Best of LinkedIn: ICT & Tech Insights CW 09/ 10

00:00:00: This episode is provided by Thomas Allgaier and Frennis, based on the most relevant LinkedIn posts about ICT and tech insights from CW nine in ten.

00:00:09: Frennis supports ICT enterprises with market and competitive intelligence decoding emerging technologies customer insights regulatory shifts and competitor strategies.

00:00:19: so product teams and strategy leaders don't just react but shape the future.

00:00:24: So if you're tuning into this deep dive, our mission today is pretty straightforward.

00:00:28: We want to cut through all the relentless fluff out there in the digital landscape.

00:00:32: Yeah exactly!

00:00:32: There's just so much noise right now

00:00:34: Right and we've basically decanted ICT and tech trends that we've seen across LinkedIn over the past two weeks.

00:00:42: So, We are looking specifically at how cybersecurity AI And like actual physical infrastructure or just colliding right now

00:00:49: violently colliding honestly?

00:00:50: Yeah If you're a professional working in the ICT industry You're definitely feeling the weight of this Right.

00:00:54: yeah managing an environment That well it used to be predictable because by

00:00:59: round blocked our loud

00:01:00: Exactly, but now it's just incredibly murky.

00:01:03: You build a firewall and suddenly your dashboard is lighting up with warnings.

00:01:07: The alerts are literally coming from inside the house So we're gonna break down what's actually happening out there because

00:01:12: for decades I mean the default answer to any threat was just to buy A bigger more expensive digital padlock

00:01:19: which of spoiler alert hasn't worked

00:01:22: Not at all.

00:01:22: And what's really striking in the intelligence from the last couple of weeks is this massive pivot away from treating cybersecurity as just a technical problem, it's now being viewed as a foundational leadership and cultural challenge right?

00:01:36: It's human problem.

00:01:37: now

00:01:37: exactly.

00:01:38: Luke Irwin made this super compelling argument recently.

00:01:42: he basically said that culture beats strategy every single time.

00:01:46: his whole premise Is that cyber resilience has built on trust not tools.

00:01:50: That makes a lot of sense.

00:01:51: Yeah, because you can deploy the most expensive sophisticated penetration testing and data policies But if your people don't believe in The Mission or worse If they're just terrified of getting fired for clicking the wrong link all that tech is useless.

00:02:05: yeah...the human element becomes the actual perimeter at that point Which ties right into what teamer Angelol was saying about building A career In this space.

00:02:13: he pointed out that your reputation And cyber security isn't Just About Your technical skills anymore.

00:02:18: Right, it's about how you handle the chaos.

00:02:20: Exactly!

00:02:21: It is built on reliability and staying calm under pressure when things inevitably break because when a disruption happens James Mullen highlighted that the biggest failure mode isn't usually tech breaking down – its ambiguity.

00:02:35: Oh wow!

00:02:37: Ambiguity is killer

00:02:38: right?

00:02:38: Its delayed decisions unclear authority executive sitting around waiting for someone else to make call while clock ticking.

00:02:45: Decision ownership is crucial.

00:02:48: Think of it like, well think a modern enterprise tech stack.

00:02:51: Like high performance race car.

00:02:52: Okay I like

00:02:53: this.

00:02:54: So if the security tools you know zero trust architecture or firewalls If those are carbon ceramic brakes The leadership is still driver.

00:03:02: Absolutely

00:03:03: It literally doesn't matter how amazing breaks are if the driver panics freezes up because of ambiguity and just yanks steering wheel into wall

00:03:13: At two hundred miles an hour.

00:03:15: Yeah, the margin for error is zero.

00:03:18: And Marcel Velika had this brilliant insight that connects right to your race car analogy.

00:03:23: He argued that true strength of a security program isn't about stopping every single attack.

00:03:28: It's about how fast you detect a breach

00:03:31: because speed is the real advantage.

00:03:33: exactly The catastrophic risk isn't the breach itself.

00:03:36: It's the dwell time.

00:03:38: it's How long that attacker just wandering around your network unnoticed?

