Irish PR Agency

Client News

Category Page

IBM Report: Identity Comes Under Attack, Straining Enterprises’ Recovery Time from Breaches

  • 71% spike in cyberattacks caused by exploiting identity
  • 50% AI market share milestone to trigger a cyber problem
  • Nearly 70% of attacks globally targeted critical infrastructure in 2023
  • Europe feels brunt of cyberattacks, making up 32% of global incidents

IBM today released the 2024 X-Force Threat Intelligence Index highlighting an emerging global identity crisis as cybercriminals double down on exploiting user identities to compromise enterprises worldwide. According to IBM X-Force, IBM Consulting’s offensive and defensive security services arm, in 2023, cybercriminals saw more opportunities to “log in” versus hack into corporate networks through valid accounts – making this tactic a preferred weapon of choice for threat actors.

The X-Force Threat Intelligence Index is based on insights and observations from monitoring over 150 billion security events per day in more than 130 countries. In addition, data is gathered and analysed from multiple sources within IBM, including IBM X-Force Threat Intelligence, Incident Response, X-Force Red, IBM Managed Security Services, and data provided from Red Hat Insights and Intezer, which contributed to the 2024 report.

Some of the key highlights include: 

  • Attacks on critical infrastructure reveal industry “faux pas.” In nearly 85% of attacks on critical sectors, compromise could have been mitigated with patching, multi-factor authentication, or least-privilege principals – indicating that what the security industry historically described as “basic security” may be harder to achieve than portrayed.
  • Ransomware groups pivot to leaner business model. Ransomware attacks on enterprises saw a nearly 12% drop last year, as larger organisations opt against paying and decrypting, in favor of rebuilding their infrastructure. With this growing pushback likely to impact adversaries’ revenue expectations from encryption-based extortion, groups that previously specialised in ransomware were observed pivoting to infostealers.
  • ROI from attacks on generative AI not there – yet. X-Force analysis projects that when a single generative AI technology approaches 50% market share or when the market consolidates to three or less technologies, it could trigger at-scale attacks against these platforms.

“While ‘security fundamentals’ doesn’t get as many head turns as ‘AI-engineered attacks,’ it remains that enterprises’ biggest security problem boils down to the basic and known – not the novel and unknown” said Charles Henderson, Global Managing Partner, IBM Consulting, and Head of IBM X-Force. “Identity is being used against enterprises time and time again, a problem that will worsen as adversaries invest in AI to optimise the tactic.”

A Global Identity Crisis Poised to Worsen

Exploiting valid accounts has become the path of least resistance for cybercriminals, with billions of compromised credentials accessible on the Dark Web today. In 2023, X-Force saw attackers increasingly invest in operations to obtain users’ identities – with a 266% uptick in infostealing malware, designed to steal personal identifiable information like emails, social media and messaging app credentials, banking details, crypto wallet data and more.

This “easy entry” for attackers is one that’s harder to detect, eliciting a costly response from enterprises. According to X-Force, major incidents caused by attackers using valid accounts were associated to nearly 200% more complex response measures by security teams than the average incident – with defenders needing to distinguish between legitimate and malicious user activity on the network. In fact, IBM’s 2023 Cost of a Data Breach Report found that breaches caused by stolen or compromised credentials required roughly 11 months to detect and recover from – the longest response lifecycle than any other infection vector.

This wide reach into users’ online activity was evident in the FBI and European law enforcement’s April 2023 takedown of a global cybercrime forum that collected the login details of more than 80 million user accounts. Identity-based threats will likely continue to grow as adversaries leverage generative AI to optimise their attacks. Already in 2023, X-Force observed over 800,000 posts on AI and GPT across Dark Web forums, reaffirming these innovations have caught cybercriminals’ attention and interest.

Adversaries “Log into” Critical Infrastructure Networks

Worldwide, nearly 70% of attacks that X-Force responded to were against critical infrastructure organisations, an alarming finding highlighting that cybercriminals are wagering on these high value targets’ need for uptime to advance their objectives.

Nearly 85% of attacks that X-Force responded to in this sector were caused by exploiting public-facing applications, phishing emails, and the use of valid accounts.  The latter poses an increased risk to the sector, with DHS CISA stating that the majority of successful attacks on government agencies, critical infrastructure organisations and state-level government bodies in 2022 involved the use of valid accounts. This highlights the need for these organisations to frequently stress test their environments for potential exposures and develop incident response plans.

