with more than a decade of experience with software updates, told PYMNTS in an interview posted in July that issues with essential security software like CrowdStrike can escalate dramatically. If an update disrupts core system functions, particularly at the Windows startup level, rectifying the problem can be daunting.

The post Microsoft to Host Summit on Resiliency After July CrowdStrike Outage appeared first on PYMNTS.com.

For every 12-foot-tall wall that businesses build, fraudsters start to shape an ever-more sophisticated 13-foot ladder. In this tit-for-tat landscape, constant vigilance has become crucial.

“What you want to do is catch it before it becomes a crisis,” Boost Payment Solutions Chief Technology Officer Rick Kenneally told PYMNTS for the series “What’s Next in Payments: Protecting the Perimeter.”

He added that the first step in threat detection can be as simple as “keeping up with the basics” as it relates to monitoring and compliance checks, noting that “they will turn things up.”

Within the world of B2B payments in particular, the ongoing challenge of thwarting fraudsters is especially pronounced due to the large transaction values and complex processes that can create unique and attractive vulnerabilities.

Kenneally explained that detection, prevention and protection in the B2B environment is not just about internal vigilance but also about selecting strong partners who can provide valuable insights and support.

“We ensure that we are getting that information not just from our own monitoring but also from partners who help us stay informed,” he said.

This proactive approach is important in a landscape where new threats emerge constantly, and the consequences of a breach can be catastrophic.

The Importance of Staying Informed and Proactive

In today’s rapidly evolving digital landscape, where cybersecurity threats are becoming increasingly sophisticated, protecting the perimeter of an organization’s digital infrastructure has never been more critical.

Learning from industry incidents, such as the CrowdStrike event in July, is also a critical part of Boost’s strategy. Kenneally explained how this particular incident prompted his team to reevaluate their own processes.

“The CrowdStrike incident made us sit down and think, ‘OK, what would we do if suddenly all of our laptops bricked, and people couldn’t log in? What’s our recovery process?’” he said.

This type of scenario planning is essential for ensuring that companies can respond quickly and effectively to unforeseen challenges.

While the basic approach to developing contingency plans has remained consistent over the years — bringing together the right people to think through potential scenarios — the specific threats that companies face have evolved.

“The things that we discussed change over time,” Kenneally noted, highlighting the emergence of new fraudsters and types of threats. Despite these changes, he stressed, the fundamentals remain the same: developing plans, testing them regularly and making adjustments as needed.

When it comes to strengthening the defenses against both internal and external threats, Kenneally emphasized the importance of a multifaceted approach.

“You need to look at the cybersecurity aspect and the fraud prevention aspect,” he said.

For Boost, which operates in the B2B credit card payment space, fraud prevention is built into the business model. Payments can only be made to companies that have passed a rigorous vetting process and are registered with Boost, reducing the risk of fraudulent transactions.

Building a Culture of Resilience Across Products and People

By partnering with companies that provide early warnings about threats and scams when they see them independently, such as domain spoofing attempts, businesses can stay ahead of potential threats.

“That’s an important control, and I strongly recommend it for any company,” Kenneally said, stressing the benefits of collaborative working partnerships.

“It’s about ensuring that the controls are in place and that we are partnering with our customers to mitigate risks,” he added.

This is particularly relevant given the increasing sophistication of phishing attempts, some of which may be assisted by artificial intelligence.

Another aspect of Boost’s strategy is fostering a culture of resilience and agility within the organization. This involves continuous training and education, not just for the IT team but across the entire company.

“Training is critical,” Kenneally said. “It needs to be consistent, prioritized and focused on keeping employees aware of the latest threats.”

Regular exercises, such as phishing campaigns, are also essential in maintaining vigilance.

“We take examples of phishing attempts and share them with the company to keep these threats top of mind,” he said.

As the cybersecurity landscape continues to evolve, the need for companies to protect their digital perimeter becomes more pressing. But while the threats may change, the fundamental principles of good cybersecurity — vigilance, education and proactive planning — remain constant.