00:03:41: Just sitting in the passenger seat of that race car dismantling the engine from the inside

00:03:45: right.

00:03:46: but here Is the massive problem we're facing now.

00:03:48: That need for rapid detection is being severely tested Because the attackers aren't just human anymore.

00:03:55: We have to talk about AI governance,

00:03:57: we do because AI is moving way faster than our security controls can even adapt.

00:04:01: It's a massive force multiplier for threats, it's not just the new software category.

00:04:05: its changing the physics of defense and

00:04:07: coming from inside too.

00:04:09: like Ebenezer Steven I shared this Gartner statistic.

00:04:12: that was just wild.

00:04:13: thirty-three percent employees admit to putting sensitive data into public AI tools.

00:04:19: one in three right.

00:04:20: so we need total shift policy based control but with policies The external threat is terrifying.

00:04:28: It really is.

00:04:29: Andreas Horne shared a real-world example of this.

00:04:31: that's chilling, so McKinsey has an AI platform called Lilie.

00:04:35: It was hacked by an autonomous AI agent from CodeWall.ai in two

00:04:39: hours!

00:04:40: Really?

00:04:40: Two

00:04:40: Hours?!

00:04:41: All because of an unauthenticated endpoint and a sequel injection.

00:04:44: Hold on let me push back for one second... A traditional dynamic scanner should catch a basic sequel injection?

00:04:50: Why did Standard Tools miss it but this AI agent found?

00:04:53: Because

00:04:53: the A.I wasn't just throwing known payloads at, It was doing blind probing and improvising.

00:04:58: And Jane Franklin commented on an experiment by Truffle Security that takes even further.

00:05:03: What do they find

00:05:04: They found?

00:05:04: when you block these agents don't stop or throw an error code.

00:05:08: They autonomously improvise.

00:05:11: They actively probe for other vulnerabilities to achieve whatever goal they were given.

00:05:15: Okay so wait If thats the case Are we still treating AI as just a tool in our architecture?

00:05:21: Or do we need to start treating it as an independent, unpredictable actor that's operating inside our perimeter.

00:05:27: I mean...it acts like an independent actor who optimizes for outcomes without safety constraints!

00:05:32: That is a huge supply chain problem which is exactly what Gwen Leftwich pointed out.

00:05:36: We have shadow AI and poison data sets yet detect the whole stack not just front door.

00:05:42: And because of this Wild West nature of AI and all these software vulnerabilities, the regulatory hammer is finally coming down especially in Europe.

00:05:50: Yes?

00:05:50: The EU Cyber Resilience Act or the CRA... This is a massive shift!

00:05:54: It's basically turning product security from an optional feature into a strict baseline requirement by twenty-twenty seven if you want to do business in

00:06:02: Europe.".

00:06:02: And Christine Demeter gave a really interesting economic perspective on this.

00:06:06: she pointed out that historically Our cyber issues come from economic incentives that rewarded speed over safety.

00:06:13: Move

00:06:14: fast and break things, basically?

00:06:15: Exactly!

00:06:16: And the cost of that insecure software was paid by the ecosystem – The CRA forces that cost back onto manufacturers

00:06:24: Which is great in theory but Ales Trek have all raised a huge practical warning for IT teams about this.

00:06:30: By twenty-twenty seven network devices are going to be quote unquote secure by default

00:06:35: Meaning they ship with management ports

00:06:37: closed Right management ports closed, discovery protocols turned off.

00:06:41: These devices are going to go totally quiet on the network which sounds safe but it breaks traditional IT asset management.

00:06:48: if your device can't be discovered how do you manage them?

00:06:51: It's an operational nightmare

00:06:52: exactly

00:06:53: and Nicolaus Papua Nicaloutis added to this noting that European regulation is moving away from just checking boxes on technical controls its' moving to measurable risk-management.

00:07:02: so really need these bridge between deep engineering realities in executive decision making

00:07:07: Which naturally brings us to the broader geopolitical picture, right?

