Learning Library

← Back to Library

2025 AI Security and Incident Review

57m • Unknown Channel • security • news • intermediate • Watch on YouTube ↗

Key Points

The episode reviews the past year’s cyber‑security landscape, featuring three segments on AI & data security, incident response, and broader 2025 trends with expert panelists.
Discussions highlighted the rise of AI‑powered threats, including proliferating AI agents, “shadow AI,” and the need to both defend against AI attacks and protect AI systems from manipulation.
Specific topics covered ranged from “vibe coding” and cyber‑security sensationalism to emerging quantum threats and insights from IBM’s “Cost of a Data Breach” report.
The incident‑response segment recapped notable attacks such as the Tea app breach, ClickFix exploit, and various worm campaigns, illustrating the diverse tactics cyber criminals employed over the year.

Sections

Full Transcript

# 2025 AI Security and Incident Review **Source:** [https://www.youtube.com/watch?v=gwL3iivVkiA](https://www.youtube.com/watch?v=gwL3iivVkiA) **Duration:** 00:57:11 ## Summary - The episode reviews the past year’s cyber‑security landscape, featuring three segments on AI & data security, incident response, and broader 2025 trends with expert panelists. - Discussions highlighted the rise of AI‑powered threats, including proliferating AI agents, “shadow AI,” and the need to both defend against AI attacks and protect AI systems from manipulation. - Specific topics covered ranged from “vibe coding” and cyber‑security sensationalism to emerging quantum threats and insights from IBM’s “Cost of a Data Breach” report. - The incident‑response segment recapped notable attacks such as the Tea app breach, ClickFix exploit, and various worm campaigns, illustrating the diverse tactics cyber criminals employed over the year. ## Sections - [00:00:00](https://www.youtube.com/watch?v=gwL3iivVkiA&t=0s) **Year-in-Review Cybersecurity Podcast** - The hosts introduce a special IBM Security Intelligence episode that recaps the past year’s AI, data security, incident response, and 2025 trends with expert panelists. - [00:03:17](https://www.youtube.com/watch?v=gwL3iivVkiA&t=197s) **Building Trust in AI Security** - The speakers stress the need for observable, resilient AI systems and emphasize trust as the central focus for upcoming AI and data security efforts. - [00:07:02](https://www.youtube.com/watch?v=gwL3iivVkiA&t=422s) **Securing AI Against Agent Attacks** - The speaker warns that as AI enables end‑to‑end attack tools, we must also focus on defending the AI systems themselves—citing Palo Alto’s discovery of agent‑to‑agent session‑smuggling vulnerabilities—and asks if the industry is giving AI protection sufficient attention. - [00:10:34](https://www.youtube.com/watch?v=gwL3iivVkiA&t=634s) **Risks of Poisoned AI Code Generators** - The speakers argue that as AI takes over more coding tasks, attackers could subvert the models to embed malware, making it necessary to employ separate, trustworthy AI checks to detect such intentional compromises. - [00:14:12](https://www.youtube.com/watch?v=gwL3iivVkiA&t=852s) **AI Hallucinations and Sensationalism Warning** - The speakers discuss how AI‑generated reports can hallucinate sources, urging critical evaluation without resorting to sensationalist paranoia. - [00:17:19](https://www.youtube.com/watch?v=gwL3iivVkiA&t=1039s) **AI Governance Gap Alarm** - The speaker warns that about 60% of organizations lack AI governance and security policies, likening the situation to running a race without a finish line and emphasizing the chaos and potential breach costs that will ensue. - [00:21:18](https://www.youtube.com/watch?v=gwL3iivVkiA&t=1278s) **Quantum Threats and 2026 Predictions** - The hosts wrap up the segment, thank guests, and tease Jeff’s upcoming 2026 technology predictions video, highlighting recent quantum advances and AI’s role. - [00:24:39](https://www.youtube.com/watch?v=gwL3iivVkiA&t=1479s) **Year in Review: Shiny Threat Actors** - A candid discussion about the erratic “shiny happy spiders” and related hacker groups—covering false retirements, repeated FUD tactics, surprise attacks on hospitals, and new players like ClickFix. - [00:27:58](https://www.youtube.com/watch?v=gwL3iivVkiA&t=1678s) **Social Engineering Meets Supply Chain Attacks** - The speakers critique the simplistic “don’t click” warning, examine sophisticated scams like ClickFix, and note the increasing prevalence and visibility of supply‑chain attacks across platforms such as GitHub and npm. - [00:31:51](https://www.youtube.com/watch?v=gwL3iivVkiA&t=1911s) **Breach Size Claims and Risks** - The speakers mock the overuse of “largest breach in history” labels while comparing massive data leaks, noting a health‑records breach, and cautioning that browser extensions create hidden supply‑chain vulnerabilities. - [00:35:15](https://www.youtube.com/watch?v=gwL3iivVkiA&t=2115s) **Trust Failures in Cybersecurity Episodes** - The speaker recaps three podcast episodes—an alliance data breach, a patch‑management lapse involving a long‑unpatched SharePoint flaw, and insecure contractor access—highlighting trust as the common weak point and urging security professionals to educate the public. - [00:38:52](https://www.youtube.com/watch?v=gwL3iivVkiA&t=2332s) **Session as New Security Perimeter** - The speakers discuss evolving threats—from ransomware and cryptomining to token hijacking—and argue that authentication sessions are becoming the next security boundary. - [00:42:17](https://www.youtube.com/watch?v=gwL3iivVkiA&t=2537s) **Securing Delegated AI Agents** - The discussion warns that entrusting credentials to AI agents creates inevitable theft and hijacking risks, emphasizing the urgent need for strong security guardrails and defenses for both businesses and individuals. - [00:48:04](https://www.youtube.com/watch?v=gwL3iivVkiA&t=2884s) **Observability, Change, and Shadow AI Threats** - The speakers discuss how continuous change requires observability to quickly surface unknown risks, while warning that shadow AI agents and crypto‑mining misuse represent emerging threats that enterprises must proactively address. - [00:51:22](https://www.youtube.com/watch?v=gwL3iivVkiA&t=3082s) **Resilient Crypto Amid AI Threats** - The speakers examine AI agents exploiting privileges, the emerging operational risks to cryptographic systems, and express optimism about upcoming defenses such as crypto‑agility, system resilience, and AI‑powered threat intelligence. - [00:56:21](https://www.youtube.com/watch?v=gwL3iivVkiA&t=3381s) **Closing Remarks for Cybersecurity Podcast** - The host wraps up the episode by thanking panelists, guests, and listeners, urging everyone to stay safe as they look toward the upcoming year. ## Full Transcript

0:00this idea of vibe coding. Yeah, it it's 0:03it's great until it's not. The AI, the 0:07code that it writes, you know, is 0:09getting better. It didn't used to be 0:11great, but it's getting better and it's 0:13going to keep getting better. I like to 0:15say, don't bet against AI. 0:16>> All that and more on security 0:18intelligence. 0:24Hello and welcome to Security 0:26Intelligence, IBM's weekly cyber 0:28security podcast where we break down the 0:31most interesting stories in the field. 0:34Now, today we're doing something a 0:35little bit different. Uh instead of 0:37breaking down stories from the past 0:39week, we are breaking down stories from 0:41the past year with the help of some of 0:44our favorite panelists. Of course, 0:46they're all favorites. These six just 0:48said yes when we asked them to join us. 0:50And here with me today is Patrick 0:52Austin, staff writer for IBM Think and 0:55the news correspondent for this podcast. 0:57Patrick, thank you for stepping in front 0:59of the camera with me today. 1:00>> Thanks for having me, Matt. Uh, happy to 1:02be here. 1:03>> Absolutely. Now, the way the show is 1:05going to work is we have three segments 1:07for you all today. We've got Michelle 1:08Alvarez and Jeff Kroom on the year in AI 1:11and data security. We've got Dave Bales 1:14and Nick Bradley on the year in incident 1:15response. And we've got Suja Visen and 1:18Shridhar Mupiti with a broad survey of 1:20some of the big lessons, trends, and 1:21innovations of 2025. Now Patrick, you 1:24talked to Suja and Shridhar. Can you 1:27maybe give us a little taste of what 1:28your conversation covered? 1:29>> Of course. Yeah, we um Suja Shridar and 1:32myself touched on the topic of cyber 1:34security software and cyber security in 1:36the past year. It's been a very uh busy 1:39year in terms of cyber security 1:41especially when it comes to AI powered 1:44um cyber security incidents. We 1:46discussed um we discussed the 1:50proliferation of AI agents. We discussed 1:53shadow AI um and the and the havoc it 1:57can wreak on a corporation potentially. 