For all PYMNTS B2B coverage, subscribe to the daily B2B Newsletter.

The post Cyber Hygiene: The Constant Defense Against Evolving B2B Threats appeared first on PYMNTS.com.

While understanding the tactics, techniques and procedures (TTPs) employed by a rising cohort of cybercriminals is crucial for businesses aiming to fortify their defenses against such threats, so too is fostering a culture where employees feel empowered to act when they identify potential risks.

“In our technology environment, leaders and individuals need to feel empowered to take ownership if they see something that’s not right,” Ron Green, cybersecurity fellow and former chief security officer at Mastercard, told PYMNTS for the series “What’s Next in Payments: Protecting the Perimeter.”

Green stressed that creating an environment where team members can “press the red button” when they see something wrong is important.

This approach ensures that small issues are addressed before they can escalate into larger crises.

At the same time, Green explained that it’s not enough to focus on creating new products and services; businesses must ensure that their existing systems are resilient and their teams are prepared to address any emerging threats.

In today’s interconnected world, disruptions can come from various sources — not just cyberthreats but also physical events like natural disasters or media crises.

All-Hazards Planning: Preparing for Any Eventuality

Cybercriminals employ a variety of tactics to infiltrate systems. But beyond fraudsters, disruptions can happen of their own accord. Businesses, particularly those operating in security-critical sectors, must invest in advanced threat detection and response solutions, implement robust backup and recovery processes, and conduct regular security training for employees to reduce the risk of phishing attacks.

“At Mastercard, we have a crisis team — not a cyber crisis team, not a weather crisis team, just a crisis team that handles any bad event,” Green said, highlighting the importance of an all-hazards approach to business continuity planning.

This holistic approach to crisis management allows organizations to respond effectively regardless of the nature of the disruption, he added. Moreover, real-life testing of these plans, including exercises that involve external partners such as government agencies and even customers, is vital to ensure preparedness.

Green shared that Mastercard regularly conducts over 30 tests with different scenarios and business units, often involving external entities like the FBI, Secret Service and Cybersecurity and Infrastructure Security Agency (CISA).

Regular testing, both within the organization and with external partners, ensures that when a real incident occurs, the response is swift and effective.

These exercises help ensure that on the “bad day,” everyone knows how to work together efficiently, Green said.

Strengthening Cybersecurity Through Tech, Education and Exercise

In terms of cybersecurity, Green highlighted the importance of adopting a multifaceted approach that includes advanced technology, continuous education and rigorous exercise.

On the technology front, the adoption of a zero-trust framework is critical.

“Look at those technologies that can ensure people are doing what they need to do, only what they need to do, when they need to do it, and how they need to do it,” Green advised.

This principle minimizes unnecessary access and ensures that only authorized actions are taken, reducing the risk of breaches.

Education is another pillar of a strong cybersecurity posture.

“If you feel like you know everything in security, you don’t,” Green warned.

Continuous learning is essential not just for security professionals but for everyone in the organization, and by educating all employees, companies can reduce the risk of human error leading to breaches.

One of the common challenges in many organizations is the perception that security measures slow down business processes. Green argued that when security is integrated from the beginning, it enhances agility.

“Often, the business team develops the technology and wants to move fast, but then they realize they need to get security involved,” Green said.

By embedding security officers within business units from the start, companies can streamline the process, avoiding delays and ensuring that security is an integral part of development rather than an afterthought.

Green also touched on the risks associated with rapidly adopting new technologies without considering their long-term management. Using the analogy of adopting puppies, he warned that bringing in too many new technologies without a plan for their care and maintenance can lead to chaos.

“You don’t want every animal in the zoo that you have to take care of,” he noted.

Instead, businesses should strive for standardization, which allows for more efficient management and reduces the complexity of the technological environment. While standardization is key, Green also stressed the importance of thorough testing to ensure that systems are resilient and secure.