Generative AI – The Next Big Frontier to Secure

For cybercriminals to see ROI from their campaigns, the technologies they target must be ubiquitous across most organisations worldwide. Just as past technological enablers fostered cybercriminal activities –as observed with ransomware and Windows Server’s market dominance, BEC scams and Microsoft 365 dominance or cryptojacking and the Infrastructure-as-a-Service market consolidation – this pattern will most likely extend across AI.

X-Force assesses that once generative AI market dominance is established – where a single technology approaches 50% market share or when the market consolidates to three or less technologies – it could trigger the maturity of AI as an attack surface, mobilising further investment in new tools from cybercriminals. Although generative AI is currently in its pre-mass market stage, it’s paramount that enterprises secure their AI models before cybercriminals scale their activity. Enterprises should also recognise that their existing underlying infrastructure is a gateway to their AI models that doesn’t require novel tactics from attackers to target – highlighting the need for a holistic approach to security in the age of generative AI, as outlined in the IBM Framework for Securing Generative AI.

Additional findings:

  • Europe – adversaries’ preferred target – Nearly one in three attacks observed worldwide targeted Europe, with the region also experiencing the most ransomware attacks globally (26%).
  • Where did all the phish go? Despite remaining a top infection vector, phishing attacks saw a 44% decrease in volume from 2022. But with AI poised to optimise this attack and X-Force research indicating that AI can speed up attacks by nearly two days, the infection vector will remain a preferred choice for cybercriminals.
  • Everyone is vulnerable – RedHat Insights found that 92% of customers have at least one CVE with known exploits unaddressed in their environment at the time of scanning, while 80% of the top ten vulnerabilities detected across systems in 2023 were given a ‘High’ or ‘Critical’ CVSS base severity score.
  • “Kerberoasting” pays off – X-Force observed a 100% increase in “kerberoasting” attacks, wherein attackers attempt to impersonate users to escalate privileges by abusing Microsoft Active Directory tickets.
  • Security misconfigurations –X-Force Red penetration testing engagements indicate that security misconfigurations accounted for 30% of total exposures identified, observing more than 140 ways that attackers can exploit misconfigurations.

Hoppy Ever After: DSPCA Celebrates Love at the Shelter this Valentine’s Day

This Valentine’s Day, many of us will be taking time to celebrate the special animal love in our lives. This is no different at the Dublin Society for Prevention of Cruelty to Animals (DSPCA) where adorable couple Bao Bunny and Rosie are inseparable ahead of the big day, and capturing hearts with their story of love and friendship.

Abandoned by their previous owners, Bao Bunny and Rosie found themselves in the caring hands of the DSPCA. Despite their tumultuous past, these furry friends have flourished in the nurturing environment provided by the staff at the DSPCA, and have formed an unbreakable bond along the way. Their love for each other is evident in every hop and snuggle, serving as a reminder of the power of companionship and compassion.

Bao Bunny and Rosie truly embody the spirit of resilience and love and their story is a testament to the importance of animal welfare and the impact that your donations to the DSPCA can have.

As the furry couple continue to enjoy their blossoming relationship, the DSPCA is asking for those who can’t. Your donation, no matter how big or small, will mean the DSPCA can continue to be there for animals like Bao Bunny and Rosie, every single day.

For more information or to help visit https://www.dspca.ie/.

 

Taste of Dublin 2024 Bigger Than Ever with New Iconic Location at Merrion Square

New location also marks the announcement of JYSK as headline sponsor

Dublin’s legendary culinary festival, Taste of Dublin, is set to return this June with another explosion of flavours and food innovation. This iconic event will take place for the first time in one of Dublin’s most beautiful Georgian Squares – the historic Merrion Square. To mark this new location the festival has also revealed JYSK, the Danish interiors retailer, as its headline sponsor.  

This year’s edition spotlights the remarkable surge in Irish culinary creativity. The larger festival footprint will ensure a more immersive experience for food aficionados. Taste of Dublin will take place from the 13th – 16th of June with over 34,000 people expected to attend the event.  

Once again, the festival will bring a constellation of well-known Irish chefs, restaurants, artisan food innovators, and musical acts together for a truly remarkable experience for the senses. Cultural diversity in food will be at the heart of the festival. Furthermore, together with JYSK and other key sponsors, the organisers are planning several new and exciting activations and visitor activities as part of the 2024 line up.   

