In a recent conversation with Mikhail Falkovich, CISO at Con Edison — one of the largest energy companies in the United States — we discuss major learnings from his 20 years in cybersecurity. During the interview, one resounding message was echoed: defending against cyber threats is a team sport. Forget the lone-wolf mentality of a single Security Operations Center (SOC); it’s all about cross-sector collaboration and information sharing through ISACs and CRISP (Cybersecurity Risk Information Sharing Program).
Mikhail also shared his best practices surrounding the use of AI, as well as defense against AI-powered attacks. This includes how data ownership matters and how keeping your data in-house minimizes the threat of data leakage.
And given that AI will also lower the barrier to attack for bad actors, Mikhail mentions that “protections need to be ready, especially against social engineering.” Cyber defense in general should have both breadth and depth, which entails multiple layers of security, along with multiple controls at each layer, including multi-factor authentication.
To hear my full conversation with Mikhail, tune into the episode below.
For more insights on how generative AI will shape cybersecurity, read State of Security 2024.
The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.
Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.