1:59And we discussed innovations and 2:01responses that companies can take in the 2:03in the next year when it comes to 2:04combating uh cyber attacks. 2:07>> Absolutely. And that kind of, you know, 2:09really funnels into what Michelle and 2:11Jeff and I talked about, which was some 2:13of those gaps and edges in AI security, 2:16right? Like we talk a lot about, you 2:18know, how we have to protect ourselves 2:20against the AI and and deal with shadow 2:22AI and stuff, but we also talked a lot 2:24in in my conversation with with Michelle 2:26and Jeff about the need to protect AI 2:28from people, right? Like this is a new 2:30kind of technology that can be like 2:32socially engineered in a way that other 2:34things can't. So, we covered that. And 2:36along the way, we also touched on vibe 2:38coding, cyber security sensationalism, 2:40quantum threats, and of course, IBM's 2:43cost of a databach report. can't look 2:45back on the year without touching that 2:46one. And then with Nick and Dave, we 2:48dove into a kind of veritable carnival 2:50of cyber incidents. You know, we talked 2:52about the tea app and and click fix and 2:55the shy hallude worms, scattered laps as 2:57hunters, all kinds of stuff. And a big 3:00theme that emerged for this year and 3:02next year across both of my 3:03conversations, and I'll be interested to 3:05hear if you felt like this theme was in 3:06yours, too, was this idea of trust. Who 3:09has it? Who shouldn't have it? How do 3:11you give it out? Did that come up in any 3:13of your conversations at all? 3:15>> Absolutely. I think that maybe was one 3:17of the most uh pivotal or integral 3:20points of the conversation. Um giving 3:23that trust to an AI agent or or system 3:26and you know knowing that it you can 3:28trust it to do its job properly without 3:30any sort of um malicious um intent. Um 3:34we talked about observability and and 3:37resilience as well. um and how it is 3:40super important to be able to see what 3:42what AI is doing behind the scenes so 3:44you know where exactly your data is 3:46going and how it's being treated. Um it 3:48was it's a very huge um problem and one 3:52that I think will you know companies 3:54will take steps to solve in the next 3:56year. 3:57>> We can only hope you know but I yeah so 3:59our our watch word for this year as we 4:01look back and look forward is going to 4:02be trust. And so without further ado 4:06let's see what our experts had to say. 4:12There was no shortage of AI security 4:14stories this year. In fact, there has 4:16been no shortage since chat GPT burst on 4:19the scene in 2022. The impact of AI on 4:22security has been top of mind ever 4:24since. But 2025 did feel like a year 4:27where we started to reflect a bit more 4:29on that coverage. We started to poke and 4:32prod at the discourse and wondered, are 4:35we doing this right? here today to talk 4:38about the year in AI and data security. 4:39With me, Michelle Alvarez, manager, 4:42Exforce threat intelligence, and Jeff 4:44Kroom, distinguished engineer, master 4:45inventor, AI and data security. [snorts] 4:48Folks, to kick us off, I was hoping to 4:50open the floor to you to tell us what do 4:53you think were the biggest stories or 4:55most interesting trends or moments in AI 4:57and data security this year. Michelle, 5:00I'll go to you first. What really caught 5:01your attention this year? 5:03>> Absolutely. I think we have moved from 5:07you know contemplating our attackers 5:09using AI and attacks to verifying right 5:13I believe in our exforce threat 5:15intelligence index that we published in 5:17February of 2024 we had said we had not 5:21seen confirmed use of AI now we can 5:24erase that right we know that they're 5:26actively using AI so so much has been 5:29around are attackers leveraging how are 5:32they leveraging 5:34um to what extent are they leveraging 5:36right and also um how can we use AI to 5:41defend against attacks generally 5:43speaking regardless if AI is being used 5:46>> absolutely we have definitely seen like 5:48the the threat the AI threats come from 5:50being this thing we talked about like oh 5:52it could happen to like they're 5:53happening now right and I think about 5:55that uh anthropic story very recently at 5:58the time of recording this recently 5:59anyway where they busted that spy ring 6:01that was using claude code to basically 6:03run an automated campaign of of 6:05espionage. So like we are seeing these 6:07AI threats actually take place now. 6:09Jeff, how about you? What kind of stood 6:11out for you this year? 6:12>> Yeah, definitely the same kind of thing. 6:14AI has gone from being a more 6:17theoretical threat to a real threat. And 6:20in particular, we've seen in the second 6:22half of the year, I think, the emergence 6:24of of agents, AI agents, as a way to 6:29amplify the attackers capabilities. It 6:32amplifies risk for us. Now, I'm not 6:35against agents. Agents can do some 6:37really great stuff if they're in the 6:38right hands and they're under the right 6:40control with the right governance and so 6:42forth around them. But the reality is, 6:45and we've seen these stories breaking 6:47lately here toward the end of the year, 6:49that agents have not only emerged, but 6:51they're actually able to automate and 6:55run independently, autonomously the 6:57entire kill chain from beginning to end. 7:00We we've had, you know, where it was 7:02easier for attackers to do their thing 7:05by click on a tool and not have to 7:07understand the details. Now we've got 7:09where it does the whole thing beginning 7:11to end and that is a trend I don't 7:15expect to see abating that that's going 7:17to continue 7:18>> and you know I also think about how this 7:20year doesn't didn't just show us how 7:23attackers were using AI and how 7:24defenders were using AI but it also 7:26showed us how we have to protect our AI 7:29right and I'm I'm paraphrasing IBM's 7:31Suja Vuison with this actually but it's 7:33something that she said in a recent 7:34podcast which was as much as we need to 7:37protect ourselves from AI I we need to 7:39protect our AI from people, right? And 7:41one of the things that jumped to me in 7:43that uh uh kind of realm was these agent 7:46session smuggling attacks that Palo Alto 7:48uncovered a little while back. I don't 7:50know if you folks remember this, but 7:52basically they found out there was a 7:53vulnerability in the agentto agent 7:55communication protocol that basically 7:57allows you to set up a malicious agent 7:59to socially engineer a legitimate agent 8:01without the end user even knowing. And 8:03this kind of thing again brings to my 8:05mind that need to protect uh our AI as 8:09part of our systems. I'm wondering if 8:10you have any thoughts on that. Do you 8:11think we focus on AI protection enough? 8:14Michelle, I'll start with you. Matt, I 8:17think securing AI itself is often an 8:20overlooked aspect of AI security. Uh 8:24most of the attention of course has been 8:25on how AI is being used in attacks uh or 8:29how it can be used in defenses. 8:32uh things like we've seen of course AI 8:34fishing, deep fakes um and we're 8:37definitely leveraging AI uh in order to 8:39detect attacks and identify and contain 8:42them. But uh just as important and what 8:45we're hopefully trying to emphasize 8:47during our discussions with clients is 8:50how how important it is to secure AI 8:54applications and the infrastructure and 8:56the data flows themselves. uh because we 8:58do anticipate this to be an attack 9:01surface that's continuing to grow as AI 9:04adoption increases and therefore it will 9:06be an incentive for attackers to target 9:09AI technology. 9:11>> And speaking of that expanding attack 9:13surface, uh something that I've been 9:14thinking about a lot and I'm not the 9:16only person is the kind of rise of vibe 9:18coding, right? We saw that uh term 9:20coined this year back in February uh by 9:23OpenAI co-founder Andre Carpathy. And 9:26it's kind of really taken everybody by 9:27storm now, vibe coding, right? You don't 9:29even need to know how to code. You just 9:30tell the AI what you want and it spits 9:32it out. But that opens up some new 9:34vulnerabilities in our coding process, 9:36doesn't it? And and Jeeoff, I was 9:38wondering if I could get your take on 9:39vibe coding from this security 9:41perspective. Do you think it introduces 9:43kind of new flaws in the attack surface? 