Commenting on behalf of Taste of Dublin, CEO, Equinox Events, Jo Mathews, said, “This year marks a new chapter in the story of Taste of Dublin as we host the festival for the first time in the historic surroundings of Merrion Square and welcome JYSK as our headline sponsor. It has been a pleasure to work with the creative team at JYSK to craft a truly unique festival experience while staying true to the magic that has been synonymous with our event over the last 19 years. Innovation is the cornerstone of the Taste of Dublin blueprint, and we look forward to celebrating some of Ireland’s, and indeed the world’s, top food creators and experts again this year. Together with JYSK and our wider partners, we look forward to sharing more exciting details as we move closer to June”. 

Country Director for JYSK UK & IRE, Roni Tuominen, added: “2024 is a very exciting year for us at JYSK, between opening our new flagship store in Liffey Valley, continuing our expansion nationwide and partnering with Taste of Dublin as the lead sponsor of the festival, we’re really looking forward to the year ahead.  JYSK is one of Ireland’s go to destinations for high quality, on trend products for the home and garden and we can’t wait to bring our Scandinavian design ethic and style to Taste of Dublin 2024”. 

With everything from cookery demonstrations, interactive workshops, and hands-on masterclasses, there really is something for everyone at Taste of Dublin 2024.  For more information visit tasteofdublin.ie  

 

Uisce Éireann Announces 700 New Jobs Nationwide

Ireland’s National Water Authority offers exciting career opportunities in all counties

 Uisce Éireann, Ireland’s national water authority, has today announced it will be recruiting for 700 new jobs across the country. These exciting opportunities will be available in the next year, with positions ready to be filled immediately.

The roles span a range of disciplines, offering a chance for professionals, tradespeople at all levels, recent graduates, and skilled workers to contribute to their local communities while building rewarding careers. Uisce Éireann is committed to providing ongoing training, and attractive compensation and benefits packages to ensure a secure and fulfilling work experience.

Speaking at the announcement, Uisce Éireann’s People and Safety Director, Dawn O’Driscoll said, “As we continue our development as Ireland’s national water authority with responsibility for the delivery of public water and wastewater services nationwide, we are delighted to be announcing 700 new jobs for candidates across the country. We’re filling an exciting range of roles in all counties, including front-line operations, science and engineering, administration, communications, management and IT.

“This is the largest recruitment announcement made by Uisce Éireann to date and reflects the scope and scale of the activities we are carrying out nationwide. These new positions will not only offer a chance to make a tangible difference to your community but will provide plenty of opportunities to develop your career in a growing organisation. We are looking for people with diverse skillsets to play their part in delivering transformative water services that enable their local communities to thrive.

“At Uisce Éireann, we are proud to provide all employees with equal opportunities and we continue to demonstrate our full commitment to creating an open, diverse and inclusive workplace that enables all our people to achieve their full potential.”

Uisce Éireann encourages interested individuals to visit www.water.ie/careers to explore and apply for the exciting opportunities available in their local areas.

 

Sevilla FC transforms the player recruitment process with the power of IBM watsonx generative AI

  • Sevilla FC introduce Scout Advisor, an innovative tool built on IBM’s watsonx platform, to enhance player recruitment process.
  • “Scout Advisor” is designed to unlock the full potential of Sevilla FC extensive players database to create new competitive advantages.
  • watsonx enables Sevilla FC to bridge the gap between traditional human-centric and data-driven scouting in the identification and characterization of potential recruits.

IBM (NYSE: IBM) and Sevilla FC has introduced Scout Advisor, an innovative generative AI tool that Sevilla FC will use to provide their scouting team with a comprehensive, data-driven identification and evaluation of potential recruits. Built on watsonx, IBM’s AI and data platform designed for enterprises, Sevilla FC’s Scout Advisor will integrate with their existing suite of self-developed data-intensive applications.

Sevilla FC’s data department worked with IBM Client Engineering Team to build Scout Advisor, leveraging watsonx’s natural language processing and foundation models to search and analyse massive amounts of information present in the club’s existing databases to evaluate potential recruits. This includes both quantitative data such as height and weight, speed, number of goals or minutes played, and qualitative unstructured data such as the textual analysis contained in their more than 200,000 scouting reports.

The solution’s natural language processing capabilities have enabled Sevilla FC to use multiple large language models (LLMs) to help enhance the accuracy and effectiveness of their player identification. Using language prompts from Sevilla FC scouters that describe the key characteristics of the players searched, Scout Advisor generates curated lists of candidates based on stated requirements and summarises the full set of scouting reports for each individual player. Additionally, Scout Advisor links every player to the Sevilla FC’s own data-applications to obtain deep insights about their quantitative performance figures.

