HPE0-V25 learner - HPE ATP Hybrid Cloud Solution Updated: 2024

The company is upping its game around security across small, medium-sized and enterprise businesses with new solutions that are available for partners to sell.

HP Inc. on Wednesday announced a set of new PC security offerings to cover all sizes of customer from small businesses to large enterprises with enhanced capabilities as well as new managed services.

The announcements include an offering for SMBs that will be provided as an add-on to PCs; a managed service for medium-sized businesses; and a version of the Sure Click malware protection solution that is tailored for enterprises.

[Related: HP President Alex Cho Talks 5G, CPU Constraints And PC Security In 2020]

HP has been aggressive in recent years in deploying on-device security solutions in both its PCs and printers. The newly announced offerings also build on HP's acquisition in September of Bromium, the security vendor that has provided the technology behind Sure Click.

What follows are five things to know about HP's existing PC security offerings.

HP Pro Security Edition

The offering targeting small businesses is the HP Pro Security Edition, which HP says combines advanced application isolation with endpoint protection that leverages deep-learning technologies. Smaller-scale businesses, which usually don't have chief information security officers (CISOs) or security operations centers (SOCs), are looking for security solutions that are preconfigured and can easily be managed at their own consoles, said Ian Pratt, co-founder of Bromium and now global head of security for commercial systems at HP.

The HP Pro Security Edition includes an enhanced version of Sure Click--dubbed Sure Click Pro--offering improved isolation protection technologies covering files, browsers and applications. HP Pro Security also includes Sure Sense Pro, which expands on the Sure Sense deep-learning malware protection introduced last year, used for blocking previously unknown malware.

HP Pro Security Edition is "designed to combat the problem [small businesses] have with limited resources, by making it very simple to deploy and manage. Everything is brought together in this unified console," Pratt said in a briefing with reporters.

Partners or customers will be able to order new HP PCs with the HP Pro Security Edition pre-installed at the factory. HP Pro Security Edition will be available on 2020 HP notebook and desktop platforms across 400 to 1000 series machines, including both Intel- and AMD-based devices, though there will be certain minimum hardware requirements, HP said.

"We believe this enables small businesses to avoid being left behind by having really the highest caliber endpoint security, built in and shipped from the factory," Pratt said.

HP Pro Security Edition is expected to be available on select new HP PCs in the summer.

HP Proactive Security

The new managed security service for medium-sized businesses, HP Proactive Security, will be an additional solution that can be sold by partners, HP said.

The service will include monitoring and management by HP cybersecurity personnel, as well as advanced solutions including Sure Click Pro and Sure Sense Pro.

HP Proactive Security also adds analytics and insights gleaned from the HP TechPulse management agent running in the cloud, Pratt said. The solution will be available on non-HP and older HP devices, in addition to its availability on 2020 HP devices.

"These kinds of organizations really want to know what's happening within their estate of devices. And this technology will typically be cross-deployed across all of their devices, regardless of vendor," Pratt said. "With TechPulse, we're able to see and visualize these threats as they occur--and provide these dashboards and reports [to the CISO], so we can show them what we've been able to stop in their environment."

HP Proactive Security is expected to be available to partners and customers in April.

HP Sure Click Enterprise

A version of Sure Click that's tailored to larger businesses and government agencies, HP Sure Click Enterprise, will also be available for partners to sell and will be offered for both HP and non-HP platforms.

Sure Click Enterprise "provides the ability to do sophisticated configuration of the product [and] deployments at scale on large numbers of machines," Pratt said.

The solution will also let partners and customers "collect very detailed threat intelligence and reporting about exactly what's happening in the environment," he said.

HP is planning to make Sure Click Enterprise available in May. The solution supports all Windows 10 and Windows 8 devices, the company said.

HP Sure Click Pro

Along with including Sure Click Pro in its new security offerings, HP is said it is making the solution available for free for the next six months. HP Sure Click Pro will be offered as a free obtain through Sept. 30, 2020, for all Windows 10 PCs (both HP and non-HP devices).

"It really provides reliable protection against the No. 1 threat vector that users face, which today is opening Word documents they receive in an email," Pratt said. "It also enables them to browse the web with full confidence that websites aren't going to infect the system. And so we're excited to be making this available to everyone."

HP Essential Security

HP PC customers will also still continue to get a suite of security solutions prebundled with new devices--a suite that the company is now calling HP Essential Security.

"We continue to evolve and Strengthen these technologies. I think every one of these technologies takes a step forward with our 2020 devices," Pratt said.

Along with Sure Click and Sure Sense, those security solutions include Sure Recover, which allows an image to be restored even without internet connectivity, and HP's self-healing BIOS technology, Sure Start.

HP has announced the HP Omnicept Solution, which brings together its virtual reality (VR) headset and developer-focused SDK. According to the company, this will allow VR developers to create new personalized, engaging, and adaptive VR experiences for the enterprise.

According to the company, facial expression and body language account for up to 50% of effective communication. With 25%-30% of the workforce expected to continue working from home next year, new immersive tools will be needed in order to allow for effective remote collaboration. 