9:45How do you feel about this? 9:46>> Oh, yeah. So first of all the AI as an 9:48attack surface that to me is a really 9:50important question. It's a a 9:52presentation I've been doing at 9:54conference events all over the country 9:57uh for this whole year a presentation 9:59called AI the new attack surface and 10:01that's one of the things I drill into 10:03and this idea of vibe coding. Yeah it 10:06it's it's great until it's not. The AI 10:10the code that it writes you know is 10:12getting better. It didn't used to be 10:14great, but it's getting better and it's 10:16going to keep getting better. I like to 10:18say, don't bet against AI. I keep 10:20hearing people make predictions about, 10:21well, AI can do this, but it can't do 10:23that. Well, uh, most of those 10:26predictions, we've in fact seen AI learn 10:28to do those things. So, even though the 10:30code's not perfect now, you know what? 10:32Nobody, no humans are writing perfect 10:34code either. So, that can't be our 10:36standard. However, to your to your 10:39question though, as we get less and less 10:42involved in the writing of code, then it 10:46means if the AI were to be subverted in 10:49some way to inject malware into our 10:52code, when are we going to recognize it? 10:55You know, who is going to know that 10:56that's happened? So, that means if we're 10:58going to have an AI creating our code, 11:01we're going to need other AI looking 11:03over that code. And we got to make sure 11:05that that neither of them have been 11:07poisoned or under the the control of of 11:09another system. Um it's not just the 11:12hallucinations that we have to care 11:13about. It's some of the intentional 11:15things. So if if I wanted to be uh 11:17really sneaky, uh I would just 11:20infiltrate the AI model you're using to 11:23write your code, poison it, and then 11:25have it do my injects for me. And then 11:28um then you good luck trying to find 11:30that. So that's uh that's going to be uh 11:34certainly another thing. Uh but 11:37we'll we'll adjust as we always have. 11:41>> Yeah. I think that, you know, don't bet 11:42against AI is a really good point, 11:44right? Because I think about when again 11:46Chad GPT, you know, came out 2022, it 11:49was really impressive, but people kept 11:50saying, oh, but you know, look at the 11:52videos it makes are bad, right? And oh, 11:54you can tell it's look at how far we've 11:56come now, right? So you apply the same 11:58thing to the cyber attacks and it's like 12:00yeah obviously you don't want to bet 12:02against the AI but sometimes I wonder if 12:04we bet maybe too much on the AI because 12:07another thing that's happened this year 12:09is we've seen an increasing kind of 12:11skepticism among some cyber security 12:13professionals about how we cover stories 12:16particularly when it comes to AI and the 12:18thing that comes to mind for me there is 12:20I don't know if you folks remember but 12:21back in the spring MIT put out this 12:23paper about how 80% of ransomware 12:26attacks are are involve AI somehow. And 12:29then uh in the fall, some cyber security 12:31researchers including Marcus Hutchkins 12:33and Kevin Bowmont started to poke some 12:35holes in that methodology. They dug in 12:37and they realized that the paper was I 12:40don't want to use too strong a term, but 12:41not really. It wasn't as good as they 12:44claimed. And and that paper got pulled 12:45down. And this is a paper that was 12:47widely cited after it came out. So I'm 12:49wondering if we have a sort of 12:51sensationalism problem in the way that 12:52we cover AI and security. Jeeoff, I'd 12:55like to get your take on that. Do you 12:56think we're dealing with some 12:57sensationalism here? 12:58>> So, we've got AI that hallucinates and 13:02now we've got security people that are 13:03hallucinating and making up stuff as 13:06well. So, now maybe we can't just blame 13:08the AI for these kinds of problems. But, 13:11uh, yeah, I mean, there's there's always 13:13been an issue with this. Um, there's a a 13:16a balance where we want to make people 13:18aware of what the threats are. But if 13:21you go too far down the FUD road, the 13:23fear, uncertainty, and doubt, and play 13:25that angle up too much, well, then 13:28people start to tune out because it's 13:30like the the little boy that cried wolf. 13:32First of all, nobody wants to hear that 13:34there's a wolf, but okay, if there is, 13:36we need to tell them. that if we're if 13:38we exaggerate these claims and we've 13:41been hearing about apocalyptic claims, 13:44you know, for as long as I've been doing 13:45security that decades now. Um, and you 13:49know, so there the one thing that all 13:51the the these exaggerated claims have in 13:54common is that, you know, they're 13:56they're not well researched. They're 13:58probably well intended. I'm assuming 14:00most people have good intentions, 14:01although I'm sure some don't. But we've 14:04got to in the era of AI, the most 14:07important skill is critical thinking. 14:10Whether you're using AI to generate that 14:12information and I just read a story this 14:15morning a colleague sent to me a major 14:17consulting firm doing a contract and 14:20they had used AI apparently to do some 14:23of the the build the the case in the 14:26report that they were giving to their 14:27client and it turned out the AI was 14:30hallucinating sources. So yeah, we we 14:33can't just trust everything that comes 14:35out just the same way that we haven't 14:37been able to just trust everything that 14:39comes out of the internet. So we've got 14:42to have I I know this will be a shock. 14:43Not everything on the internet is true. 14:45So ju just remember that. So everything 14:48that does come out, we need to put that 14:50through a critical thinking filter and 14:52say, okay, is it possible that something 14:55was reduced by a,000%. No, 14:58mathematically that doesn't work. So, 15:01we're going to have to look at that 15:02again and uh and make sure that we keep 15:04our heads fully engaged and um you know, 15:08look, we need to know about the 15:09warnings, but we don't need to 15:11exaggerate them. In fact, I would argue 15:13we don't need to exaggerate any of this 15:15stuff because it's bad enough if you 15:18just tell the accurate the accurate 15:20story. 15:21>> Michelle, I'm wondering if you have any 15:22thoughts on this kind of sensationalism 15:24issue that's been maybe plaguing us for, 15:26as Jeff says, quite some time. It's not 15:27unique to AI, but what what have you 15:29seen this year? Yeah, absolutely. To add 15:31on what Jeff said, basically we want to 15:33make sure that we are cautious and 15:35vigilant but not paranoid. Sometimes 15:37that's easier said than done. And often 15:41times as security practitioners, we also 15:43have a responsibility to not just say, 15:46"Hey, there's a thing uh but also say 15:49there's not a thing." And that's really 15:51going to depend on an organization's 15:54cyber threat landscape. It's not one 15:57shoe fits all, right? It's going to 15:59depend on your industry, where you 16:01operate geographically speaking, and so 16:03if you see something in the news and 16:05that might fit your profile, maybe you 16:07should raise your uh red flag, right? Um 16:11but also partnering with a threat 16:13intelligence partner that can help you 16:15sort of make that decision and 16:17prioritize what are really the threats 16:19out there. And sometimes we just don't 16:21know because all the facts are not on 16:23the table when something is first 16:25reported. 16:26And it's not paranoia if everyone really 16:29is out to get you. [laughter] 16:32>> What about if every AI is out to get 16:34you? Um, no. Let's I feel like uh no, we 16:37can't end this segment without a a look 16:40at the cost of a databach report because 16:42this is, you know, IBM's annual report, 16:45dare I say a landmark report comes out, 16:48everybody looks at it and they should. 16:49It's got tons of great information about 16:52on what data breaches are like for 16:54organizations right now. So to round out 16:56the segment and and luckily enough I 16:57have two people who probably know this 16:59report better than anybody else. I was 17:01hoping I could get your takes on, you 17:03know, this year in data breaches. What 17:06do you think were the biggest kind of 17:07takeaways from this report this year? 17:09And and what should organizations kind 17:11of keep in mind as we head into 2026? 17:15And um Jeeoff, I'll start with you. What 17:17do you think? 17:17>> So I think there were a lot of 17:19interesting things that we could we 17:20could pull from this. Um this is the 17:23first report where we really started 17:25seeing some AI related information come 17:27out and you know it it wasn't great. You 17:31know we're finding you know on the order 17:32of 60% of organizations have no AI 17:35governance and security policy in place. 