Latest news with #ArcticWolf
Techday NZ
a day ago
- Business
- Techday NZ
Arctic Wolf & Databricks partner to scale real-time security data
Arctic Wolf has announced a partnership with Databricks to scale its Aurora Platform by integrating Databricks' Data Intelligence Platform to enhance real-time security data processing and strengthen its service offerings. The Aurora Platform is recognised for its capability to ingest and process substantial volumes of security telemetry. Arctic Wolf reports that the platform manages more than eight trillion security observations each week and over 300 petabytes of data each year. With the new integration, Arctic Wolf aims to unify data streams from endpoints, cloud applications, identity systems, firewalls, and other sources into a singular, high-throughput environment. Data growth As security environments evolve, organisations continue to deploy additional security tools and cloud systems, leading to increasing volumes and types of telemetry. This expansion, combined with the pace at which data arrives, presents a significant challenge for security teams tasked with identifying and responding to threats promptly. Arctic Wolf has contended that even well-resourced teams can become overwhelmed by these growing datasets without an appropriate technology platform operating at the necessary scale. The Aurora Platform's integration with Databricks' Data Intelligence Platform is intended to address this challenge by accelerating the unification and analysis of these diverse telemetry sources. Enhanced operations "Modern cybersecurity is a data scale problem. The volume, variety, and velocity of telemetry demand a platform that can turn complexity and noise into clear outcomes," said Dan Schiappa, President, Technology and Services, Arctic Wolf. "Partnering with Databricks gives us the scalable foundation to action one of the industry's most diverse security datasets for faster and better threat protection for our customers. It enables us to grow the Aurora Platform, expand our AI-powered SOC, and deliver faster, more reliable protection for our customers." The partnership supports Arctic Wolf in delivering security intelligence to over 10,000 customers globally. The Aurora Platform's architecture makes use of Databricks' AI-driven data infrastructure to enable the company and its partners to scale local security offerings and strive for improved customer outcomes. AI-driven intelligence In addition to the platform integration, Arctic Wolf's Alpha AI suite continues to drive the company's efforts in predictive and generative AI applications in security operations. According to Arctic Wolf, Alpha AI draws on over 10 million hours of Security Operations Centre (SOC) experience accumulated over a decade, and is continually refined by a wide and varied range of security telemetry. Alpha AI is designed to reduce the number of unnecessary alerts, speed up investigation workflows, and help customers focus on the most relevant threats. These features are integrated as part of the ongoing development in the Aurora Platform, which benefits from the new data capabilities powered by Databricks. Unified and protected data "Running security operations at scale demands a data architecture optimised for performance, agility, and real-time insights. Arctic Wolf is a leader in this space, having pioneered a unified approach to security operations through a single, integrated platform," said Omar Khawaja, Databricks Field CISO, VP Security. "By integrating the Databricks Data Intelligence Platform with Arctic Wolf's Aurora Platform, we're enabling them to fully harness the power of their security telemetry, driving faster, smarter decisions across one of the world's largest commercial Security Operations Centres." The companies have highlighted the use of Databricks Data Intelligence Platform's lakehouse architecture, which is said to support the secure collection, governance, and protection of security telemetry. This approach is intended to bolster Arctic Wolf's security controls and support compliance requirements across its customer base. By building on this foundation, Arctic Wolf believes it can support real-time threat detection, enable open integrations, and provide advanced, AI-driven analytics. Follow us on: Share on:
New Straits Times
a day ago
- Business
- New Straits Times
Australia to outlaw YouTube accounts for teenagers
Your browser does not support the audio element. SYDNEY: Australia said yesterday it will add YouTube to sites covered by its world-first ban on social media for teenagers, reversing an earlier decision to exempt the Alphabet-owned video-sharing site and potentially setting up a legal challenge. The decision came after the Internet regulator urged the government last month to overturn the YouTube carve-out, citing a survey that found 37 per cent of minors reported harmful content on the site, the worst showing for a social media platform. "I'm calling time on it," said Prime Minister Anthony Albanese in a statement highlighting that Australian children were being negatively affected by online platforms, and reminding social media of their social responsibility. "I want Australian parents to know that we have their backs." The decision broadens the ban set to take effect in December. YouTube says it is used by nearly three-quarters of Australians aged 13 to 15, and should not be classified as social media because its main activity is hosting videos. "Our position remains clear: YouTube is a video sharing platform with a library of free, high-quality content, increasingly