In addition, HP has found that since the emergence of COVID-19, there has been a 35% increase in the use of technology for training purposes, and VR has been proven to increase learning and training retention rates. 

“We’ve designed a powerful, adaptive VR solution to dramatically accelerate the use cases for VR, its potential to transform society, and the way we interact with technology,” said Jim Nottingham, general manager and global head of Advanced Compute and Solutions at HP Inc. “The HP Omnicept Solution will open new possibilities for VR development and its impact on enterprise training, remote education, collaboration, research and development, and specialized wellbeing. This type of data-driven approach will be fundamental to creating user-centric experiences for better VR in the future.”

HP Reverb Omnicept offers features such as eye motion and gaze, facial expression, heart rate, and foveated rendering. 

The HP Reverb G2 Omnicept Edition and the Omnicept SDK are expected to be released in Spring 2021.

The new products include refreshes of HP’s EliteBook, ProBook and ZBook laptops with the latest processors from Intel, AMD and Nvidia. The PC and print giant also introduced new hybrid work solutions for remote management, collaboration and productivity.

HP Inc. said it’s ushering in the “next era of hybrid work” with a bevy of new commercial laptops, peripherals and software solutions.

Announced Wednesday at HP’s 2023 Amplify Partner Conference, the new products include refreshes of the vendor’s EliteBook, ProBook and ZBook laptops with the latest processors from Intel and AMD as well as Nvidia’s existing mobile workstation GPUs.

[Related: HP To Roll Poly, Teradici And HyperX Into Amplify Partner Program This Fall]

The Palo Alto, California-based company said it believes these new products are best suited for what it calls “hybrid flexibility.”

“Most companies want to move past the ‘forced return’ to the office era of hybrid work,” said Alex Cho, president of personal systems at HP, in a statement. “The challenge is, they’re not sure how to. We believe the future is hybrid flexibility, which delivers the best of the home and the office to workers everywhere.”

Guayente Sanmartin, HP’s global head of commercial systems and displays solutions, asserted that “hybrid work does not equate to remote work.”

“True hybrid work creates a great culture that connects people, raises productivity, and builds engagement. Technology is the biggest factor in doing that,” Sanmartin said in a statement. “HP is the only company that can truly make hybrid work across all spaces – home, office, and in between – and we’re going big with innovations to help keep people connected, productive, and secure.”

New EliteBook, ProBook And ZBook Laptops

The new commercial laptops come equipped with the company’s HP Presence video conferencing and collaboration software, which enables multi-camera experiences with the goal of making meetings “more engaging and natural,” according to HP.

The new lineup includes the HP EliteBook 800 and 805 G10 series, which the company calls the “most advanced” 2-in-1 for collaboration. The laptops come with a 13th-generation Intel Core processor or a next-generation AMD Ryzen processor along with up to 64GB of LPDDR5 memory, plus “enterprise-ready” security and management features.

The HP EliteBook 600 and 605 G10 series are positioned as “cost-effective” options that offer “premium design, collaboration experiences, manageability and security.” These come with a 13th-generation Intel Core processor or a next-generation AMD Ryzen processor. Another highlight for HP are the connectivity options. For the 600 devices, this includes two USB Type A ports, one Thunderbolt 4 with USB4 Type C port and one multi-function USB Type C port. For 605 devices, this includes three USB Type A and one multi-function USB Type C ports.

The HP ProBook 400 and 405 G10 laptops are geared towards small- and medium-sized businesses who want to enable hybrid work “while getting the most out of their IT investment by offering build-in collaboration tools for productivity, multi-layered security and a durable, serviceable chassis.” These come with a 13th-generation Intel Core processor or a next-generation AMD Ryzen processor.

For mobile workstations, HP has refreshed its ZBook lineup. This includes the ZBook Firefly G10 and ZBook Power G10, which “combine pro-level performance and mobility.” The laptops come with “color-accurate displays” and the option to configure them with a 13th-generation Intel Core processors or next-generation AMD Ryzen processors, a first for the lineup. For graphics, the laptops either use an Ada Lovelace-based Nvidia RTX workstation GPU or integrated Radeon graphics from within the Ryzen processor.

Designed to deliver “pro performance” in a mobile chassis that can fit in a bag, the ZBook Studio G10 comes equipped with up to an Intel Core i9 CPU and an Nvidia RTX workstation GPU, with options for Nvidia’s new Ada Lovelace or previous-generation Ampere architecture. The laptop can also support up to 64GB of RAM.

The ZBook Fury G10 brings “desktop-class” performance to a mobile workstation by using an Intel Core HX processor and an Ada Lovelace-based Nvidia RTX 5000 GPU. The laptop is built for running simultaneous heavy-duty workloads, including applications for 3-D rendering, simulations, machine learning training and the analysis of large data sets.

New Solutions For Remote Management, Collaboration

HP announced other hybrid work solutions, including software and hardware meant to enhance productivity, collaboration and remote management.

For instance, the company’s new HP Anyware Remote System Controller supports its latest Z by HP desktop workstations. Called “the world’s most advanced remote management peripheral,” Hp said the controller lets IT departments monitor and manage workstations from any location thanks to its out-of-band management capabilities.