17:37Okay that's not a good thing if this is 17:40going to be something that's going to be 17:41core to the business and we don't yet 17:44haven't we have not yet defined how it's 17:46supposed to operate. What are the 17:48boundaries? What are the ways that we 17:49ensure that it's operating within those 17:51boundaries? Well, then we're just asking 17:53for for a mess. Um, that's I think in 17:57terms of because I like to run. I've got 17:59a race tomorrow. I I hope I know where 18:02the finish line for that race is. But if 18:04they, you know, just uh fire the gun and 18:07say, "Everybody run until we tell you to 18:09to stop." I'm not running that race. So, 18:12this is what it's like if your 18:14organization has no defined this is what 18:17success looks like for us. And without 18:19governance policies, without securities 18:21policies in place, you don't know what 18:22it looks like. You're running and you 18:24have no idea what it looks like in the 18:26end. And and by the way, I I I want 18:28Michelle to answer and then I I want to 18:30come back and say one thing about what I 18:33I actually built a time machine, went 18:35into the future and was able to read the 18:38future cost of a data breach report and 18:39I want to tell you what I found in that. 18:42>> I can't wait to hear about your trip 18:43from the future. Michelle, give us your 18:45take. What do you what what did you pull 18:47away from the report this year? 18:48>> I can't top that. And Jeeoff, you've got 18:50so many things going on between your 18:51race tomorrow and jumping into the 18:53future, but I do have to second Matt 18:56your point about this being a landmark 18:58report. And I think one of the things 19:00that makes this a landmark report is 19:02that every year we can count on it 19:04telling us what are the top things that 19:07increase the cost of a breach and what 19:09are the top things that reduce the 19:11costs. Uh and great news guys globally 19:15average speaking uh the cost of the data 19:18breach went down that's the first time 19:20in 5 years so what are organizations 19:23doing right and that's always what we 19:25hear from sysos and the seauite what are 19:29other organizations getting right we 19:32want to do the same thing well now we 19:34have and have had now over a decade this 19:36report that tells us that and what I I 19:38think are the big tech takeaway is the 19:42um increased use of AI and automation to 19:46detect breaches faster to detect them 19:48and to contain them quicker which then 19:50equates to reduction in detection costs. 19:53Now, of course, regionally speaking, um 19:56we have some areas that we're going to 19:58find higher cost because of uh 20:01regulatory costs like in the US um which 20:04is understandable, but overall on 20:07average costs have been reducing um and 20:10that's some really great news to share 20:12this year. 20:13>> Now, future man Jeff, tell us what you 20:15found. 20:15>> Yes. Yes. So, I I built my time machine 20:18and I jumped into the future and I 20:20actually found a copy of the cost of a 20:22databach report and and what it said was 20:25now that we have quantum computers, 20:28people have been breaking our crypto and 20:30reading all of our secrets and the the 20:33data breaches are occurring because 20:35quantum computers can read the stuff 20:37that we didn't we didn't uh we didn't 20:41make quantum safe. And so, it's a 20:44cautionary tale. Now, the only the the 20:46thing I wish I had done is I forgot to 20:48look at a calendar while it was in the 20:50future. So, I can't tell you exactly 20:52which year the report was from, and it 20:54didn't have a date on it. So, I don't 20:57know exactly what year that's going to 20:58happen, but I'm just going to say that 21:01it's the dye has already been cast. One 21:03day, we're going to have a cost of a 21:04data breach report where one of the the 21:07contributions to data breach will be the 21:11cracking of crypto. Um, and that's 21:13something we really haven't had to worry 21:14about in the past. So, there you go. 21:17>> That's an extremely good point. I think 21:18that for a long time the the kind of 21:20harvest now decrypt later threat was 21:22just kind of a fun thought experiment, 21:24but we have seen a lot of quantum 21:26advances this year and we are getting 21:28pretty close to it. Uh, that is the end 21:30of our segment. That's all the time we 21:31have for today. I want to thank you Jeff 21:33and Michelle both for being here, not 21:35just for this segment, but for all the 21:36expertise you've shared on our pad 21:38podcast over the past few months. and I 21:40really hope I see you both again on the 21:42show many many times in the new year. 21:44And uh one last thing before we go, 21:46Jeff, I know you have a video coming out 21:48with some uh predictions for 2026. You 21:50want to tease that for the audience here 21:52before we end? 21:53>> Yeah, sure. So, this has become now an 21:55annual uh thing for me coming out with a 21:58video on the IBM technology channel 22:00YouTube um where I talk about the first 22:03of all I I make these predictions. So I 22:07look back and see if my predictions were 22:09correct from the previous year and this 22:10is about the third or fourth year that 22:12I've done this now and then go looking 22:15forward into the future. And so I've 22:17actually touched on some of those here. 22:19Um AI is going to be a huge part as it 22:22was last time uh in terms of the 22:24predictions that I think will be coming. 22:26Now since I have the time machine, you 22:28know, I can actually go into those and 22:30see what they are and and I know they're 22:32all going to be 100% accurate. So that 22:34there's that. Oh, I love it. I can't 22:36wait to see it. Uh, but again, thank you 22:38both folks for for being here today. My 22:40>> pleasure. Thank you. 22:45>> What was the biggest cyber security 22:47incident of 2025? 22:50Not exactly an easy question to answer 22:52considering that any given week is bound 22:54to give you at least one candidate. I 22:56mean, off the top of my head, we had the 22:58JLR attack. We had the the Tapp data 23:01leak. We had uh scattered lapsis hunters 23:04doing all kinds of things. And so it's 23:06really difficult to narrow it down, but 23:08also I'm not the cyber security expert. 23:10I'm just a humble podcast host. And 23:12today I do have two experts with me, 23:14familiar faces to those who have been 23:16watching the show. We've got Dave Bales 23:18and Nick Bradley, both of X Force 23:21Incident Command and hosts of the Not 23:23the Situation Room podcast, which means 23:25they are very well positioned to survey 23:27what has happened in 2025 and tell us 23:30what were the biggest incidents, the 23:32biggest stories to pay attention to. So, 23:34I'm going to open up the conversation to 23:36you folks here and maybe we'll start 23:38with you, Nick. When you look back at 23:39everything you folks have covered this 23:40year or seen happen, what sticks out to 23:43you? What are the stories that you feel 23:44like defined 2025? That is not so easy 23:47for 2025. You know, usually when we have 23:50a given year, there's some some given 23:53nasty event that happened that everyone 23:55will remember for all time. This one 23:57doesn't really have one specific one, 23:59but I guess if I were to if I were to 24:02just reach into my grab bag and pull out 24:04the ones that are going to stick with me 24:06for this year is Clickfix, supply chain 24:08attacks, and then everything AI. 24:11>> That makes a lot of sense. Yeah, I was 24:12going to say those those three the those 24:15are the ones that that come up 24:16constantly through just about every open 24:20source intelligence review weekly. One 24:22of those is going to be in there 24:24somewhere. And then and then if we want 24:26to talk about, you know, not so much 24:28security events, but things that really 24:30affected us, and that's the the too big 24:32to fail that proved us wrong between AWS 24:34and Cloudflare. So, uh there you have 24:36it. 24:37>> Absolutely. Dave, how about you? When 24:39you look back at the year, what are the 24:40ones that kind of pop out to you? shiny 24:42happy spiders. [laughter] 24:45That's what we took to calling them. Uh 24:47the shiny lapsis uh hunters uh was 24:50probably the the biggest story to me of 24:54of the year because it just it went away 24:56and it came back and it went away. 24:58>> They threatened to go away a couple of 25:00times and then they just came right back 25:02anyway. 