Ultimately, he concluded, a well-rounded and proactive approach to cybersecurity and business continuity fosters trust among customers. When businesses are known for their rigorous security practices and their ability to handle crises effectively, they build a reputation for reliability and safety.

“Doing everything right and being known for doing that … develops trust,” Green explained.

Trust, in turn, strengthens customer relationships and enhances the overall resilience of the business.

The post Mastercard Executive Urges Companies to Embed Security in Their Business DNA appeared first on PYMNTS.com.

“You’re only as secure as your weakest link,” Chris Wyatt, chief strategy officer at Finexio, told PYMNTS for the series “What’s Next in Payments: Protecting the Perimeter.” “And we move money, so we can’t have the bad guys finding an easy way in.”

In today’s hyper-connected world, where the lines between digital and physical operations are blurring, safeguarding against cyberthreats has become a cornerstone of business strategy. The stakes are higher, especially for organizations dealing with sensitive financial data and payments, where a breach can lead to financial and reputational damage.

The threat landscape demands that business leaders not only react to cyber incidents but also anticipate and prevent them, particularly when it comes to payment processing.

“The goal, really, is to mandate proactive risk management,” Wyatt said, emphasizing that a forward-looking stance is critical in an industry where even a minor security lapse can have catastrophic consequences. This aligns with Finexio’s practice of embedding security into every layer of its platform to eliminate vulnerabilities in payment processing.

How Businesses Can Stay Ahead of Cyberthreats

As Wyatt added, Finexio spent the last 12 to 18 months focusing on strengthening its cybersecurity measures. This effort wasn’t just about protecting the company’s own operations but also ensuring its partners and customers benefitted from the highest standards of security.

“There was a big education component we’ve had to do with our customers,” he said, highlighting the interconnected nature of modern business operations. The focus isn’t just on reacting to incidents but on creating an environment where risks are identified and mitigated before they escalate into crises.

One of the key areas Finexio has addressed is vendor management, often a weak spot that cybercriminals exploit. Working closely with customers, Finexio has helped them shift the burden of managing sensitive information, such as automated clearing house (ACH) data, onto the company itself. This not only reduces the risk for customers but also ensures that the data is handled with the highest level of security.

Building resilience and continuity planning into business operations is also becoming table stakes for today’s cyber landscape. Redundancy and resilience are key themes businesses are embracing as they aim to ensure that operations can continue seamlessly, even in the face of unexpected disruptions. This includes building multibank and multipay partner capabilities, as well as replicating environments across different cloud providers to avoid single points of failure.

“Unfortunately, things do go down at times,” Wyatt said, referencing real-world examples like the CrowdStrike incident that disrupted multiple organizations, including major airlines like Delta.

These events serve as reminders that even the most well-prepared companies can fall victim to cyber incidents. The key, Wyatt said, is to have a comprehensive contingency plan in place, one that includes not just technical solutions but also well-documented procedures for dealing with incidents as they arise.

Fighting Fire With Fire

Part of the urgency around the cyberthreat landscape is the fact that the threats are growing increasingly sophisticated, scalable and even industrialized as new technologies like artificial intelligence become more accessible.

Wyatt said the democratization of technology has made complex tools now available to virtually anyone, making it easier for cybercriminals to carry out attacks.

That’s why the potential of AI and large language models to transform how companies manage their cybersecurity efforts is becoming so crucial, he said.

One of the most promising applications of AI lies in simplifying the often overwhelming task of navigating internal documentation. By using language models, businesses can create a system where employees can quickly find answers to complex questions without sifting through countless documents. This not only saves time but also ensures that employees are following the correct procedures, reducing the risk of human error.

As AI and other technologies continue to advance, Wyatt said he believes that businesses will be able to further narrow the “threat window” — the period during which a system is vulnerable to attack. The key is to use these technologies in a way that simplifies operations rather than adding to the complexity.