The vendor also announced HP Wolf Connect, an IT management connectivity solution that “provides a highly resilient and secure connection to remote PCs.” This will allow IT departments to manage PCs when they’re powered off, and the connectivity is enabled by a cellular-based network, making it a great fit for distributed workforces.

Combined with HP Wolf’s Protect and Trace feature, HP Wolf Connect is “the world’s first software service capable of locating, locking and erasing a PC remotely, even when it’s turned off or disconnected from the Internet,” according to the company.

The company wants to make it easier for companies to deliver and set up computers, displays and peripherals for remote workers with HP Home Delivery. The new solution is part of HP Logistics Services, and it enables the secure delivery of hardware through “more efficient ordering, tracking and proof of delivery.”

With HP’s Poly business, the company announced the new Poly Video OS 4.0 software, which enables an AI-powered multi-camera mode that “keeps multiple speakers in the frame for the most engaging remote collaboration experience.” It’s now available across the Poly Studio X series of video bars as well as the Poly G7500 modular video conferencing system.

The vendor also introduced a new entry level model of its professional-grade Poly Voyager wireless ear buds, the Poly Voyager Free 60, which is meant to mobile devices and comes with a standard charging case.

As for other peripherals, HP revealed the new HP 920 and 925 Ergonomic Vertical Mouse, which is designed to “keep your hand in a more relaxed, natural upright position.” The mouse includes a detachable wrist rest, which makes the mouse well-suited for use on the go.

The company also announced the new HP 4K USB-C Multiport Hub, which comes in an “ultra-compact design” and features four USB-C ports, a 65-watt power port for laptops, two ports for connecting and charging accessories, plus an extra port for charging a device or connecting a 4K display.

What you need to know

• A Windows bug installed the HP Smart app onto some PCs without permission.

• The issue also renamed printers to be listed as HP devices, even if they were made by a different brand.

• Microsoft released the Printer Metadata Troubleshooter Tool to fix the issue on affected PCs, though it requires you to use Command Prompt.

Earlier this month, a peculiar bug installed the HP Smart app onto PCs without permission. Windows added the app to computers without any HP devices connected or printer drivers installed. The same bug also renamed printers, regardless of brand, to be listed as HP printers.

Microsoft confirmed the issue and promised a fix. That fix is now here, though it's in a different form than many Windows bug fixes. Rather than a Windows update rolling out with a fix, Microsoft has made a separate tool available that will uninstall the HP Smart app and fix the names of your printers.

Specifically, the Microsoft Printer Metadata Troubleshooter Tool will restore the model information and icons of your printer and remove the "HP LaserJet M101-M106" model information (unless that's the exact model of printer you have). The tool will also uninstall the HP Smart app if that app should not have been installed on your PC.

Microsoft outlines how to use the tool in a support document:

• When it is run by enterprise administrators, correcting printers for all users and sessions on a system requires running the tool as the Local System account. Tools such as PsExec or Windows Task Scheduler can run commands as Local System.

• When it is run by users managing their own printers, this tool must be run using administrative credentials. The following are recommended steps to execute the file and confirm it worked:

  • Click Start, type cmd, right-click Command Prompt, and then select Run as Administrator.

  • In the opened command prompt, type cd /d “[path_to_downloaded_tool]” and then press Enter.

  • Type the name of the file appropriate for your device from the list below (for instance PrintMetadataTroubleshooterX86.exe) and then press Enter.

• The tool will return the message Troubleshooter completed successfully on devices where incorrect printer information was found/fixed. Or, it will return the message Troubleshooter not applicable since metadata package not found on devices that are not affected.

A strange bug gets a strange fix

The bug Microsoft just fixed is rather strange. Windows PCs without an HP printer or any HP device connected installed the HP Smart app, seemingly at random. The issue would also rename printers, regardless of their brand, to be listed as HP printers. Many were upset by the bug, since it meant software appeared on their PC without permission. The issue also locked some users out of advanced printer features, since their printer had been mislabeled.

The fix for Windows installing an app without permission is to make people obtain and install another tool. The Microsoft Printer Metadata Troubleshooter Tool takes up very little space, the entire obtain is 877.7 KB. But still, it's somewhat ironic that you have to obtain something and install it to fix a bug that downloaded and installed an app without permission.

Even with the tool installed, applying the fix requires using Command Prompt as an administrator. Tech savvy users will be fine entering code into Command Prompt, but many people have never used Command Prompt. More importantly, people shouldn't have to use Command Prompt and a separate tool to fix a Windows bug.

Generative artificial intelligence headlines dominated 2023 and looks to do the same in 2024. Predictions from thought leaders at CrowdStrike, Intel 471, LastPass and Zscaler forecast how the technology will be used, abused and leveraged in surprising ways in the year ahead.

Curated perspectives assembled here go beyond the potential and perils of AI in 2024 and include how the technology will impact workforces, attack surfaces and create new data insecurities as companies struggle to manage new large language model (LLM) data pools.

As the boom of AI continues, the cybersecurity stakes are raised into the new year with a U.S. presidential election in November, a continued skills gap for the cybersecurity sector to contend with and the rise of ransomware threats - once again - worrying infosec pros.