25:02>> Promises, promises. I I think I think 25:05the whole thing was just meant to seow 25:08FUD, you know, fear, uncertainty, and 25:09doubt. I'm pretty sure that's all it was 25:11for. Don't ever listen to anything they 25:13say. 25:14>> Yeah. I mean, you know, I when they I 25:15remember when they announced their kind 25:16of retirement, I was like, "Oh, maybe 25:18they are actually done." And and you two 25:19both are like, "Yeah, don't hold your 25:20breath." And sure enough, you were 25:22correct about that. The very next day, I 25:24feel like they were like, "We're back." 25:26You know, 25:26>> it pretty much was that to that level, 25:29right? It was like they just decided to 25:31pout because they had some of their 25:32infrastructure taken away. Like, fine, 25:34we quit. But we don't. Not really. But 25:37but [laughter] 25:38>> they were taking their ball home. You 25:40know, 25:40>> this time we're not going to attack 25:41hospitals, except we did. 25:45[laughter] 25:46>> It's like you said, Nick, there's so 25:48many different things that popped up and 25:50and you mentioned ones that were also 25:51were were were floating around in my 25:52head, too, right? First up is is 25:54ClickFix, right? Cuz I feel like you're 25:55right. I saw this everywhere and we even 25:58saw, you know, uh um evolutions of it 26:01like I think File Fix was one and and 26:03there might have been one called Jack 26:05Fix or maybe I made that up. Let's let's 26:07let's dig into ClickFix a little bit. 26:09You know, what made that such a I don't 26:11know an important story for you this 26:13year aside from the fact that it just 26:14showed up everywhere. What are your 26:16thoughts there? 26:16>> So, it was it was crazy successful and I 26:20don't really get why, right? because 26:24there's a lot of steps to it. It's not 26:26it's not that easy. I mean, what is 26:30ClickFix? Right? For anybody that might 26:32be sitting there going, "Please explain 26:33to me what is it?" Clickfix is a type of 26:35cyber attack where you trick the user 26:38into running the malicious commands on 26:40their own computers for you. And in like 26:44in some cases it'll start with like a 26:45fake error message or security alert 26:47that that you know convinces them to 26:50take action and then gives them a way to 26:53fix it and it may go all the way of 26:55providing them the malicious script to 26:57go to to go run on their own machine and 27:00people do it. I [gasps] so I I'm not 27:04sure why it was so successful. That's an 27:06answer I can't give you. But I can tell 27:08you that it was very successful. Yeah, 27:10there was there was more success in that 27:13than I thought there was going to be as 27:14well because like Nick said, it it was 27:1830 steps to get to one issue and you 27:24kept looking at it going, uh, when are 27:26these people going to fix this? 27:28>> It relied on having people just like run 27:30scripts on their computers, which most 27:32of most most users don't even know what 27:34that means, right? It's like the fact 27:36that it worked so well that people are 27:38just willing to open up like a part of 27:40their computer they never go to and just 27:42copy paste something because I don't 27:43know they read like a YouTube video that 27:45instructions that said they should do 27:47that. It's a little bit crazy to me, you 27:49know. Um I just I don't know. It feels 27:51like maybe our our security education 27:54doesn't work super well, but has it ever 27:56worked super well? You know what I mean? 27:58It 27:58>> just when you think it's safe to go back 27:59in the water, right, Matt? Cuz I mean 28:01we're thinking we finally got people to 28:02figure out don't click on stuff. Don't 28:05click on stuff. Don't click on stuff. 28:08But run malicious code for the bad guy. 28:10I'm all about that. [laughter] 28:13>> Well, you know, I mean, technically, 28:14you're right. They're listening. They're 28:15not clicking. They're hitting controlV. 28:17That's a little bit different, you know. 28:18So, [laughter] 28:20now we have to tell them, don't click on 28:22things, don't press buttons, maybe just 28:24don't do anything. No, I'm kidding. Um, 28:26but yeah, the the Click Fix was an 28:28interesting one for that very reason. I 28:30I wouldn't expect such a complicated 28:32social engineering scam to work so well, 28:33but it did. Right 28:36now, you also mentioned supply chain 28:38attacks, which yeah, I feel like every 28:40single week there was some kind of crazy 28:42supply chain attack that we saw. We had 28:44the sales law of drift breach, which 28:45turned into the gains site breach, etc., 28:47etc., etude is back now again, ripping 28:50through npm registries or whatever. So, 28:53let's [snorts] let's talk a little bit 28:53about the supply chain angle here. You 28:55know, the state of supply chain 28:56security. I mean, did we see more 28:58attacks of that kind this year or was it 29:00just they were more prominent? You know, 29:02why did why did it stick out for you 29:03folks? Well, I think it was inevitable 29:05because we were watching continuously 29:09multiple supply chain attacks be it 29:11GitHub repo, npm what you know whatever 29:15the the storage medium is. It was the 29:18the supply chain kept getting hit over 29:21and over and we just saw these stories 29:23building and building until eventually 29:25finally shy hallude manifested itself 29:27out of this and now we have the 29:29self-propagating malware that's taking 29:31advantage of the supply chain attack. 29:33So, 29:35I it was coming. It was It was meant to 29:37be. We saw it on the horizon and then it 29:40showed its ugly head, 29:41>> and it's not going to go away. It's it's 29:43it's going to stick around. It is going 29:45to be probably one of the larger attack 29:48surfaces in 26 to look out for because 29:52it's it's relatively easy to do and it's 29:55a it's a target base that is going to be 29:58around. supply chain isn't going 30:00anywhere, so it's always going to be 30:02available to attack. 30:04>> It was a surface that people trusted too 30:06much, if I could say it that way, is is 30:10they they felt like they were in a safe 30:12environment. Everybody, you know, that's 30:13contributing here, I guess, to the 30:15GitHub repos or whichever repo we're 30:17talking about or there was too much 30:19trust 30:21and then it came back to bite us. Yeah, 30:23I'm glad you folks brought up this trust 30:25angle and this kind of, you know, this 30:26angle of this attack service not going 30:28away because it hearkens back to 30:29something that Dave you said. We 30:31recorded an episode yesterday and you 30:33were talking about, you know, I asked 30:34our developers the new front line and 30:36you said, "No, no, they're not the new 30:37front line. They're the new targets of 30:39these attacks, right? Like they're who 30:40we're going after." Wondering if you 30:42could expand on that angle a little bit 30:44for our listeners who maybe didn't hear 30:46that episode, but I also just think it's 30:47a very important thing to say. Yeah, it 30:50it the developers have a reputation to 30:52uphold and when they get hit with these 30:55uh shy hallude attacks for example, the 30:58developers reputation is what takes a 31:00hit and with shy hallude they're 31:03impersonating the developer. So now 31:05you've gotten to the point where you 31:06don't know who to believe anymore. Uh 31:09the developer can say hey I fixed the 31:11code but did that actually come from the 31:13developer? You don't know. So now 31:15developers have to work extra hard to 31:18rebuild their reputation, to regain that 31:20trust that they lost because of 31:22something that they had absolutely no 31:24control over. Thinking back then about 31:26all of these stories we've just 31:28discussed, you know, your click fixes, 31:29your supply chain attacks, your 31:30scattered lapsis hunters, I I I know it 31:33can be difficult, but if you could kind 31:34of distill all of this down to some key 31:37themes for the year, you know, and maybe 31:39things like developers and the new 31:40targets, I don't know, but what do you 31:42think the key themes are that we need to 31:43carry forward with us into 2026? Any 31:46thoughts there? Let's start with you, 31:47Dave. 31:48>> Watching out for the largest breach in 31:51history. [laughter] 31:53Every I'm not kidding. Every single week 31:57we got one more story that was the 31:59largest breach in history. And you know 32:01just some examples the Chinese 32:03surveillance network was a 631 gigabyte 32:06database theft um labeled the largest 32:10breach in history. And then we had one 32:12that was 2.9 billion records. That was 32:14the largest breach in history. And then 32:16we had one oddly enough that was like 32:181.6 six uh terabyte or billion records. 32:21That was labeled the largest breach in 32:24history, but obviously 2.9 is larger 32:26than 1.6. So, we can't figure out what 32:28the largest breach is actually going to 32:30be, but it's going to come back. 32:33>> Don't forget Alliance Health, Dave. That 32:34one was almost 1.5 million social 32:37security numbers. So, 32:39>> and that's a big number. 32:41>> Yeah, you don't have to put a B behind 32:43social security numbers for that one to 32:44be important. Yeah, you you put an M 32:46behind that one and it's still a big 32:48number. 