Wyatt said he sees both cultural and technical changes as essential for staying ahead of the cybersecurity threats. Leadership will continue to play a role, but the involvement of every employee is equally important in scaling the necessary shift from viewing cybersecurity training as a checkbox exercise to making it a core component of the company’s operations.

The post Cyberattack Surge Demands Culture of Proactive Security appeared first on PYMNTS.com.

“Security events and security alerts are something we deal with every single minute of every day,” David Drossman, chief information security officer at The Clearing House (TCH), told PYMNTS for the series, “What’s Next in Payments: Protecting the Perimeter.”

“The key for us is to make sure that none of those events or alerts become incidents or major crises,” Drossman said.

The imperative for organizations to secure their digital assets has never been greater, with cyberattacks becoming increasingly sophisticated and relentless. This requires planning, preparedness and a clear understanding of how to respond when an alert arises.

“First things first, you need to have your incident response planning right,” Drossman said, stressing the importance of employing an overarching incident response plan, supplemented by detailed procedures specific to information security. This dual approach ensures that when alerts occur, the organization can respond swiftly and effectively.

Still, embracing a zero-day threat behavior frequently requires standing up proactive measures and may require a cultural shift within organizations.

The plan should be supported by up-to-date threat intelligence, which can help organizations stay ahead of potential threats.

“Ensuring that your systems are getting the data they need to respond and detect threats is crucial,” Drossman said, noting that both automated and manual data feeds are necessary.

Defense in Depth: Building a Multilayered Security Framework

A key concept in modern cybersecurity is “defense in depth,” and it is emerging as one of the foundational elements of a robust cybersecurity strategy.

As Drossman highlighted, embracing a “defense in depth” strategy involves creating multiple layers of defense to protect an organization’s most valuable assets, often referred to as “crown jewels.” He described it as building a “labyrinth of control” that can mitigate damage even if one layer fails. Segmentation is critical here, especially in separating employee networks from sensitive areas to minimize the risk of internal breaches.

“It’s not just having the cyber event, it is how you respond to it … the truth is, everyone wants a perfect record when it comes to not having cyber incidents, but the most important thing is that when they happen, make sure you are prepared,” Drossman said. “That is the key to everything.”

As technology evolves, so too do the methods and tools used by cybercriminals. Drossman noted that the expansion of cloud services and third-party integrations has altered the security landscape.

Emerging technologies like artificial intelligence present both opportunities and challenges. While AI can enhance cybersecurity defenses by automating threat detection and response, it also introduces new risks that must be managed.

“We have to be aware of how AI is used within our organization and ensure it doesn’t introduce vulnerabilities,” Drossman advised, noting that organizations must continuously adapt their security strategies to account for changes, ensuring that new technologies are integrated safely and securely.

Building a Security-Conscious Culture

While technical measures are vital, cultivating a culture of awareness and responsibility among employees is equally important.

Gone are the days when information security was the sole domain of a secluded IT team. Drossman advocated for a collaborative approach, integrating cybersecurity efforts across all departments, including business technology, HR and legal. This ensures a cohesive strategy that aligns with the organization’s broader goals while maintaining robust security controls.

Ensuring that every employee understands that risk management is part of their responsibility is essential. Drossman pointed out that phishing remains a threat, often targeting individuals’ emotions or current events.

“All it takes is one person to compromise the security of an entire organization,” he warned, stressing the role of company culture in standing up a defense capable of detecting and mitigating risks before they can cause harm.

Additionally, implementing measures like multifactor authentication (MFA) helps safeguard against unauthorized access, even if credentials are compromised.

Ultimately, in an era where the cybersecurity perimeter is increasingly blurred, and threats are constantly evolving, staying ahead of potential risks is more crucial than ever, Drossman said. By fostering a culture of security awareness, using advanced technologies, and maintaining a flexible, adaptive strategy, organizations can safeguard their most valuable assets and ensure long-term resilience in the face of cyberthreats.

