IT leaders are gearing up to face threats from generative AI, the Metaverse and machine learning, according to new research from Naoris Protocol.
The global study of IT leaders at companies with over $300 million annual turnover found that the convergence of the Metaverse and AI will significantly escalate cyberattacks. Attackers exploit AI and machine learning to create more sophisticated methods, making the Metaverse a prime target, according to the research.
The study also highlighted heightened risks in the Web3 space, including a knowledge gap. Only 35% of IT directors believe their organizations fully understand Web3-related risks, 46% rate their knowledge as “quite good,” and 19% report average or poor comprehension. Around 12% say their organization has an average understanding, while 7% admit to a poor or very poor understanding of the cybersecurity risks posed by Web3. This knowledge gap could expose critical systems to exploitation as organizations navigate decentralization and blockchain complexities.
The good news is that cybersecurity budgets are set to grow to address these rising risks, the research found. Over the past two years, 38% of IT directors reported dramatic budget increases, while 47% saw moderate growth and 15% say it is unchanged. The majority, 97%, expect further increases, with 25% predicting over 50% growth and 61% anticipating increases between 10% and 50% in the next two years.
Now, here's today's MSSP update. Drop me a line at [email protected] if you have news to share or want to say hi!
Today's MSSP Update
1. Prompt Security enhances security platform: Generative AI security company Prompt Security this week updated its security and governance platform for GitHub Copilot and other AI code assistants. The upgrades improve data leak prevention, prevent vulnerable code, and provide visibility over AI-assisted coding interactions, including free versions of the AI code assistants, the company said.
2. iVerify launches new partner program: iVerify this week announced the launch of their new partner program. The program is targeted at MSPs and MSSPs who want to offer mobile security solutions for BYOD and managed devices against mobile malware, smishing, account takeover, ransomware, and credential theft, the company said.
3. HPE breached? Hewlett Packard Enterprise (HPE) is investigating IntelBroker's claimed compromise of its developer environments, which purportedly resulted in the exfiltration of the firm's API, GitHub repositories, and Zerto and iLO source code, among others, according to BleepingComputer. This comes a year after IntelBroker exposed HPE's credentials, access tokens, and other data it claimed it obtained from its systems, which HPE also denied. IntelBroker's claims follow its attacks against DC Health Link, Cisco, Acuity, Nokia, Home Depot, and Europol, as well as its claimed breaches of the U.S. State Department, Ford, AMD, General Electric Aviation, and Zscaler.
4. Microsoft ends support for Exchange Server 2016, 2019: Microsoft will be concluding extended support for Exchange Server 2016 and Exchange Server 2019—which have reached mainstream end dates of October 2020 and January 2024, respectively—by October, according to BleepingComputer. Both versions will continue to be operational past the end date, but Microsoft urged admins to immediately upgrade to Exchange Online or prepare for the upcoming Exchange Server Subscription Edition, as the outdated iterations will no longer be given technical support, security patches, and time zone updates past October 14, 2025.
5. Xona Systems launches IoT, OT, critical infrastructure security platform: Xona Systems today announced the launch of its new Xona Platform aimed at securing critical infrastructure, OT and IoT. The platform provides secure user access to critical systems without allowing insecure, transient endpoints to connect. This approach simplifies user access deployment, administration, and usage, the company said, while reducing the critical system attack surface.