2024 will bring a serious cyberattack or data breach related to AI

Mike Lieberman, Kusari CTO and cofounder, Kusari:

The rush to capitalize on the productivity benefits of AI has led to teams cutting corners on security. We’re seeing an inverse correlation between an open source AI/ML project’s popularity and its security posture. On the other end, AI will help organizations readily address cybersecurity by being able to detect and highlight common bad security patterns in code and configuration. Over the next few years, we will see AI improving to help provide guidance in more complex scenarios. However, AI/ML must be a signal – not a decision maker.

AI is a wild card

Michael DeBolt, chief intelligence officer, Intel 471:

Michael DeBolt

While there doesn’t appear to be a killer AI application for cybercriminals thus far, its power could be helpful for some of the mundane backend work that cybercriminals perform.

The advent of cybercrime-as-a-service, which is the term for the collective goods and services that threat actors supply to each other, is marked by an emphasis on specialization, scale and efficiency. For example, using LLMs to sort through masses of stolen data to figure out the most important data to mention when extorting a company. Or employing a chatbot to engage in preliminary ransom negotiations.

Another hypothetical innovation could be an AI tool that calculates the maximum ransom an organization will pay based on the data that is stolen. We reported a few examples of actors implementing AI in their offers during the second quarter of 2023, which included an initial access broker (IAB) offering free translation services using AI. In May 2023, we reported a threat actor offering a tool that allegedly could bypass ChatGPT’s restrictions.

AI and ML tools are capable of enabling impersonation via video and audio, which pose threats to identity and access management. Videos rendered using AI are fairly detectable now, but synthesized voice cloning is very much a threat to organizations that use voice biometrics as part of authentication flows. We still assess that AI cannot be fully relied upon for more intricate cybercrime, and doing so in its current form will likely render flawed results. But this area is moving so swiftly it's difficult to see what is on the horizon.

The proliferation of open-source LLMs and services — some of which are being built with the intention of not having safety guardrails to prevent malicious use — means this area remains very much a wild card.

AI blind spots open the door to new corporate risks

Elia Zaitsev, CTO, CrowdStrike:

Elia Zaitsev

In 2024, CrowdStrike expects that threat actors will shift their attention to AI systems as the existing threat vector to target organizations, through vulnerabilities in sanctioned AI deployments and blind spots from employees’ unsanctioned use of AI tools.

After a year of explosive growth in AI use cases and adoption, security teams are still in the early stages of understanding the threat models around their AI deployments and tracking unsanctioned AI tools that have been introduced to their environments by employees. These blind spots and new technologies open the door to threat actors eager to infiltrate corporate networks or access sensitive data.

Critically, as employees use AI tools without oversight from their security team, companies will be forced to grapple with new data protection risks. Corporate data that is inputted into AI tools isn’t just at risk of threat actors targeting vulnerabilities in these tools to extract data, the data is also at risk of being leaked or shared with unauthorized parties as part of the system’s training protocol.

2024 will be the year when organizations will need to look internally to understand where AI has already been introduced into their organizations (through official and unofficial channels), assess their risk posture, and be strategic in creating guidelines to ensure secure and auditable usage that minimizes company risk and spend but maximizes value. 

GenAI will level-up the role of security analysts

Chris Meenan, vice president product management, IBM Security:

Chris Meenan

Companies have been using AI/ML to Strengthen the efficacy of security technologies for years, but the introduction of generative AI will be aimed squarely at maximizing the human element of security. In this coming year, GenAI will begin to take on certain tedious, administrative tasks on behalf of security teams — but beyond this, it will also enable less experienced team members to take on more challenging, higher level tasks. For example, we'll see GAI being used to to translate technical content, such as machine generated log data or analysis output, into simplified language that is more understandable and actionable for novice users. By embedding this type of GAI into existing workflows, it will not only free up security analysts time in their current roles, but enable them to take on more challenging work — alleviating some of the pressure that has been created by current security workforce and skills challenges.

Increase in sophisticated, personalized phishing and malware attacks

Ihab Shraim, CTO, CSC Digital Brand Services:

Phishing and malware continue to be the most used cyber threat vectors to launch attacks for fraud and data theft, especially when major events occur, and frenzied reactions are abound. In 2024, with the new rise of generative AI usage such as FraudGPT, cybercriminals will have a huge advantage launching phishing campaigns with speed combined with sophistication. ChatGPT will allow bad actors to craft phishing emails that are personalized, targeted, and free of spelling and grammatical errors which will make such emails harder to detect. Moreover, dark web AI tools will be easily available to allow for more complex, socially engineered deepfake attacks that manipulate the emotions and trust of targets at even faster rates. 

