Is Your Organization in Step With AI? Check on Your Data Tenancy.

By Paul Kurtz

In a recent conversation with Mikhail Falkovich, CISO at Con Edison — one of the largest energy companies in the United States — we discuss major learnings from his 20 years in cybersecurity. During the interview, one resounding message was echoed: defending against cyber threats is a team sport. Forget the lone-wolf mentality of a single Security Operations Center (SOC); it’s all about cross-sector collaboration and information sharing through ISACs and CRISP (Cybersecurity Risk Information Sharing Program).

Mikhail also shared his best practices surrounding the use of AI, as well as defense against AI-powered attacks. This includes how data ownership matters and how keeping your data in-house minimizes the threat of data leakage.

And given that AI will also lower the barrier to attack for bad actors, Mikhail mentions that “protections need to be ready, especially against social engineering.” Cyber defense in general should have both breadth and depth, which entails multiple layers of security, along with multiple controls at each layer, including multi-factor authentication.

To hear my full conversation with Mikhail, tune into the episode below.

For more insights on how generative AI will shape cybersecurity, read State of Security 2024.

Paul Kurtz

Paul has led organizations involved in the most pressing national security issues, ranging from counter-terrorism, weapons nonproliferation, critical infrastructure protection, and cybersecurity.

His management experience spans government, non-profits, to the private sector, ranging from Special Assistant to the President on the White House's National Security Council to managing partner for a consulting company's overseas operations to founding a venture-funded cybersecurity company.

Career highlights include experience on the ground as a weapons inspector in Iraq and North Korea, serving as Political Advisor in Northern Iraq, coordinating the immediate response to the attacks of September 11, planning a national cyber defense program, to turning an idea to automate cyber intelligence management into a successful company (TruSTAR) ultimately acquired by Splunk.

CISO Circle 3 Min Read

The SEC Ruling Went Into Effect Last Month. Here’s What We Think It’ll Bring for the Rest of the Year

CISOs in 2024 may face rigid security incident disclosure mandates, but they also have opportunities to align priorities and become stronger cyber champions for their boards.

CISO Circle 3 Min Read

Embracing the Chaos: How Real Downtime Drills Build Resilient Organizations

Learn how chaos engineering builds resilient systems by simulating real downtime. Strengthen your organization's response to unexpected failures.

CISO Circle 4 Min Read

Agency is the Leadership Skill Required to Thrive in the Agentic AI Era

Redefining leadership when action isn’t only human anymore.

About Splunk

The world’s leading organizations rely on Splunk, a Cisco company, to continuously strengthen digital resilience with our unified security and observability platform, powered by industry-leading AI.

Our customers trust Splunk’s award-winning security and observability solutions to secure and improve the reliability of their complex digital environments, at any scale.

Learn more about Splunk

Is Your Organization in Step With AI? Check on Your Data Tenancy.

Related Articles

The SEC Ruling Went Into Effect Last Month. Here’s What We Think It’ll Bring for the Rest of the Year

Embracing the Chaos: How Real Downtime Drills Build Resilient Organizations

Agency is the Leadership Skill Required to Thrive in the Agentic AI Era

About Splunk

Get more perspectives from security, IT and engineering leaders delivered straight to your inbox.