viewed on TV screens. It's not social media," said a YouTube spokesman by email. The ban outlaws YouTube accounts for those younger than 16 but allows parents and teachers to show videos on it to minors. "Teachers are always curators of any resource for appropriateness (and) will be judicious," said Angela Falkenberg, president of the Australian Primary Principals Association, which supports the ban. Artificial intelligence had supercharged the spread of misinformation on social media platforms such as YouTube, said Adam Marre, chief information security officer at cyber security firm Arctic Wolf. "The Australian government's move to regulate YouTube is an important step in pushing back against the unchecked power of big tech and protecting kids," he added in an email. The law passed in November only requires "reasonable steps" by social media platforms to keep out Australians younger than 16, or face a fine of up to A$49.5 million. The government, which is due to receive a report on tests of age-checking products, has said those results will influence enforcement of the ban. Reuters
Yahoo
18-07-2025
- Business
- Yahoo
Amazon's director of security on locking down enterprise AI
This story was originally published on CIO Dive. To receive daily news and insights, subscribe to our free daily CIO Dive newsletter. Cybersecurity is a growing concern for organizations as they sprint to bring AI into the enterprise. Amid deployment efforts, AI security issues have surpassed ransomware for nearly one-third of security chiefs, according to Arctic Wolf data. The technology's reliance on company data to create accurate results puts cybersecurity front and center. In June, CIO Dive spoke with Mark Ryland, director of security at Amazon, about AI's rapid rise, how executive concerns are evolving and the impacts the technology is having on cybersecurity defense. Editor's note: This interview has been edited for length and clarity. INDUSTRY DIVE: What is it about these latest iterations of AI, be it generative or agentic, that makes it a greater security challenge in certain respects? Why are we seeing higher concern related to AI? MARK RYLAND: The fact that these are non-deterministic systems that can give different results with the same input: That's something that computer people have never been accustomed to. And the fact that people are just trying to apply these tools across a broad range of business problems is also a factor. We've seen hype cycles before, but this one is a little different. There is major transformation happening, for sure, and business transformations that will result from the use of this powerful technology that can use structure and unstructured data. How has AI changed cybersecurity work for organizations? Where do you foresee it having its greatest impact? It's already having a big impact, starting with something very simple like human language queries of analytics tools. If I'm training a cybersecurity analyst, now they can just ask intelligent questions in human language and get very good results very efficiently. Another area that we see immediate benefit is contextual summarization. If there's a security issue, a human files a ticket that says, 'Hey, I think there's something wrong here,' and now, an AI system can bring in an entire corpus of similar tickets that a human might not have been able to find with a text search. On the proactive security side, our AppSec team is using AI for better, automatic test generation. There are lots of benefits already that we're seeing, and I feel like we're just getting started. How will the adoption of these technologies impact the cybersecurity sector workforce? I think the desirable outcome, and the one that we're working toward, is increasing the capacity of human experts to be much more efficient and do work that was difficult to do. At the same time, we don't want to stop the process by which humans develop expertise and judgment in these areas. As an industry, we have to find a way to continue to train people, but at the same time recognize that the tools can do a lot of the work that they used to do. I think maintaining a goal of keeping human expertise at a high level is important. How can organizations improve their cybersecurity posture as they adopt agentic AI? What we were advocating for people to do is to continue to use deterministic checkpoints on an agentic system. If you use identity-based controls, you have the ability to lock things down – this identity can only access this set of data. Then, if an agent is running as that identity, you've now constrained the ability of the agent to do things that you don't want it to do. Treat the agent itself as a human actor that can also make mistakes. 'Human-in-the-loop' will also be important for a while. Human-supervised feedback can also become part of a model which then improves the accuracy of the agents. Do you have any advice for how IT and security can work more collaboratively with each other? You've got to make security just as much a part of the goals you're trying to achieve as performance, costs or any other kind of criteria in an engineering effort. We've got to get to a point where the easiest path is a secure path, where software engineers are given an environment in which they write the business logic, but everything else is built right in for them. Another pattern that we've seen help is creating a cloud Center of Excellence, a joint skills team with the CTO, the CIO, CISO, all contributing experts can help engineering teams to modernize and onboard to cloud technology.