Beyond phishing, the rise of LLMs will make the endpoint a prime target for cybercriminals in 2024

Dr. Ian Pratt, global head of security for personal systems at HP Inc.:

One of the big trends we expect to see in 2024 is a surge in use of generative AI to make phishing lures much harder to detect, leading to more endpoint compromise. Attackers will be able to automate the drafting of emails in minority languages, scrape information from public sites such as LinkedIn to pull information on targets, and create highly personalized social engineering attacks en masse. Once threat actors have access to an email account, they will be able to automatically scan threads for important contacts and conversations, and even attachments, sending back updated versions of documents with malware implanted, making it almost impossible for users to identify malicious actors. Personalizing attacks used to require humans, so having the capability to automate such tactics is a real challenge for security teams. Beyond this, continued use of ML-driven fuzzing, where threat actors can probe systems to discover new vulnerabilities. We may also see ML-driven exploit creation emerge, which could reduce the cost of creating zero-day exploits, leading their greater use in the wild. 

Simultaneously, we will see a rise in "AI PCs," which will revolutionize how people interact with their endpoint devices. With advanced compute power, AI PCs will enable the use of “local Large Language Models (LLMs)” — smaller LLMs running on-device, enabling users to leverage AI capabilities independently from the internet. These local LLMs are designed to better understand the individual user’s world, acting as personalized assistants. But as devices gather vast amounts of sensitive user data, endpoints will be a higher risk target for threat actors.  

As many organizations rush to use LLMs for their chatbots to boost convenience, they open themselves up to users abusing chatbots to access data they previously wouldn’t have been able to. Threat actors will be able to socially engineer corporate LLMs with targeted prompts to trick them into overriding its controls and giving up sensitive information — leading to data breaches.

The menace – and promise – of AI

Alex Cox, director of LastPass’ threat intelligence, mitigation and escalation team:

AI is trending everywhere. We’ll continue to see that in 2024 and beyond. The capabilities unlocked by AI, from GenAI to deepfakes, will completely shift the threat environment.

Take phishing as an example. An obvious “tell” of a phishing email is imperfect grammar. Anti-phishing technologies are built with these errors in mind and are trained to find them. However, generative AI like ChatGPT has significantly fewer shortcomings when it comes to language — and, as malicious actors take advantage of these tools, we’re already beginning to see the sophistication of these attacks increase.

AI’s big data capabilities will also be a boon to bad actors. Attackers are excellent at stealing troves of information — emails, passwords, etc. — but traditionally they’ve had to sift through it to find the treasure. With AI, they’ll be able to pull a needle from a haystack instantaneously, identifying and weaponizing valuable information faster than ever.

Thankfully, security vendors are already building AI into their tools. AI will help the good guys sift through big data, detect phishing attempts, provide real-time security suggestions during software development and more.

Security professionals should help their leadership understand the AI landscape and its potential impacts on their organization. They should update employee education, like anti-phishing training and communicate with vendors about how they are securing against these new capabilities.

There will be a transition to AI-generated tailored malware and full-scale automation of cyberattacks

Adi Dubin, vice president of product management, Skybox Security:

Cybersecurity teams face a significant threat from the rapid automation of malware creation and execution using generative AI and other advanced tools. In 2023, AI systems capable of generating highly customized malware emerged, giving threat actors a new and powerful weapon. In the coming year, the focus will shift from merely generating tailored malware to automating the entire attack process. This will make it much easier for even unskilled threat actors to launch successful attacks. 

Securing AI tools to challenge teams

Dr. Chaz Lever, senior director, security research, Devo

It’s been a year since ChatGPT hit the scene, and since its debut, we’ve seen a massive proliferation in AI tools. To say it’s shaken up how organizations approach work would be an understatement. However, as organizations rush to adopt AI, many lack a fundamental understanding of how to implement the right security controls for it.

In 2024, security teams biggest challenge will be properly securing the AI tools and technologies their organizations have already onboarded. We’ve already seen attacks against GenAI models such as model inversion, data poisoning, and prompt injection; and as the industry adopts more AI tools, AI attack surfaces across these novel applications will expand. This will pose a couple challenges: refining the ways AI is used to help Strengthen efficiency and threat detection while grappling with the new vulnerabilities these tools introduce. Add in the fact that bad actors are also using these tools to help automate development and execution of new threats, and you’ve created an environment ripe for new security incidents.

Just like any new technology, companies will need to balance security, convenience, and innovation as they adopt AI and ensure they understand the potential repercussions of it.

From threat prevention to prediction, cybersecurity nears a historic milestone

Sridhar Muppidi, CTO, IBM Security

As AI crosses a new threshold, security predictions at scale are becoming more tangible. Although early security use cases of generative AI focus on the front end, improving security analysts’ productivity, I don’t think we’re far from seeing generative AI deliver a transformative impact on the back end to completely reimagine threat detection and response into threat prediction and protection. The technology is there, and the innovations have matured. The cybersecurity industry will soon reach a historic milestone, achieving prediction at scale.

The democratization of AI tools will lead to a rise in more advanced attacks against firmware and even hardware

Boris Balacheff, chief technologist for system security research and innovation at HP Inc.:

In 2024, powerful AI will be in the hands of the many, making sophisticated capabilities more accessible at scale to malicious actors. This will not only accelerate attacks in OS and application software, but also across more complex layers of the technology stack like firmware and hardware. Previously, would-be threat actors needed to develop or hire very specialist skills to develop such exploits and code, but the growing use of Generative AI has started to remove many of these barriers. This democratization of advanced cyber techniques will lead to an increase in the proliferation of more advanced, more stealthy, or more destructive attacks. We should expect more cyber events like moonbounce and cosmic strand, as attackers are able find or exploit vulnerabilities to get a foothold below a device Operating System. recent security research even shows how AI will enable malicious exploit generation to create trojans all the way into hardware designs, promising increased pressure in the hardware supply chain.  

