Paolo Cecchi, Sales Director Mediterranean Region of SentinelOne, focuses on the main trends in the cybersecurity field, with particular attention to SMEs and PAs.
In a rapidly changing scenario, SentinelOne interprets the needs of IT security of businesses and a careful observer of market trends. As technological infrastructures have grown, the exponential increase in the number and severity of attacks has put organizations in every industry at serious risk.
Hybrid work environments and the increase in the number of endpoint have become primary targets of cyber criminals. Used to access sensitive information and disrupt business operations, endpoint risks directly impact an organization’s finances.
Cybersecurity – In this delicate moment, attackers are also targeting cloud infrastructures with renewed interest, causing economic and reputational damage not indifferent to businesses. The financial loss caused by a successful cyber attack goes beyond the immediate costs – ransom payments, extortion costs, property damageIT infrastructure – with long-term repercussions. The fallout from even a single breach can cost a company months of legal fees, fines for those operating in highly regulated industries, downtime, and permanent damage to its brand and reputation.
Paolo Cecchi, Sales Director Mediterranean Region of SentinelOne, explains the company’s approach to cybersecurity.
Artificial intelligence at the center, for better or worse
In the last year there has been nothing but talk of artificial intelligence, as a support for business, as a new tool to enhance everyday activities, as an essential component for security, but also as a potential threat, if used by attackers . AI has brought about significant change in numerous industries, and we’re only just getting started!
Artificial intelligence means new creative systems for creating additional content and tools at multiple levels, but unfortunately it means potential risks and threats linked to the high degree of sophistication that it is able to generate. We can no longer trust what we read, see, or hear, and as individuals and businesses, we are faced with new forms of attack that we still don’t fully understand.
We have entered a new era.
Until recently, AI has operated mostly in the background, silently automating processes and boosting performance. However, the unprecedented adoption curve of generative AI represents a disruptive shift in the way people interface with technology, through natural language and conversation. It is not just a ‘seismic’ wave, but a structural change that will forever modify our way of living and working.
Second Anitec-Assinform (Nov2023), AI is emerging as the leading technology in transforming the economy in the post-pandemic world. Thus revealing itself to be a fundamental ally to guarantee the ability to adapt and the sustainability of production as well as supply chains. The AI market in Italy is growing rapidly. An increase in volume of 540 million euros is estimated in 2023 and is expected to reach 1.2 billion in 2026, with an annual growth rate of 28.9% between 2022 and 2026. This incredible scale and potential impact of AI make international cooperation essential, especially when it comes to regulation. But if caution is warranted, so is enthusiasm, because big changes imply big opportunities.
AI, environment and privacy
The implications are numerous, also from an energy point of view: According to a recent study by Alex De Vries, PhD student at VU Amsterdam School of Business and Economics, titled Growing energy footprint of AI, by 2027 the AI sector could consume as much energy as a country the size of the Netherlands. While incredibly illustrative, this data echoes the concerns of academics such as Professor Kate Crawford, who has long highlighted the environmental risks linked to AI. While the data center industry has been one of the most progressive when it comes to addressing the issue of energy consumption and carbon emissions, it is clear that there is still more to do, especially given the rapid increase in interest in the AI.
Environmental impact, especially at a time when reporting responsibilities ESG have increased, and data privacy are two hotly debated topics around AI.
Regarding privacy: AI engines require data for training; so how can companies stay in control of their data if they use public cloud-based services for AI? This lack of data control is almost certainly a governance issue, as no company can be entirely sure where its data will end up. In addition to potential latency issues and costs associated with the flexible nature of the public cloud, data privacy must be a primary focus.
The costs of a do-it-yourself approach, the global GPU shortage, and the required in-house AI expertise make a stand-alone approach impossible. An autonomous AI platform at the edge offers data privacy and speed, as well as a smaller footprint with reduced power consumption and carbon footprint. It is clear that it is essential to understand how the company intends to implement AI, but the embryonic nature of this technology segment means that there is a lack of strategic best practices, consolidated guidelines or even reference architectures.
Cybersecurity today and tomorrow
Hybrid work environments and the increase in the number of endpoints have become prime targets for cyber criminals. Used to access sensitive information and disrupt business operations, endpoint risks directly impact an organization’s finances. With reference to 2022 data, the cost of data breaches averaged $4.35 million.
The average cost of an attack ransomware, excluding the cost of the ransom, was $4.54 million. Companies that had expert teams and incident response plans saved an average of $2.66 million.
For 2024, the main threats will remain ransomware and malware, with a progressive growth in state sponsored hacker attacks, driven by the international situation, wars and general instabilities.
Companies respond by integrating tools that leverage AI and by evolving IT departments at a rapid pace. Not only that, the financial analysis of projects is moving from IT to CFO, in this way it is possible to benefit from an important level of risk analysis and access to cybersecurity issues at the board becomes realistic. Strengthened by a new awareness, companies continue to invest in cybersecurity, despite the uncertain period and the current macroeconomic imbalances.
Cybersecurity, the tools SentinelOne
In this scenario, SentinelOne is alongside companies and wants to be disruptive in the way it offers security, meeting the different needs of companies, which increasingly need to “consume data” and which, at the same time, find themselves addressing security issues on increasingly wider.
Hence, the agreements with the Israeli Wiz, to propagate effective controls from production to the cloud (shield right, shift left), creating truly integrated and powerful protection, from the genesis of the cloud to the services provided.
The Wiz integration makes early access possible Singularity Skylight, a sophisticated solution that allows you to capture third-party data into SentinelOne’s Singularity Security DataLake.
This architecture is designed to simplify data normalization and collection. When SentinelOne detects a runtime-level threat to a cloud server or container, it automatically enriches the threat details with context data provided by Wiz about the affected cloud resource, including any vulnerabilities, misconfigurations or exposed code, and transmits it in the SentinelOne management console.
SentinelOne Purple AI represents the state-of-the-art evolution of artificial intelligence models applied to security. We are talking about a generative artificial intelligence dedicated to threat hunting, analyzing and responding to threats. It is based on LLM (large language models) algorithms appropriately calibrated and coded to interpret security events. Purple AI represents an effective example of “pretrained” AI, starting from an immense database that is constantly updated and, therefore, immediately ready to operate.
It is an autonomous AI, ready to work directly on the endpoint and developed to support, not replace, analysts during the study and resolution of incidents.