Player scouting and recruiting decisions at elite sports teams, especially in the football industry, involve multi-million-dollar investments, long term contracts and high levels of uncertainty on performance and ROI. Traditionally, player recruitment has relied on a combination of subjective human observation and manual data analysis. However, this approach has several limitations, as it is both time-consuming and considers only a limited number of factors.

Already widely recognised for its massive database of quantitative player evaluations, the Sevilla FC scouting team has attracted the global attention for its successful track record of identifying rising football stars. In addition, Sevilla FC is a pioneer in the development of its own data-intensive applications targeted to characterise players based on a wide spectrum of quantitative figures. Now, Scout Advisor offers Sevilla FC further competitive advantage — combining their existing capabilities with the use of generative AI to bridge the gap between metrics-based scouting and human-centric observations that cannot be as easily measured on the pitch. This automated approach is designed to further enhance their player identification process, to help them to make more efficient and informed recruitment decisions.

IBM watsonx capabilities allow Scout Advisor to unlock the full potential of Sevilla FC’s extensive players reports database making it possible to search for players using natural language and retrieve potential recruits based on their key quantitative indicators and the detailed opinion that scouting experts have about them. This provides Sevilla FC with potential competitive advantages, in terms of being able to make better-informed recruitment decisions with technology empowered insights.

“We are excited to work with IBM as this project can be a game-changer for Sevilla FC and the whole Sports Industry” José María del Nido Carrasco, Sevilla FC’s President. “Our team of scouters and analysts is committed to finding the best players to support our team’s success and have worked tirelessly to build an impressive database of player reports, and now, with the support of IBM, we can utilize this asset to its full potential. This gives us a significant advantage in the player recruitment process and enables us to find the best players for our team and continue to improve our performance on the pitch. We believe that this collaboration will have a positive impact not only for Sevilla FC but for the sports industry as a whole. With this tool, Sevilla FC also demonstrates that technology is not just a goal but an intimate companion on the journey towards the future of our entity; it is part of its DNA”.

“We are proud to collaborate with Sevilla FC to use the power of IBM watsonx generative AI to help enhance the accuracy and effectiveness of their player recruitment process” said Ana Paula Assis, Chair and General Manager at IBM EMEA. “With the appropriate guardrails and governance in place, AI continues to be a game-changer for businesses across many industries looking to modernise operations. In this instance, by producing trusted and explainable insights that advance the goals of a competitive football club while transforming the work of a football scout.”

The collaboration between IBM and Sevilla FC is part of the club’s wider business and technology strategy, which aims to leverage the power of data and AI to enhance their football operations. By integrating the watsonx-based solution into their existing data architecture, Sevilla FC aims to increase the ROI on existing resources with faster, more efficient, and better-informed recruitment decisions.

Research Commissioned by IBM Suggests Growth in Enterprise Adoption of AI But Barriers Keep 40% in the Exploration and Experimentation Phases

New research commissioned by IBM (NYSE: IBM) has found that about 42% of enterprise-scale organisations (over 1,000 employees) have AI actively in use in their businesses. Early adopters are leading the way, with 59% of the enterprises already working with AI intending to accelerate and increase investment in the technology. Ongoing challenges for AI adoption in enterprises remain, including hiring employees with the right skillsets, data complexity, and ethical concerns continue to inhibit businesses from adopting AI technologies into their operations.

“We’re seeing that the early adopters who overcame barriers and have deployed AI are already experiencing the benefits and making further investments. More accessible AI tools, the drive for automation of key processes, and increasing amounts of AI embedded into off-the-shelf business applications are top factors driving the expansion of AI at the enterprise level,” said Rob Thomas, Senior Vice President, IBM Software. “We see organizations leveraging AI for use cases where the technology can most quickly have a profound impact like IT automation, digital labour, and customer care. For the 40% of companies stuck in the sandbox, 2024 will be the year of tackling and overcoming barriers to entry like the skills gap and data complexity.”