The political climate will continue to be in unchartered waters with disinformation, deep fakes and the advancement of AI

Ed Williams, regional VP of pen testing, EMEA at Trustwave:

In the U.S. election, databases were leaked in the past, and one can only assume that an attempt or possible success of a cyberattack will happen again.

AI has the ability to spread disinformation via deep fakes and in 2024 this will only continue to explode. Similarly, deep fakes and other misinformation are already prevalent today. This shows that many people do not check for authenticity, and what they see on their phones and social media becomes their idea of the truth, which only amplifies the impact. There is discourse on both sides of the aisle, particularly ahead of party elections. This alone will create an environment susceptible to spreading misinformation and encourage nation-states to interfere where they can.

Enhanced phishing tools will Strengthen social engineering success rates

Nick Stallone, senior director, governance, risk and compliance leader, MorganFranklin Consulting:

2024 will see broader adoption of automated and advanced spear phishing/vishing tools. These tools, combined with enhanced and more accessible deep fake and voice cloning technology, will vastly Strengthen social engineering success rates. This will lead to increased fraud and compromised credentials perpetrated through these methods. All industries must be aware of these improved methods and focus on incorporating updated controls, awareness, and training to protect against them as soon as possible.

On the other side, cybersecurity tools that incorporated machine learning and artificial intelligence over the past few years will also become more efficient in protecting organizations from these threats. The training models associated with these tools will have access to more data from increased adoption, leading to shorter implementation periods and exponential market growth in 2024. These tools will bring the greatest level of efficiencies and reduced costs for cybersecurity monitoring and assessments, allowing security teams to be more focused on their organization’s greatest risks.

Democratization of AI will be a double-edged sword for cybersecurity

Atticus Tysen, SVP and chief information security officer, Intuit:

While the democratization of AI shows great promise, its widespread availability poses an unprecedented challenge for cybersecurity. AI will evolve specific attacks against enterprises to become continuous, ubiquitous threats against businesses, individuals, and the infrastructure they rely upon. Even still, it will be a race against the threat actors to design resilient systems and protections. If we fail, the risk of successful hacks becoming commonplace and wreaking havoc in the near future is a clear and present danger. 

In 2024, English will become the best programming language for evil

Fleming Shi, CTO, Barracuda:

Fleming Shi

It was no surprise that coming into 2023, generative AI would be integrated into security stacks and solutions. However, the big surprise was how quickly generative AI has taken over every aspect of the technology space. This is concerning as we enter into 2024 because just as security professionals are using the new technology to add to their defenses, bad actors are doing the same. LLMs are extremely capable at writing code, but often come with guardrails that prevent it from writing malicious code. However, generative AI can be “fooled” into helping threat actors anyway – particularly when it comes to social engineering techniques. Rather than telling the tool to create an email phishing template, one only has to ask it to write a letter from a CEO asking for payment for an invoice. The slight changes in phrasing make these tools vulnerable, generally available, and extremely useful to bad actors everywhere. Because this process is so easy, 2024 will be the year that English becomes the best programming language for evil. 

AI attacks to provide new meaning to 'garbage in, garbage out'

Dave Shackleford, faculty and IANS Research, founder and principal consultant:

In 2024, we will definitely see emerging attacks against machine learning and AI models and infrastructure. With more and more organizations relying on cloud-based AI processing and data models, it’s likely that attackers will begin targeting these environments and data sets with disruptive attacks as well as data pollution strategies. Today, we have almost nothing in terms of defined attack paths and strategies for this within frameworks like MITRE ATT&CK, but that will likely change in the next year. These attacks will provide new meaning to the classic maxim of “garbage in, garbage out” and we will need to learn to identify and defend against them.

Language models pose dual threats to software security

Andrew Whaley, the senior technical director, Promon:

Large language models (LLMs) have come a remarkable way over the past year; and with this so have bad actors’ reverse engineering capabilities. This poses two main threats: 1. Reverse engineering is now far easier, providing fledgling hackers with the capabilities typically associated with specialists. 2. The reduced effectiveness of traditional protection methods against automated deobfuscation attacks. This increases software vulnerability to malicious exploitation, and will lead to an expected rise in incidents, including high-value attacks. Examples include mass attacks against mobile banking apps, remote mobile OS takeover, and malware targeting smart devices.

Deep faked CEOs

Navroop Mitter, CEO of ArmorText:

Dramatic improvements in the quality of generated voice and video of real-life persons coupled with further improvements in GenAI and LLMs to automatically assess and replicate the nuances of how individuals communicate, both orally and in written form, will enable novel attacks for which most organizations are severely underprepared.

Over the next 24 months organizations will face attackers mimicking their executives not just by email spoofing, but perfect AI driven mimicry of their voice, likeness, and diction and this will present multiple challenges, but most especially during incident response. How will companies distinguish between the Real McCoy and a near perfect imposter amidst the chaos of a crisis?