32:49>> The other thing I want to throw out is 32:50uh that we didn't mention is browser 32:52extensions because browser extensions 32:54were a bit of the soup dour this year as 32:56well. We saw those come up a lot and uh 32:59I almost forgot to mention it, but that 33:01still builds on the same issue we just 33:03saw with the supply chain uh 33:05compromises, right? Because it builds on 33:07expected trust. people enabling browser 33:09extensions for uh to help them with 33:11whatever they're working on and don't 33:13realize that you have just granted 33:14permission to something that you really 33:16don't know exactly what it does and that 33:19one ends up stealing credentials, 33:21stealing data, stealing more PII, and 33:24the circle goes round and round. 33:26>> Yeah, you want to get that YouTube video 33:28downloaded, you want to pull the sound 33:29from it, you install the browser 33:31extension, and all of a sudden you're on 33:32a botnet. It it hearkens back to 33:34something we were talking about again 33:35yesterday, which is this this we use all 33:37these things as proxies for trust 33:39sometimes, right? Where we're like, "Oh, 33:41I downloaded this off the, you know, the 33:42the extension store. It must be fine." 33:44You don't know that. You know what I 33:46mean? Just because it's there. I was 33:48reading today about, you know, this this 33:49this ring of hackers who they would 33:51upload a perfectly legitimate uh browser 33:54extension. It gets it passes the checks. 33:55It gets in there and then afterwards 33:57they sneak some bad code into there and 33:59it goes undetected. You download that. 34:01They're in your browser now. and and you 34:03trusted it because you thought it was 34:04legitimate. So, I feel like that's 34:06another important lesson too from the 34:07year is like you you have to do your 34:09personal due diligence, right? Like you 34:11you can't just assume you can trust 34:13these things no matter where they're 34:14coming from. You know, Matt, there's a 34:16word that keeps coming up here and we 34:18keep saying it and that word is trust. 34:21It's so much implied trust. And before 34:25this started, I decided I was going to 34:26go jump on our YouTube channel and look 34:28at our podcasts and see which were the 34:30most popular ones of the year, right? 34:32And the very first one that popped up as 34:34the most viewed was our episode called 34:36Who Spilled the Tea? And that one's 34:38about the tea app that was used to uh to 34:41for rating dates. I won't get into the 34:44details. Rating, that's with a t rating 34:47dates. And that one was breached. And so 34:50everything that people were were pouring 34:52into that app was disclosed. Too much 34:55trust again. Because in most cases, 34:57that's something most people probably 34:59wouldn't share with anybody. But here 35:00they were just sharing their heart out 35:02about how this date went last night, 35:05whether it was good or whether it was 35:06bad. And now that's out for the world to 35:08read. And let's see, the other ones were 35:11the next one is that's private or is it? 35:13And that one was about the alliance data 35:15breach. Again, uh you trusted them to 35:18handle your data and they didn't handle 35:21it so well. Uh let's see other episodes 35:24really quick because I know time is 35:26probably short. Uh we had an episode 35:28called space the final frontier and that 35:30one was about patch management failures 35:33and that had all to do with the 35:35SharePoint year old vulnerability that 35:37blew up. They chained a couple 35:38vulnerabilities together. That one got 35:40ugly and come to find out that 35:42vulnerability had been disclosed 35:43multiple of them for well over a year 35:46and just not patched. And then lastly 35:49was out of the top four was digital 35:51escorts. And that one is not what you 35:53think. And that was allowing contractors 35:55allowing contractors in other countries, 35:58less secure and untrusted countries to 36:00access US infrastructure because again 36:03we're trusting them. 36:04>> That's going to be the running theme 36:06through 26 is trust. And and think about 36:08this. We're talking about breaches that 36:10happen to companies that have security 36:12measures in place. Think about what this 36:15is doing to the public at large. they 36:18don't have the same training that we do. 36:20So, I think it's up to us as security 36:22professionals to get as much information 36:24as we can out there doing things like 36:26this show uh and and letting people 36:28know, hey, you think that you can trust 36:31your computer, but you really can't. You 36:34really need to stay on your toes and 36:36follow all of this advice that's being 36:38given to you through news outlets, 36:40through podcasts, through uh readings 36:43and and papers and things. I I worry 36:46about the trust uh that the public gives 36:49their computers more so than I do uh the 36:52security companies or you know just 36:54companies in general who have security 36:56posture. It's it's going to get worse 36:58before it gets better. 37:00>> Absolutely. And I think that's an 37:01incredible way to kind of wrap up this 37:03segment. I want to thank you guys both 37:05for being here, not just today, but for 37:06appearing on the show so many times and 37:08I hope we have you back a ton of times 37:10in the new year because you guys are 37:11great fun. And this is my personal pitch 37:13to all of our viewers. Please go watch 37:16not the situation room. Give them a 37:17follow if you haven't seen it yet. If 37:19you like what we do here, you'll love 37:20what they do. They have even less of a 37:22filter than we have. 37:25>> True enough. Thanks, Matt. 37:27>> Thanks, Matt. Appreciate it. 37:33>> Hello, Suja Visen and Shar Mupi. Thank 37:36you for joining me today. I'd love to 37:38talk about the year that was um you know 37:402025 and the string of high-profile 37:45cyber security incidents that we've seen 37:47that have been having some longl lasting 37:48effects on various companies um and just 37:51the world in general. Um Shar I would 37:54love to start with you um and just get 37:56your take on on the on the past year um 37:59in terms of cyber security and you know 38:01how you think it went for you know in 38:04general and maybe even specifically. I 38:06think for me um this was a year of 38:09silent AI sprawl right not just for u 38:13the attackers but also for the 38:14defenders. If you look at it from one 38:16perspective, we had some really big 38:19incidents like the salt typhoon which 38:21hit um not just uh you know the 38:22government aspect but also the private 38:24sector like telos right on the other 38:27side um if you look at their defenders 38:30and folks like us u the proliferation of 38:33AI has absolutely exponentially 38:35increased from wipe coding to be able to 38:38use AI for productivity. So that was 38:40really uh heartening to see but at the 38:43same time worries me that some of these 38:45innovations are um ahead of security 38:49policies. 38:50>> Yeah sure I can see I can see that 38:52perspective for sure. Um Suja how about 38:54you? 38:55>> I mean see there are two sides of the 38:56coin with V coding comes V hacking right 38:59and then free trials are becoming zero 39:02day vulnerability these days. What we 39:04have seen, we have seen anything from a 39:07big ransomware like Land Rover Jaguar 39:10that happened to uh a Dutch uh employee 39:14in a windmill going and installing 39:17crypto mining stuff as part of it and 39:20then doing things. So we have seen both 39:22ends of it. All kinds of crazy things 39:24that we could have never imagined. I 39:26think that's what technology always 39:27does. Always throws a curveball at us 39:29and then keep us on our toes. It's a I 39:32mean that's a pretty smart way to start 39:34uh mining some crypto just go go 39:36straight to the source. [laughter] The 39:38the other thing Patrick and Suja right 39:40deviating slightly from the AI story I 39:44know we've seen this this is the 39:46identity as the next parameter I'm 39:49beginning to see session as a new 39:51parameter right we're beginning to see 39:54things like you know sales loft and 39:55salesforce situation or Gemini or even 40:00um the echolaks right where just 40:03establishing an authentication and 40:05session is no longer sufficient right? 40:08Um attackers are stealing these tokens 40:10or credentials and reusing them in the 40:13ways they're not supposed to be used and 40:14hence causing some devastating results. 