The post The Clearing House CISO Says Multilayered Defense Key to Operational Resilience appeared first on PYMNTS.com.

And with the news Tuesday (Aug. 13) that, after an eight-year-long process, the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has finalized its principal set of encryption algorithms designed to withstand cyberattacks from a quantum computer, businesses dealing with an emergent and sophisticated breed of cybercriminals can breathe a small sigh of relief.

While observers may be wondering what the big deal is about post-quantum (PQ) cryptography — particularly when nobody has actually seen or used a real quantum computer, and their commercial viability remains perpetually 10 years away — the big deal, so to speak, is actually a simple one: post-quantum security standards are by definition safer, more resilient, and more flexible than existing classical measures.

The advent of PQ protocols raises the bar for security solutions more broadly, and their standardization will have almost as large an impact on payments, commerce and the financial sector as quantum computing itself is one day slated to.

“The advancement of quantum computing plays an essential role in reaffirming America’s status as a global technological powerhouse and driving the future of our economic security,” said Deputy Secretary of Commerce Don Graves in a statement.

“NIST is providing invaluable expertise to develop innovative solutions to our quantum challenges, including security measures like post-quantum cryptography that organizations can start to implement to secure our post-quantum future. As this decade-long endeavor continues, we look forward to continuing Commerce’s legacy of leadership in this vital space,” the deputy secretary added.

Of the three NIST standards, one is intended for general encryption, which protects data as it moves across public networks, while the other two are meant to secure digital signatures, which are used to authenticate online identity — all crucial elements of the future connected economy.

Cybersecurity experts are now encouraged to incorporate these new algorithms into their systems, the agency said.

Read also: Quantum Computing Could Change Everything

Post-Quantum Cryptography and Payments

While the advent of the quantum internet creates nearly infinite opportunities for payments and commerce, it also creates many pitfalls and challenges for enterprises.

As Michael Jabbara, global head of fraud services at Visa, told PYMNTS last March, bad actors have started to steal and hold onto encrypted data in preparation for quantum computing tools to enter the market and allow them to decrypt the information.

This kind of threat is known as harvest now, decrypt later (HNDL).

Already, in a move to improve the security of its iMessage app, Apple announced in February that it is upgrading its encryption system to fend off potential quantum computing attacks, while in September, encrypted messaging app Signal boosted its own encryption by adding support for the post-quantum cryptographic PQXDH protocol.

And most recently in May, Zoom announced that it was making post-quantum end-to-end encryption (E2EE) globally available across its Zoom Workplace platform.

“Quantum computing technology could become a force for solving many of society’s most intractable problems, and the new standards represent NIST’s commitment to ensuring it will not simultaneously disrupt our security,” said Under Secretary of Commerce for Standards and Technology and NIST Director Laurie E. Locascio in a statement on Tuesday announcing the NIST’s standards. “These finalized standards are the capstone of NIST’s efforts to safeguard our confidential electronic information.”

Read more: Quantum Breakthrough From Microsoft Could Shorten Technology’s Go-to-Market Timeline

The three algorithms that the NIST has standardized are based on different math problems that would stymie both conventional and quantum computers, and they stand as strong proof points that we are at an inflection point in modern cybersecurity.

“These finalized standards include instructions for incorporating them into products and encryption systems,” said NIST mathematician Dustin Moody, who heads the PQC standardization project in a statement. “We encourage system administrators to start integrating them into their systems immediately, because full integration will take time. … There is no need to wait for future standards, go ahead and start using these three. We need to be prepared in case of an attack.”

As PYMNTS Intelligence has found, a central challenge the financial services and banking industry now faces is the need both to leverage new technologies and to master the art of securing them.

As next-generation financial services roll out, the ability to secure them effectively will likely be a key differentiator for banks and financial institutions — a litmus test for attracting and retaining customers in a digital-first economy.

The post NIST’s Post-Quantum Cybersecurity Standards Ready for Enterprise Use appeared first on PYMNTS.com.