David Hughes
๐ค SpeakerAppearances Over Time
Podcast Appearances
It seems like it's a bit of an arms race.
It's always been an arms race.
It's just that new kinds of arms are continually being invented.
And I think it's really important for companies, enterprises, organizations to make sure that they are rapidly adopting new defense technology as it becomes available.
HPE Threat Labs is the organization we have in HPE, which researches threats.
We run deception networks that collect information about different threats that are out there, as well as we have telemetry that comes from our customers' networks so that we can track what's going on in the environment.
The Threat Labs team analyzes all of that and they are responsible for managing our threat feeds that help us block and mitigate for these threats in real time.
Yeah, I'm not sure you'd say highlights when you're talking about things being compromised.
But when you look at the stats, what you'll see is that it's affecting all industries.
But in particular, we see a concentration in financial services and technology and in governments.
The attacks are coming both from nation states as well as organized syndicates that really set up like enterprises.
They're very organized and very methodical in terms of how they're going about attacking and monetizing their capabilities.
There's always new techniques, but one of the things with agentic AI and automation is that you are able to use some of the older techniques, but without having to have a human in the loop, you are able to deploy them more broadly and more rapidly.
So generally, when people deploy, say, our firewall solutions, part of that subscription is a threat feed.
And so every day they're getting updates dynamically based on the threats that we're seeing in the field and how they are evolving.
There's also things like the Cyber Threat Alliance, where all the leading vendors share cyber threat intelligence.
And so the combination of what our research team does, along with what we learn in the industry, along with other open source feeds, those all go into the threat feeds that we distribute to customers.
Yeah, one of the really important things is that with the escalating threats, you really want to use every single technique that you have.
And one of the kind of real latent assets that companies have is their network.
The network can be a security sensor and it can be a security enforcement point.