00:07:10: Because Europe's aggressive regulatory stance is part of this larger desire for control and digital sovereignty.

00:07:17: Oh absolutely!

00:07:18: There is a growing divide in global cyber strategies right now.

00:07:22: Europe is pushing hard to reduce its reliance on external tech ecosystems.

00:07:27: Yeah, Jhaifar Almomari and Andres Savine were talking about the new U.S.

00:07:30: Cyber Strategy... ...and The Contrast Is Wild.

00:07:33: The US is heavily focused on offensive operations, AI defense treating cybercrime as a transnational crime.

00:07:41: It's very muscular Right.

00:07:42: it's huge divergence from the EU compliance heavy normative approach.

00:07:46: But let me ask you this if the u.s Is playing offense and Europe is building these massive regulatory walls Does simply moving your data to a server in Paris?

00:07:55: automatically make you digitally sovereign?

00:07:57: Not at all.

00:07:58: And Artie DeBadian had a great perspective on this exact question.

00:08:01: She said true digital sovereignty isn't just about moving systems to EU soil.

00:08:05: Right,

00:08:06: geography is in everything

00:08:07: Exactly.

00:08:08: If your organization can't independently secure, adapt or even understand its own infrastructure Your sovereignty is purely symbolic.

00:08:16: It requires collective human ownership.

00:08:18: It's

00:08:18: about having the talent to actually manage it yourself

00:08:21: Precisely And some regions are actually proving this works.

00:08:25: Frank Karlaček highlighted that Paris is leading the way right now with open-source digital sovereign solutions and they're serving like five hundred fifty thousand users.

00:08:33: Wow so it's achievable at scale?

00:08:35: It really is.

00:08:37: But as we look at these macro-level national strategies, We also have to drop down into the physical hardware!

00:08:48: I

00:08:56: feel like whenever we hear about industrial control systems, it's always media alarmism right?

00:09:00: Like the grid is going down tomorrow.

00:09:02: The

00:09:02: total fear-mongering that Sarah Flux share.

00:09:04: a really helpful breakdown of the new OT impact score or OTI.

00:09:09: What does that look at?

00:09:09: rating system

00:09:10: yeah It's essentially a Richter scale for OT cyber incidents.

00:09:14: it cuts through the panic by factoring in three things severity reach and duration.

00:09:20: It helps professionals actually quantify the physical impact instead of just reading scary headlines.

00:09:25: That is so needed, but while we're securing the physical hardware There's this other massive issue on the horizon or well Actually not on the Horizon.

00:09:34: Marcus flitch gave a really stark warning about quantum computing.

00:09:38: He said post-quantum Is no longer post

00:09:41: right?

00:09:41: it's happening right now

00:09:43: exactly.

00:09:44: Attackers are using a harvest now decrypt later strategy.

00:09:48: They're literally vacuuming up sensitive data today, knowing they can use a quantum computer to break the encryption

00:10:02: in actually breaks.

00:10:17: Wow, okay so we've covered a ton today!

00:10:19: We've got autonomous AI improvising inside networks...we have quantum computers threatening the very cryptography that holds everything together.

00:10:27: It's

00:10:28: a lot to process and I want to leave listeners with final thought.

00:10:32: really maul over if AI is acting autonomously in our perimeters and Quantum is threatening basic encryption.

00:10:40: The true measure of a professional in this industry isn't going to be what technologies you deploy.

00:10:45: Why?

00:10:46: It's gonna be how quickly, You can adapt your own mindset To risks that haven't even been named yet.

00:10:51: the human element is still the ultimate defense.

00:10:54: That is a perfect way to look at it.

00:10:56: if you enjoyed This episode new episodes drop every two weeks.

00:10:59: also check out our other editions on cloud Defense tech digital products and services artificial intelligence sustainability And green ICT defense tech and health tech.

00:11:09: Thanks so much for diving in with us.

00:11:10: Yes,

00:11:11: thank you all for listening.

00:11:12: stay adaptable and don't forget to subscribe.

00:11:14: catch you on the next deep dive.