40:16Right. So we'll see that more and more 40:18in the coming years. But to me, you 40:21know, I wanted to talk about the session 40:22as a new perimeter right now. 40:25>> Sure. Yeah. Um I mean I would love for 40:27you to expand on that shar if you if you 40:29can. Um you know what you mean by the 40:31session being the new sort of perimeter 40:32that we need to establish in terms of 40:34security. I think what I mean by this 40:36whole uh emphasis on session hijacking, 40:39right? If you look at the sales loft um 40:42uh attack um the user has authenticated 40:45and established a regular or a 40:47legitimate session and in in general we 40:51have been used for static security where 40:53you authenticate once you establish 40:55security and establish a session and you 40:58assume that things are okay and then you 41:00start conducting business. But that may 41:02not be okay moving forward because 41:05attackers are now stealing those session 41:08credentials, right? And be able to 41:10replay that um and and and and and 41:14use them in ways that they're not 41:16designed for. Hence, we start we need to 41:18start thinking about more dynamic 41:20security than static security. Right. 41:21Sean. 41:23>> Sure. I'm thinking of of um you know 41:26stuff like zero zero trust protocols to 41:28make sure that you are who you say you 41:29are and things like that. 41:30>> Exactly. Right. SuJa, you know, I'm I'm 41:33wondering if you feel the same way. Do 41:34we need to get more granular and more 41:36sort of um maybe more frequent on 41:39checking up on our session activity and 41:40see who's doing what um you know, all 41:42the time or or do you think we should 41:44maybe keep it the way it is? I maybe 41:46think you're on the former side. 41:48[laughter] 41:49>> It's definitely need changing, right? 41:51Whether how we with AI browsers, how we 41:53browse are changing, how we conduct 41:55businesses are changing from the 41:57consumer perspective as well as 41:58enterprise perspective because I might 42:00log in and give access to my agent to go 42:03conduct business. What if somebody 42:05poisons that agents and then able to go 42:07do it because people are doing it all 42:08the time like find me the best deal 42:10right so holiday scams are going in. So 42:14people can steal the credentials. 42:15Credential stealing is not something 42:17new. But what Shr is talking about is in 42:20today's world where you are delegating 42:22it to something else, an AI, an agent. 42:25When you're delegating, then 42:28somebody can steal it. When somebody 42:30steals it, it again cyber security is 42:33not a question of if, it's a question of 42:35when. When it happens, do we have our 42:38defenses in place to protect our 42:39business as well as as individuals? It 42:43seems shar you mentioned earlier the AI 42:45the year of AI for all essentially um 42:48and Suja you were mentioning AI browsers 42:50and agents um it seems like we are sort 42:54of maybe getting a little ahead of our 42:56skis in terms of giving these AI agents 42:58a lot of um power permissions without 43:01sort of establishing serious or or um 43:05you know hard guidelines for them and 43:07we've seen that taken advantage of in 43:09the form of AI agent hacking and and you 43:12know agent hijacking essentially. Um do 43:15you think that there is hope for the AI 43:18agent to sort of become more secure more 43:19helpful in response to these attacks 43:22against them? 43:23>> We don't have a choice. I don't think 43:25there's hope. We need to make sure that 43:26these are secures because a year if you 43:29ask me like 5 years or 5 years back that 43:32will autonomous car be a reality I would 43:34have said no no way they can co coexist 43:36with humans. Now we are taking way more 43:38instead of like Uber and then driving 43:40around. So it needs security needs to 43:43come into play. Technology is always 43:45going to be running fast and we need to 43:48make sure proper guard rails are 43:49replaced and we have done that with data 43:51right when social media and everything 43:54came in the regulation always comes 43:56later to catch up. the security comes 43:58later. It's a constant learning. So 44:00that's why I talked about the question 44:02of when it happens, are we able to make 44:05sure that we are secure? Are we able to 44:07reduce the blast radius? When it 44:10happens, are we able to observe and know 44:12what happened so that we can prevent it 44:14from happening future? Because without 44:17making mistakes, you cannot make 44:19innovation. So there is always going to 44:21be risk associated with it. But are we 44:23able to catch it fast enough before it 44:25becomes too late? I think Suja captured 44:27it really well. Right. So I mean I mean 44:29my big takeaway Patrick for this year is 44:32our controls are predominantly designed 44:35for a world where tools and identities 44:38change very slowly 44:41right um but that is changing that is no 44:44longer true right and that sets us that 44:48that requires obviously new innovation 44:50and all that but that's the biggest 44:52observation for this year. I would love 44:54to talk about the external pressures 44:56that companies might be facing when it 44:57comes to cyber security and and you know 45:00cyber security preparedness um with a 45:03lot of you know government and global 45:05regulation changes when it comes to 45:07cyber security. How do you think that is 45:08affecting companies who want to sort of 45:10stay at the forefront um of the cyber 45:13security landscape but also you know 45:16maintain their maintain their ability to 45:19to uh you know be properly regulated and 45:22and adhere to government regulations or 45:24global global cyber security policy. I 45:27think if you look at the you know the 45:29whole geopolitical situation right you 45:31know like you said you know there are 45:33big attacks that are not only impacting 45:36the government entities but also the 45:38private sector we've seen that with you 45:40know some of the large telos with the 45:42salt typhoon right um so that basically 45:45means that you know the blast surface is 45:47not just limited to state but limited is 45:50extending to private sector as well 45:53right so that kind of creeps into you 45:55talked about policy And so what what 45:58that means is that you know some of the 46:01policies that are impacting will will 46:04impact the private and public 46:05partnerships right if if there are 46:08policies that are helping the cyber 46:10security that's awesome but if they're 46:12not then that's going to slow down that 46:16doesn't mean that we give up on security 46:17right that basically means that we just 46:20need to think about how do we now learn 46:23these things as a norm and build 46:25architecture ures and systems that are 46:27resilient for such changes right so 46:30that's the way I would think about using 46:33these external pressures and external 46:36volatility as a norm and then design 46:39system to accommodate for that 46:42>> I think see with these government 46:43regulations and everything things are 46:45always going to be changing right it's a 46:46seasonal it'll keep it will keep going 46:49up and down so for us the bigger thing 46:51is how do we get creative in these ways 46:54what I see with the security industry is 46:56security and observability coming really 46:59really together because the CISO and CIO 47:04and IT departments coming together to 47:07combat [clears throat] this because when 47:08you are deploying agents when you are 47:10deploying AI in your in your uh 47:13enterprise you need to be thinking about 47:16hey what is happening that is one thing 47:19when how did it happen what kind of 47:22process were done to get to us to this 47:25So when these things are coming together 47:28then the budget becomes bigger. It's not 47:30just about the CISO budget now the CIO 47:33budget comes together the automation 47:36budget comes together to think about how 47:38do we protect at the same time make 47:40people more productive right so bringing 47:42those are all the things we will get 47:44very creative when these things happen 47:46but the mission doesn't go away because 47:49we need when a sec cyber security breach 47:52happens it's not just about oh something 47:55somebody somebody's data got lost or 47:57something bad happened it's about 47:59reputation of a company people you lose 48:02trust. 