Forget GPT-4o (For Now) – Kick Off Summer with These Cyber Must-Reads for Enterprise Leaders
This collection of award-winning articles from Focal Point spotlights essential truths about ChatGPT and quantum computing, key steps to building a whole-of-state program, and cyber gangs’ new MBA-style approach to ransomware that would make a Wharton professor proud.
Last week’s announcement from OpenAI about GPT-4o is sparking massive chatter and speculation on how this faster, more “natural” version of ChatGPT might change human-machine interaction. Maybe it’s on your Memorial Day Weekend to-do list to take it out for a spin, but we’d also like to direct your attention to (and brag about) our curated selection of must-reads.
These recent Azbee Award winners, published last year by Focal Point, remain surprisingly relevant to current cybersecurity discussions, including talk about ChatGPT.
All in all, we took home two gold, six silver, and one bronze in the prestigious annual awards competition honoring editorial distinction in business-to-business (B2B) journalism and podcasting, presented by the American Society of Business Publication Editors (ASBPE).
Our two national awards include a silver for technology and innovation reporting and a silver for headline writing. Our regional wins in the Pacific region include two golds (one for government coverage, the other for technology and innovation), four silver (for headlines, regular column, single topic coverage by a team, and our companion podcast, Let’s Converge), and one bronze (for a how-to article on overcoming CISO burnout).
With a three-day weekend coming up, there’s plenty of time to take a deep dive into some of these still-hot topics.
The rise of RaaS, quantum queries, and bots, bots, bots
THE AWARDS: National Silver Award and Regional Gold Award
THE CATEGORY: All Content – Technology and Innovation Reporting
THE TOPIC – Ransomware-as-a-Service: These awards celebrate Focal Point’s coverage of three key tech advances and their impact on cybersecurity. For example, our exploration of ransomware-as-a-service (RaaS) offers defensive tips for enterprise owners, like role-based access controls, multifactor authentication, and real-time threat checks.
WHY IT’S RELEVANT TODAY: This business model for ransomware is fueling a spike in attacks that shows no signs of letting up, as cyber gangs now carry out their strategies with the kind of precision and bespoke services – customer relations, feature updates, discounts – that would make a Wharton professor proud. And while recent takedowns of notorious RaaS gangs like LockBit and ALPHV by U.S. and European Union governments have unmasked ringleaders and sent minions scattering, that doesn’t mean the RaaS era is over. Smaller startups are attempting to take their place, underscoring the need to be RaaS-ready, according to threat intelligence analysts.
[Read more: RaaS class – a defensive guide to ransomware-as-a-service attacks]
THE TOPIC – Quantum Computing: Our story on quantum computing breaks down just what the heck quantum is, with its revolutionary qubits (that’ “KYOO-bits,” short for quantum bits, or basic units of information) and its ability to process information in a fraction of the time required in traditional computing.
WHY IT’S RELEVANT TODAY: In seven to 10 years, say experts, those will be familiar terms – and threats. The sector most at risk is finance, given that quantum tech will soon be able to defeat the cryptographic algorithms that banks use to protect sensitive data.
In recent months, the World Economic Forum has collaborated with Deloitte and released a “quantum readiness toolkit,” and Apple unveiled a “post-quantum cryptographic protocol,” a security system designed to protect data sent over its iMessage platform. Still, “harvest now, decrypt later” attacks (in which bad actors grab data and hold it for future decrypting) persist, making quantum risk planning “a priority,” notes KPMG.
Our overview discusses specific steps banks and other financial institutions can take now to prep for the coming quantum era, including the inventory of at-risk cryptography and the design of modular software.
[Read more: 3 ways banks can prep for quantum computing threats to cybersecurity]
THE TOPIC – ChatGPT: Focal Point’s analysis of ChatGPT and generative AI, which has revolutionized cybercrime by making it much easier for even amateur hackers to pull off cyberattacks, was one of the first articles to provide a balanced look at both the fears and the ways in which AI will help security teams fend off such attacks.
WHY IT’S RELEVANT TODAY: Rates of ChatGPT-generated phishing emails are soaring, sure, but teams can also enlist the bot (and bots like it) to spot malicious code and create powerful anti-hacking tools. Even the name of the new, easier-to-use GPT-4o model – that’s four “o,” as in “omni”– alludes to the many ways in which it will be used, underscoring the likelihood that it will assist both sides in the GPT arms race. We clarify the core issues at stake.
[Read more: Yes, ChatGPT will turbocharge hacking – and help fight it, too]
A whole-of-state guide you can fit in your pocket
THE AWARD: Regional Gold Award
THE CATEGORY: All Content – Government Coverage
THE TOPIC – Whole-of-State Cybersecurity: This award honors three articles that feature incisive examinations of cyber-related legislation and regulation at all levels of government, including the White House’s new national cyber strategy (which places greater demands on business leaders to comply with new regulations), and the U.S. surgeon general’s advisory on social media’s harmful effects on children (which continues to drive legislators’ efforts to regulate social media platforms). But it’s our primer on whole-of-state procedures that is especially worth a read (or re-read).
WHY IT’S RELEVANT TODAY: Whole-of-state cybersecurity is a collaborative approach that’s growing in popularity with state and local government leaders across the U.S. In 2022, we published several in-depth articles on whole-of-state, including an explainer that remains one of the most popular and visited stories on our website. Last year, we recognized a hole in our coverage – we needed something akin to an elevator pitch for time-strapped officials unfamiliar with the topic.
This article serves as an info-packed yet concise pocket guide to establishing such a program, whether you’re looking to do so from the top down or bottom up, with actionable tasks for funding, workforce development, implementation and more.
The timing is propitious: Depending on your state, there’s still opportunity to develop or participate in a WOS program for 2024 by applying for funds from the State and Local Cybersecurity Grant Program (SLCGP). For example, the Kentucky Office of Homeland Security is holding virtual workshops now through June 20 to prep county and city leaders for this year’s application process. Maryland’s application period for SLCGP funds opened last week and runs through June 17. Wisconsin is offering four cycles of SLCGP funding, with the first application deadline set for August 15.
[Read more: A practical guide to building a whole-of-state cybersecurity strategy]
If you can rally, it’ll be worth it – Congress appropriated $300 million to be distributed in FY 2024; next year, that drops to $100 million. For other state deadlines and more info, check with your State Administrative Agency. (The Federal Emergency Management Agency keeps a list here.)