Netacea CISO Andrew Ash welcomes two special guests to the podcast this month to talk about AI adoption and managing third party risk: Thomas Ballin (CTO, Cytix) and Haydn Brooks (CEO, Risk Ledger).

In 2023 the AI genie is well and truly out of the bottle, gaining mainstream attention and usage across business, academia and in day-to-day life. As a result, AI has become somewhat of a buzzword used to sell solutions or make products appear smart and modern. As mutual advocates of AI to solve problems more efficiently for clients, Andrew and Thomas weigh in on how to define “real AI”, which solutions really benefit from incorporating AI, and how we can validate these claims.

Meanwhile, CISOs are rightly concerned with gaining as much control as possible over internal systems so that they can be secured against known and novel threats. But businesses are also reliant on their supply chain and third-party systems, which have their own potential vulnerabilities. Haydn has a wealth of experience in this area, and sheds light on the potential risks third party relationships expose and how CISOs can manage them whilst maintaining the value of these relationships.

Finally, threat researcher extraordinaire Cyril Noel-Tagoe explains why criminals use bots to mass create fake accounts on web services, the other attacks these accounts facilitate, and how businesses can cut off fake accounts before they do their damage.

Host

Andrew Ash – CISO, Netacea

Andy Ash has worked in IT Services and cyber for 21 years. He has been part of Netacea since its inception and is currently CISO, overseeing the operation and security of the technical platform and Netacea Threat and Bot Expert teams.

https://www.linkedin.com/in/andrew-ash-3963b19/

Panel

Haydn Brooks – CEO & co-founder, Risk Ledger

Originally a big four cyber risk consultant, Haydn found that current supply chain assurance programs were far from frictionless and actively caused clients and their suppliers’ headaches. This led him to found Risk Ledger, a technology platform that combines a security governance platform with a secure social network.

https://www.linkedin.com/in/haydn-brooks/

Thomas Ballin – CTO & co-founder, Cytix

The technical co-founder of Cytix, Thomas is focused on disrupting the UK security testing space. With a background in penetration testing, he has spent the past 10+ years building and innovating service lines to support businesses with their continuous security testing needs.

https://www.linkedin.com/in/thomasjballin/

Cyril Noel-Tagoe – Principal Security Researcher, Netacea

Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

https://www.linkedin.com/in/cybercyril

https://twitter.com/cyber_cyril

To start this month’s episode, we once again weigh in on AI – this time considering the privacy implications when feeding prompts into generative AI tools like ChatGPT and Bard. We’ll discuss whether it’s safe to share company IP or your own personal information into such tools, before hearing how we approach this at Netacea from Principal Software Engineer John Beech.

Next, we’ll look to the news of another major data breach, as it was recently revealed that millions of stolen records from genetics testing site 23andMe were available for sale from an underground forum. The attackers even touted that the data identifies those with Jewish genealogy. 23andMe held customers responsible for reusing their passwords on other sites that had been hacked previously, but where does responsibility for protecting this kind of sensitive information lie and what can each party do to keep data safe? Having spent five years of his career in biotech, Engineering Manager Karol Horosin has plenty to add to this story.

Finally, our security researcher extraordinaire Cyril returns to tell us about freebie bots – a type of scalping bot that targets discounted goods to resell in bulk at retail prices. Sounds like a “prime” bot attack type to target recent and upcoming sales events…

Host

Dani Middleton-Wren – Head of Media, Netacea

Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

https://www.linkedin.com/in/danielle-middleton-wren-95826767/

Panel

Cyril Noel-Tagoe – Principal Security Researcher, Netacea

Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

https://www.linkedin.com/in/cybercyril

https://twitter.com/cyber_cyril

Karol Horosin – Engineering Manager, Netacea

As well as his role as Engineering Manager at Netacea, Karol is the founder of an AI sentiment analysis product sentimatic.io. He is a frequent conference speaker and writes online about programming, product development and startups on his personal blog.

https://www.linkedin.com/in/horosin/

https://twitter.com/horosin_

John Beech – Principal Software Engineer, Netacea

Currently a team lead for Netacea’s software engineering department, John has been working on highly scalable secure applications platforms over the span of 20 years. He’s enthusiastic about welcoming in a new era of AI and computer intelligence.

https://www.linkedin.com/in/johnbeech/

This month’s episode takes off with a journey into the controversial world of skiplagging, also known as hidden city flying. Airlines and holiday businesses are taking legal action against passengers and websites like Skiplagged that exploit pricing loopholes, leaving empty seats on the second leg of multi-stop itineraries. But with scraper bots at the root of the issue, is there a technical solution to limit the practice?

On the topic of bots, a recent report from the University of California, Irvine, revealed that bots are now faster and more accurate than humans at solving CAPTCHA challenges. In this episode we discuss whether there is still a place for CAPTCHA in detecting bot traffic, and try to decipher Elon Musk’s comments about the report – Does it spell the end of bot detection, and is his X subscription model the only answer…?

To conclude, we go more in depth on scraper bots – not only do they facilitate skiplagging, but there are endless uses for scrapers, both well meaning and malicious. How concerned should businesses be about scraper bots, and does their presence often indicate more sinister attacks on the horizon?

Host

Dani Middleton-Wren – Head of Media, Netacea

Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

https://www.linkedin.com/in/danielle-middleton-wren-95826767/

Panel

Matthew Gracey-McMinn – Head of Threat Research, Netacea

Matthew is an experienced Cyber Threat Intelligence professional with an MPhil from the University of Oxford. In his current role at Netacea, he researches and investigates the impact of malicious bots on online businesses and their customers.

https://www.linkedin.com/in/matthewgraceymcminn

https://twitter.com/mgm_cybersec

Chris Collier – Head of Solution Engineering, Netacea

Chris is an experienced technical manager who joined Netacea in 2021. Since this time, he’s helped countless clients onboard with our bot management product, ensuring they get a solution that fits their business needs and integrates with their existing platforms.

https://www.linkedin.com/in/chris-collier-82588859

Gary Clarke – Solutions Engineer, Netacea

Gaz is an experienced Solutions Engineer with 12 years’ experience working in the computer and retail industries. At Netacea Gaz helps businesses implement advanced bot management solutions to work in harmony with their existing systems and prevent automated threats from attacking. Gaz gained his bachelor’s degree focused in Computing; Software and Systems from Edge Hill University.

https://www.linkedin.com/in/clarkegs/