Existing policies and procedures designed around handling rogue executives won’t apply because the Real McCoy is still present and very much needed in these conversations.

Businesses will need to learn to hide their attack surface at a data level

Sam Curry, VP and CISO at Zscaler:

The influx of generative AI tools such as ChatGPT has forced businesses to realize that if their data is available in the cloud/internet, then it can be used by generative AI and therefore competitors. If organizations want to avoid their IP from getting utilized by gen AI tools then they will need to ensure their attack surface is now hidden on a data level rather than just at an application level. 

Based on the rapid adoption of gen AI tools we predict businesses will accelerate their efforts to classify all their data into risk categories and implement proper security measures to prevent leakage of IP.

API security evolves as AI enhances offense-defense strategies

Shay Levi, CTO and co-founder, Noname Security:

In 2023, AI began transforming cybersecurity,  playing pivotal roles both on the offensive and defensive security fronts. Traditionally, identifying and exploiting complex, one-off API vulnerabilities required human intervention. AI is now changing this landscape, automating the process, enabling cost-effective, large-scale attacks. In 2024, I predict a notable increase in the sophistication and scalability of attacks. We will witness a pivotal shift as AI becomes a powerful tool for both malicious actors and defenders, redefining the dynamics of digital security.

The emergence of 'poly-crisis' due to pervasive AI-based cyberattacks

Agnidipta Sarkar, VP CISO Advisory, ColorTokens

We saw the emergence of AI in 2022, and we saw the emergence of misuse of AI as an attack vector, helping make phishing attempts sharper and more effective. In 2024, I expect cyberattacks to become pervasive as enterprises transform. It is possible today to entice AI enthusiasts to fall prey to AI prompt injection. Come 2024, perpetrators will find it easier to use AI to attack not only traditional IT but also cloud containers and, increasingly, ICS and OT environments, leading to the emergence of a “poly-crisis” that threatens not only financial impact but also impacts human life simultaneously at the same time in cascading effects. Critical Computing Infrastructure will be under increased threat due to increasing geo-political threat. Cyber defense will be automated, leveraging AI to adapt to newer attack models.

AI developments for threat actors will lead to nearly real-time detection methods

Mike Spanbauer, Field CTO, Juniper Networks:

AI will continue to prove dangerous in the hands of threat actors, accelerating their ability to write and deliver effective threats. Organizations must adapt how they approach defense measures and leverage new, proven methods to detect and block threats. We will see the rise of nearly real-time measures that can identify a potentially malicious file or variant of a known threat at line rate.

AI won't be used for full-fledged attacks, but social engineering attacks to proliferate

Etay Maor, senior director of security strategy, Cato Networks:

No, there won’t be a wave of AI based attacks — while AI has been getting a lot of attention ever since the introduction of ChatGPT, we are not even close to seeing a full-fledged AI based attack. You don’t even have to take my word for it — the threat actors on major cybercrime forums are saying it as well. Hallucinations, model restrictions, and the current maturity level of LLMs are just some of the reasons this issue is actually a non-issue at this point in time.

But, we should expect to see LLMs being used for expediting and perfecting small portions or tasks of the attacks, be it email creation, help with social engineering by creating profiles or documents and more. AI is not going to replace AI, but people who know how to use AI will replace those who don’t.

The balance of attackers and defenders continuously tested

Kayla Williams, CISO, Devo:

This one may be a no-brainer, but it must be said again and again. Bad actors will use AI/ML and other advanced technologies to create sophisticated attack tactics and techniques. They’ll use these tools to pull off more and faster attacks, putting increased pressure on security teams and defense systems. The pace of progress is equally fast on both sides — defenders and attackers — and that balance will continually be tested in the coming year.

AI accelerates social engineering attacks

Kevin O’Connor, head of threat research at Adlumin:

Commercially available and open-source AI capabilities — including Large Language Models (LLMs) like ChatGPT and LLaMA, and countless variants — will help attackers in designing thought out and effective social engineering campaigns. With AI systems increasingly integrating with troves of personal information through social media sites from LinkedIn to Reddit, we’ll see the ability for even low-level attackers to create targeted and convincing social-engineering based campaigns.

SAN JOSE, CA, November 18, 2002 . . . Atmel® Corporation (Nasdaq: ATML) announced today that the Atmel USB 802.11b design has been selected by HP to provide an integrated Wireless Local Area Network (WLAN) solution for select models of the recently announced HP iPAQ Pocket PC h5400 series. The Atmel reference design, utilizing the RF Micro Devices, Inc. (Nasdaq: RFMD), radio front end, is the highest performing USB 802.11b module solution available today.

Previously, WLAN solutions for the iPAQ were achieved by use of an expansion pack and a separate WLAN PCMCIA or CF card. The compact size of the Atmel/RFMD module has enabled HP to provide an integrated WLAN solution into the base iPAQ unit, which frees up expansion pack slots or eliminates a need for an expansion pack in many cases.

The Atmel solution provides a high performance solution with exceptional throughput and low power consumption. The low power consumption is critical in battery-powered products. Atmel has achieved a solution that not only conserves power, but also does not sacrifice performance.