Highlights from the “IBM Global AI Adoption Index 2023,” conducted by Morning Consult on behalf of IBM, include:

Over the last several years, AI adoption has remained steady at large organisations:

  • Today, 42% of IT professionals at large organisations report that they have actively deployed AI while an additional 40% are actively exploring using the technology.
  • Additionally, 38% of IT professionals at enterprises report that their company is actively implementing generative AI and another 42% are exploring it.
  • Organisations in India (59%),China (50%), Singapore (53%), and the UAE (58%) are leading the way in active use of AI, compared with lagging markets like Spain (28%), Australia (29%), and France (26%).
  • Companies within the financial services industry are most likely to be using AI, with about half of IT professionals within that industry reporting their company has actively deployed AI. 37% of IT professionals within the telecommunications industry state that their company is also deploying AI.

The majority of companies actively deploying or exploring AI have accelerated their rollout or investments in the past 24 months:

  • 59% of IT professionals at companies deploying or exploring AI indicate that their company has accelerated their investments in or rollout of AI in the past 24 months.
  • China (85%), India (74%), and the UAE (72%) are the markets most likely to be accelerating AI rollout, while businesses in the UK (40%), Australia (38%) and Canada (35%) were the least likely to accelerate the rollout.
  • Research and development (44%) and reskilling/workforce development (39%) are the top AI investments at organisations exploring or deploying AI.

Easier to use AI tools and the need to reduce costs and automate processes are driving AI adoption:

  • Advances in AI tools that make them more accessible (45%), the need to reduce costs and automate key processes (42%), and the increasing amount of AI embedded into standard off the shelf business applications (37%) are the top factors driving AI adoption.
  • For IT professionals, the two most important changes to AI in recent years are solutions that are easier to deploy (43%) and the increased prevalence of data, AI, and automation skills (42%).
  • The AI use cases driving adoption for companies currently exploring or deploying AI are not limited, but cut across many key areas of business operations:
    • Automation of IT processes (33%)
    • Security and threat detection (26%)
    • AI monitoring or governance (25%)
    • Business analytics or intelligence (24%)
    • Automating processing, understanding, and flow of documents (24%)
    • Automating customer or employee self-service answers and actions (23%)
    • Automation of business processes (22%)
    • Automation of network processes (22%)
    • Digital labour (22%)
    • Marketing and sales (22%)
    • Fraud detection (22%)
    • Search and knowledge discovery (21%)
    • Human resources and talent acquisition (19%)
    • Financial planning and analysis (18%)
    • Supply chain intelligence (18%)

The same set of barriers are keeping the next wave of companies from benefiting from AI:

  • The top barriers hindering successful AI adoption at enterprises both exploring or deploying AI are limited AI skills and expertise (33%), too much data complexity (25%), ethical concerns (23%), AI projects that are too difficult to integrate and scale (22%), high price (21%), and lack of tools for AI model development (21%).

Generative AI poses different barriers to entry from traditional AI models:

  • Data privacy (57%) and trust and transparency (43%) concerns are the biggest inhibitors of generative AI according to IT professionals at organisations not exploring or implementing generative AI.
  • 35% also say that lack of skills for implementation are a big inhibitor.

AI is already having an impact on the workforce:

  • One-in-five organisations do not have employees with the right skills in place to use new AI or automation tools and 16% cannot find new hires with the skills to address that gap.
  • Among companies citing AI’s use to address labour or skills shortages, they are tapping AI to do things like reduce manual or repetitive tasks with automation tools (55%) or automate customer self-service answers and actions (47%).
  • Only 34% are currently training or reskilling employees to work together with new automation and AI tools.

The need for trustworthy and governed AI is understood by IT professionals, but barriers are making it difficult for companies to put into practice:

  • IT professionals are largely in agreement that consumers are more likely to choose services from companies with transparent and ethical AI practices (85% strongly or somewhat agree) and say being able to explain how their AI reached a decision is important to their business (83%) among companies exploring or deploying AI).
  • But, with many companies already deploying AI facing multiple barriers in the process, well under half are taking key steps towards trustworthy AI like reducing bias (27%), tracking data provenance (37%), making sure they can explain the decisions of their AI models (41%), or developing ethical AI policies (44%).

Methodology:

This survey was conducted in November 2023 among a representative sample of 8,584 IT Professionals in Australia, Canada, China, France, Germany, India, Italy, Japan, Singapore, South Korea, Spain, UAE, UK, US and LATAM (Argentina, Brazil, Chile, Colombia, Mexico, and Peru). To qualify for the survey, participants must be employed full-time, work at companies with more than 1 employee, work in a manager or higher-level role, and have at least some knowledge about how IT operates and is used by their company. The global results have a margin of error of +/- 1 percentage point.