Yahoo
15-07-2025
- Business
- Yahoo
How one cybersecurity startup is using AI to keep clients safe
Artificial intelligence has become a key part of cybersecurity. It's helping cybersecurity companies keep their customers' data safe, but, unfortunately, it's also a new tool for criminals to exploit. Arctic Wolf ( CEO and president Nick Schneider joins Asking for a Trend with Josh Lipton to discuss how his company, valued at more than $4 billion, is leveraging AI to fight those who want to use the technology for harm. To watch more expert insights and analysis on the latest market action, check out more Asking for a Trend here. Let's talk about AI, a trend investors are very excited about. How is your company leveraging that tech? Yeah, so there's two primary ways. First of all, AI's been used in cybersecurity for a long time. There's two primary ways you can use it kind of in the back end or in the core of the platform to be able to make sense of all the data that you're ingesting. So, for example, our business is ingesting now somewhere in the neighborhood of 9 trillion security events a week. But our average customer is only really actioning, gonna call it two to three of those alerts per week. And really the magic between those two numbers is all through automation and AI, in AI. Now, that's not really customer facing. That's a lot of what's happening in the back end. The second way to leverage it is through LLMs or engagement with the end user of themselves. So, like, for example, we have a product called Cypher. It's an AI assistant. And effectively what that allows end customers to do is understand the data that they're getting through the platform to be able to take action within their environment or do something within their business. And we talked about how you're using AI. How are the bad guys using it? Yeah, the easiest one to like really wrap your head around is through like fishing campaigns, right? So it used to be a world where a fishing campaign was actually pretty easy to, you know, point out if you were an individual and you were paying attention. Now they've gotten pretty sophisticated, right? So the emails are written really well. They use logos that are really well depicted, the headers that they leverage for the emails that they send are really hard to decipher, like a one versus an I, for example. So so they've gotten really sophisticated with leveraging AI and then, you know, also leveraging the AI in a bulk fashion to do that to, you know, thousands of people at once as opposed to trying to kind of do it in a piecemeal fashion. When you talk about bad guys, Nick, who are we talking about in broad strokes? Yeah. Yeah, I got this question today, too. So um, so bad actors in general, generally speaking they're in groups of bad actors and I think that's where we see the majority of the activity. So those can be actually organizations in certain countries, or individuals now with the advent of AI can do this from their home. Uh but then you also see in certain industries concerned over like nation states, right? So if you're in critical infrastructure, anything that might be, you know, critical to a country or an organization that would be interesting to a nation state, you'll see some nation-state activity as well.
Zawya
02-07-2025
- Business
- Zawya
Australia's Qantas says 6mln customer accounts accessed in cyber hack
A cyber hacker broke into a database containing the personal information of millions of customers, Qantas said, in Australia's biggest breach in years and a setback for an airline rebuilding trust after a reputational crisis. The hacker targeted a call centre and gained access to a third-party customer service platform containing six million names, email addresses, phone numbers, birth dates and frequent flyer numbers, Qantas said in a statement on Wednesday. The airline did not specify the location of the call centre or customers whose information was compromised. It said it learnt of the breach after detecting unusual activity on the platform and acted immediately to contain it. "We are continuing to investigate the proportion of the data that has been stolen, though we expect it will be significant," Qantas said, reporting no impact on operations or safety. Last week, the U.S. Federal Bureau of Investigation said cybercrime group Scattered Spider was targeting airlines and that Hawaiian Airlines and Canada's WestJet had already reported breaches. Qantas did not name any group. "What makes this trend particularly alarming is its scale and coordination, with fresh reports that Qantas is the latest victim" of a hack, said Mark Thomas, Australia director of security services for cyber security firm Arctic Wolf. Scattered Spider hackers are known to impersonate a company's tech staff to gain employee passwords and "it is plausible they are executing a similar playbook", Thomas said. Charles Carmakal, chief technology officer of Alphabet-owned cybersecurity firm Mandiant, said it was too soon to say if Scattered Spider was responsible but "global airline organisations should be on high alert of social engineering attacks". Qantas' share price was down 2.4% in afternoon trading against an overall market that was up 0.8%. UNWELCOME ATTENTION The breach is Australia's most high-profile since those of telecommunications network operator Optus and health insurance leader Medibank in 2022 prompted cyber resilience laws including mandatory reporting of compliance and incidents. It brings unwelcome attention to Qantas which is trying to win public trust after actions during and after the COVID-19 pandemic saw it plunge on airline and brand league tables. Qantas was found to have illegally sacked thousands of ground workers during the 2020 border closure while collecting government stimulus payments. It also admitted selling thousands of tickets for already-cancelled flights. The airline drew the ire of opposition politicians who said it lobbied the federal government in 2022 to refuse a request from Qatar Airways to sell more flights. Qantas denied pressuring the government which eventually refused the request - a move the consumer regulator said hurt price competition. Qantas CEO Vanessa Hudson has improved the airline's public standing since taking office in 2023, reputation measures showed. "We recognise the uncertainty this will cause," Hudson said of the data breach. "Our customers trust us with their personal information and we take that responsibility seriously." Qantas said it notified the Australian Cyber Security Centre, the Office of the Australian Information Commissioner and the Australian Federal Police. ACSC declined to comment and AFP said only that it was aware of the incident. The OAIC was not immediately available for comment. The airline said the hacker did not access frequent flyer accounts or customer passwords, PIN numbers or log in details. (Reporting by Shivangi Lahiri in Bengaluru and Byron Kaye in Sydney; Editing by Rashmi Aich and Christopher Cushing)
