Full transcript
[00:04.9]
Hey, everybody. My name is Adam DeLuca. I’m the director of Risk Intelligence here at Everbridge. It’s good to be with you all today. I’m here with Ignacio Brarda. He is our deputy CISO here. And looking back on the last year, we just wanted to have a conversation with him about cyber security.
[00:20.4]
It’s obviously a big issue, with organizations right now, and I wanted to bring Ignacio to talk about it. So thank you very much for being here. Yeah, thank you, Adam. Excited to be here. Great. So, you know, just kind of looking back over the last year with how active the cybersecurity threat landscape was, what would you identify as maybe a significant trend or cybersecurity incident that was a real inflection point for the threat landscape?
[00:47.3]
Yeah, that’s. That’s an excellent question, because there’s definitely a lot going on this past year. But something that was very unique to, to 2025, I would say, is that we had the first reported AI orchestrated cyber espionage campaign. Right.
[01:02.5]
And in there, this is a, before and after, I think, in the industry, because bad actors are starting to use agents to do these attacks for them. Right. And so if you think right, like, bad actors organize themselves, they create their own enterprises.
[01:20.8]
But what’s different now is that by leveraging AI and these technologies that were designed, for good, they’re using them from the wrong reasons. And this means that they have an army of 24 by seven agents that can produce these attacks for them.
[01:39.9]
We know that the technology landscape is very complex. You need a lot of expertise in different areas. But just like AI helps us understand technologies better, it’s also helping these attackers quickly become experts and finding exploits on different technologies that are out there.
[01:56.0]
And with the help of AI agents, they can automate that and be constantly knocking at your door trying, to find how to get in. Yeah, it just makes them faster and more efficient and, you know, be able to change the adversary behavior and targeting and their capabilities.
[02:12.7]
Especially with the, geopolitical nation state actors, the Volt typhoon campaigns, and ransomware for a service. I think AI is just going to accelerate all that and make it that much more difficult for organizations to kind of defend against it. But again, to the ransomware point, we talk about ransomware and we talk about phishing, denial of service attacks, but what are some of the emerging cyber trends in 2026 that might not be top of mind yet for organizations?
[02:41.5]
Yeah, I think part of that is going to be Being able to respond before it was with automation and APIs, you know, it was responding at the speed of machines. Now with the AI, it’s going to be responding at the speed of AI.
[02:56.8]
And this is, a component that’s adaptive. Right. For teams. So if you think about it before, being good at security is not good enough anymore. Right. You need to take that extra level that before only certain enterprises and industries were able to get to, which is being adaptive.
[03:14.5]
How do you adapt? Attacks are going to be being modified as they start getting through defenses now. Right. With the help of AI, you know, malware can mutate in order to find the ways to get through the different defense layers. So I think, you know, besides your ransomware, your phishings, we need to be very careful with adaptive attacks.
[03:35.8]
I think they’re changing as, as they go and as they make it through your organization, in order to be ready for that. It’s kind of like fighting fire with fire. Attackers are using AI to do this, while organizations are going to have to be better at using AI to prevent them from leveraging these adaptive attacks.
[03:57.2]
So what are some ways to do that? Zero trust architecture, proactive red teaming. What are some of the uses that you could use AI for to defend against, against some of these attacks? Yeah, that’s an excellent question, Adam. I think one of them is when you look at your user behavior and even taking a step farther, your services and machine behaviors, using machine learning to understand that behavior.
[04:24.0]
So that whenever something steps away from that predefined, baseline that you have built for either that user identity or system, you can quickly identify that and have the team respond to it. Right.
[04:39.0]
And a lot of that response going to be automated in some way. Right. So you’ll have to define, I think enterprise teams are going to, are going to have to define where the risk appetite is and how much they want to let these AIs respond to these attacks for them.
[04:57.3]
Because there’s definitely risk associated with that too, right? Well, yeah, it’s not about risk avoidance. Right. It’s about risk prioritization and making sure that you’re taking on the amount of risk for certain vulnerabilities. But I think everybody’s going to want to know what’s next.
[05:13.2]
So you just touched on that. But how might organizations go about prioritizing improving their cyber posture going forward with the dynamic threat of AI and with the increased presence of nation state actors in these threat groups? Yeah, yeah.
[05:29.5]
And you know that I like, I really like that last part. Of your question, you know, state actors and threat groups, the way organizations can defend against those very advanced threats and persistent threats is really identifying what the crown jewels are.
[05:46.1]
Right. One of the key things I think for 2026 is going to be really locking down those crown jewels, really putting the focus where what are those systems, people, processes, data that are making your business money, that are critical to your operation and making sure that you’re able to protect them with the right technologies in there.
[06:07.3]
As we see the world becoming more and more digital, the landscape is growing and the amount of systems, it’s rapidly increasing. So really understanding what are my crown jewels, what are the systems that are making money to my organization that I, you know, we need to protect everything.
[06:26.3]
But my focus needs to be very adaptive, in these specific systems for my organization. So I do think, you know, CISOs and security experts are going to have to continue to work their, their business hat right. And really understanding what’s critical for, for the business and how can I protect that in 2026.
[06:44.9]
Yeah, it’s not just for cyber. It’s identifying unacceptable consequences based off of threat environment and adapting. So, you know, tabletop exercises, not just good cyber hygiene, but, you know, because the way people are attacking and going about exploiting information now is just so diverse and complicated.
[07:04.2]
Ignacio, it was great for you to take the time out today and join us on the rapid resilience pod. Anytime. You’re happy to come on and talk to us about cybersecurity, hygiene or anything else. We really appreciate the partnership over the last year. Excellent. Thanks, Adam.
[07:19.9]
All right, thanks, Ignacio.
Collapse