48:03>> I like I like what you said Suja over 48:04there right the observability because to 48:07me you know one part that I was trying 48:09to say is that okay change is is norm 48:12right and try to figure out how to not 48:15have a stable policy and endless hiring 48:17forever and react to that. The other 48:20part that you're saying is which is 48:21really important is you know 48:23observability budgets could increase 48:26from one perspective. The other thing is 48:28also what we don't know what we we don't 48:30know what we don't know right so having 48:33that observability helps in identifying 48:36what we don't know very quickly and be 48:38able to react right with precision and 48:42accuracy right so that I I like what you 48:44said 48:44>> you know in the next year we're going to 48:46see a lot of new emerging threats um 48:48targeting companies you know public and 48:49private sector um businesses and even 48:52consumers um suja I'd love to know what 48:54you think these threats might be um and 48:58how you and whether or not you think 48:59that we are currently uh prepared to 49:02deal with them. 49:02>> I think one of the thing that I would 49:04say is about shadow agents and shadow AI 49:06because we are all using it dayto-day in 49:09every every uh new employee that comes 49:12in from college. They're all AI 49:14literate. They are used to using these 49:16agents. So they're going to be using it. 49:18How does enterprises prepare themselves 49:20so that we don't inadvertently cause 49:22harm to ourselves? like this guy who was 49:24mining crypto mining using windmill. So 49:27that is that is one thing. The other 49:29part that I think about is static 49:31encryption is dead. We with quantum 49:33computing becoming a reality very soon 49:37are enterprises prepared to be agile 49:40when it comes to their crypto posture. 49:42Shr. 49:42>> Yeah. No, I think I think I just want to 49:44double click on the agent part SUJA a 49:46little bit more right because I think 49:49you know the shadow AI and shadow agents 49:52are already kind of here right this year 49:54right but I think if the impact of that 49:57right the fact that an agent may 50:00inadverently move data without the 50:02knowledge may cause in a data loss which 50:05we didn't expect right imagine an agent 50:08which is happily doing some work and and 50:11helping and optimize a um uh workflow, 50:16right? And as a part of that, it needs 50:18to move data from cloud to on-prem to 50:20different SAS applications and and 50:23behind the scenes, the data is being 50:25moved, manipulated in ways that we 50:27didn't plan for. So, as a result, you 50:29know, you may see data exposure that we 50:32didn't plan for, right? That's what 50:34worries me. The other part, um just 50:37double clicking on that agent is the 50:40identity piece, right? 50:42uh who has access to what and what they 50:44have done with it. Simple sentence, but 50:47it's hard to go and prove the 50:49accountability, right? Because agents 50:52like you've seen with both Echolaks as 50:55well as with Gemini, it was a simple 50:58situation in Echolaks where the chat was 51:02used to go and provide some cryptic 51:04instructions and behind the scene, the 51:06agent did what it's supposed to do. It 51:09went and used a rag pattern to go get 51:12all the HR data and then encoded that 51:15into ways that you cannot even stop with 51:17a gateway and exfiltrated that. Right? 51:20So that's happening because the agent 51:22was trying to do the right thing by 51:26obtaining privileges and expanding in 51:29what it can do to go get the data in a 51:31rightful way. Right? So those 51:33accountability issues will be front and 51:36center. Um and then completely agree 51:38with Suja and the static and Christian 51:40right it's like it's not about crypto is 51:43becoming so brittle that it is an 51:47operational and a strategic risk right 51:50it's just not a theoretical one that hey 51:53quantum is going to come and take my job 51:54away right it's it is it is more of an 51:57operational thing that we have to worry 51:59about some 52:00>> I would love to u touch on the 52:03innovations and sort of responses to 52:05these adversarial attacks coming in the 52:07next year. You know, you talk about 52:09shadow AI and managing these these 52:11agents, you know, operating maliciously 52:13behind the scenes. Um, what are you most 52:16hopeful for in the in the coming year in 52:19terms of improving our defenses and and 52:21maintaining that uh sort of proper cyber 52:23security posture? Uh, Suja, I can start 52:25with you. 52:26>> We talked about crypto agility that is 52:28going to be the new resilience. We need 52:30to make sure that the systems are 52:32resilient for the for the new world of 52:34computing and AI. So I would say 52:37resilience resilience are are the system 52:39resilient to take these hits and then 52:42still operate as good as they should be. 52:45So that is the innovation that I'm 52:46really excited about. I would also say 52:48that um this AI powered threat 52:52intelligence because human beings get 52:54tired looking at so many things now. How 52:56do we use this tool to make it much more 52:59uh like it's like bad the agents need 53:03you cannot fight agents with humans. You 53:05have to fight agents with agents. So we 53:08need to make sure the defense agents are 53:11ready to change based on what the attack 53:14surface is coming what the attack is 53:16coming through. I I mean listen I've 53:18been I've been in cyber security for 53:20more than couple of decades right now 53:23right and always worried about insider 53:26insider attacks right I think what I'm 53:29most excited about is the innovation 53:31that is going to help protect the AI 53:33right being able to treat every agent 53:36like like a like we treat humans treat 53:39them as first class citizens right treat 53:42them as first class citizens so that you 53:44identify them you provide the right 53:46level of delegation 53:48ensure that we have the know's point 53:50fine grain authorization and 53:54so that you can drive accountability 53:57right especially as agents are drifting 53:59and agents have autonomous behavior 54:02driving that accountability I'm excited 54:04for that the other piece I'm also 54:06excited is um innovations in 54:09observability right observability has 54:11been not a new topic not a new topic but 54:16agents are autonomous. Agents also 54:19drift. So there will have to be new 54:21types of observability that will come up 54:24in in the next year or so that will 54:27provide the observability for the Asian 54:30behavior. not just understanding you 54:31know the shadow IT and the shadow sorry 54:35shadow agents and the shadow AI but also 54:38what they have done with it with the 54:40appropriate agent behavior so that we 54:43can then figure out how do I minimize 54:45that data exposure how do I drive 54:47accountability how do I answer my simple 54:49question of who has access to what and 54:52what they've done with it um and that 54:56will help even the crypto agility where 54:58where Suja was alluding to 55:00notion of making it's not about the next 55:04new crypto cipher for we've seen that 55:07for time in memorial right but it's 55:09about being able to change that 55:11dynamically right whether it's the 55:14regulation is saying it whether it's 55:15operational requires all that is 55:18something which is really exciting for 55:192026 55:21>> cool yeah it sounds exciting I'm excited 55:23to have an AI agent uh co-orker that I 55:25won't see at the uh at the office party 55:28>> but I want to add one thing Patrick 55:29where Shr was talking about a treat 55:31agents as first class citizen right but 55:34what I would say is that treat them like 55:36humans the bigger problem is look 55:39everybody talks about the threats of AI 55:41what agents can do the bigger thing is 55:43humans because how do we prevent humans 55:46from harming these AI and agents because 55:50that's what happens in most of these 55:51cases they're just doing their job the 55:53AI and agents they are telling they're 55:55doing what we tell them to do but if how 55:58do you prevent the bad actors from 56:00manipulating them and then going do 56:01that. That's where the cyber defense 56:03come into picture big time. So the thing 56:06that we need to be working towards is 56:08how do we prevent humans from harming AI 56:11and agents around good good stuff. It's 56:14not just it's about 56:16agent and human cohabitants. 56:19>> You just ask the agent to get their 56:21boss's permission. That's all. That's 56:22that's my that's my contribution. Shar 56:25Suja, thank you so much for your time 56:27and for talking about the um cyber 56:29security for for the upcoming year. Um 56:33thank you for for your time. 56:35>> Thank you. 56:36>> Thank you. 56:37>> Okay, so [snorts] that's all the time we 56:39have for today. I want to thank all of 56:41our panelists, Nick, Dave, Jeff, 56:44Michelle, Suja, and Shridhar. And thank 56:46you, Patrick, for for stepping in front 56:48of the camera. And you know, I hope 56:49we'll see some more of you on the show 56:50next year. You what what do you think? 56:52Maybe. 56:52>> Yeah, why not? That sounds great. Thanks 56:54for having me. I had a real blast. 56:56>> Wonderful. I'm glad we did, too. And I 56:58want to thank the viewers and the 56:59listeners for sticking with us over the 57:00past few months, for giving us a chance 57:02to start a new cyber security podcast. 57:04And I hope to see you all in the new 57:06year. Let's go ahead and stay safe out 57:08there.