"Atmel is pleased to contribute the WLAN technology for integration into HP's leading-edge iPAQ Pocket PCs. Usage in this high profile product reinforces Atmel's position as a major solutions supplier, which can provide superior complete custom and standard solutions. We feel HP's direction is a strong step in continuing the momentum in the growing deployment 802.11b networks," said Nick Kanopoulos, Director of Atmel's Multimedia Communications Product Group.

By offering a complete WLAN design, Atmel enables customers to reduce costs, accelerate time-to- market and Strengthen key performance metrics, such as receiver sensitivity, throughput and range versus leading competitive solutions. Atmel offers USB, Mini-PCI, PCMCIA, Compact Flash and Access Point reference designs developed to be a low-cost, complete solution to meet Wi-Fi (IEEE 802.11b) specifications. Complete reference designs centered on the Atmel's Media Access Controller (MAC) include firmware, software, WHQL qualified drivers, Wi-Fi certification, and utilities for regulatory certifications and production.

"After considering many options, HP chose the Atmel solution because of their leadership position in 802.11b USB Media Access Controller and their ability to provide a very high-performing, cost- competitive design that met our stringent space requirements. Additionally, Atmel's hardware and software engineering team was well suited to take upon the challenge of designing a custom solution to meet our requirements," said Cindy Box, Director of Marketing, HP Smart Handhelds.

About Atmel Founded in 1984, Atmel Corporation is headquartered in San Jose, California with manufacturing facilities in North America and Europe. Atmel designs, manufactures and markets worldwide, advanced logic, mixed-signal, nonvolatile memory and RF semiconductors. Atmel is also a leading provider of system-level integration semiconductor solutions using CMOS, BiCMOS, SiGe, and high-voltage BCDMOS process technologies.

© Atmel Corporation 2002. All rights reserved. Atmel, the Atmel logo and combinations thereof are registered trademarks, and others contained herein are trademarks, of Atmel Corporation. Other terms and product names in this document may be the trademarks of others.

Information:
For further information on Atmel's Wireless LAN products, go to http://www.atmel.com/atmel/products/prod32.htm

Bel Power Solutions announces the release of its MELCHER™ HP Series DC-DC converter (4TE) with an input voltage range greater than 10:1. The converters deliver up to 192W with typical efficiency up to 93% over input and load range with no derating over the operating ambient temperature range of -40° to 70°C.

Just one power supply covers all nominal battery voltages from 24V to 110V, making it particular suitable for railway applications. The continuous input voltage range is 16.8V-137.5V with dynamic transient deviations to 12.5V and 154V for 2s respectively. The HP Series complies with EN 50155, EN 50121, fire and smoke standard EN 45545 and all common national and international railway and safety standards, is packaged in a rugged cassette case for 19in rack or chassis mounting, and all the PCB boards are protected by lacquer, which is perfect for harsh, convection cooled environments in the traditional MELCHER™ style. They are also safety-approved to IEC/EN 60950-1 and UL/CSA 60950-1 2nd Edition.

The HP Series output covers 5V to 96V in single, dual, triple or quad output configurations. Standard features include current share, 10ms interruption time, reverse polarity protection, inrush current limitation, over-voltage and user-programmable under-voltage lockout, remote on/off, adjustable output voltage, fully self-protecting and fully featured. A variety of electrical and mechanical accessories are also available, including a universal mounting bracket for DIN Rail and chassis mounting, a mounting plate for wall mounting and a front panel kit for accommodating 2 HP units for a 19in DIN rack with 6U, 5TE.

For more information, please contact Bel Power Solutions.

In this article, we will be looking at the 25 smartest states with the highest average IQ. If you want to skip our detailed analysis of the education market in the US, you can go directly to 5 Smartest States with the Highest Average IQ.

IQ stands for intelligence quotient and it can be measured using a set of tests designed to assess human intelligence. Intelligence and education are both associated with brainpower and cognitive functioning. The positive correlation between intelligence and educational attainment suggests that pursuing an education can increase the individual’s intelligence.

Education can unlock intelligence and allow it to flourish. Before we look at the smartest states with the highest average IQ, let’s take a look at the education market in the US.

The US Education Market at a Glance

Driven by an increasing demand for quality education, online learning platforms, and technological advancements, the education market in the US is thriving. According to a report by Vantage Market Research, the US education market’s value was estimated to be $1.04 trillion in 2022. Looking forward, the market is expected to grow at a compound annual growth rate of 4.2% during 2023-2030, pushing the education market to reach a value of around $1.45 trillion by the end of the forecast period.

In recent years, there has been a surge in demand for lifelong learning opportunities with a focus on developing practical skills. This has opened doors for professional development programs, online courses, and micro-credentials. Moreover, personalization, blended learning, and the rise of educational technology, also known as edtech, are all key factors creating a positive outlook for the education market in the US.

In the US, overall spending on education is expected to increase and positively influence the education market. With increasing disposable incomes and the growth in the importance of personalized learning, mental health, and academic assistance, the demand for educational services and additional resources is expected to grow. On September 2, Reuters reported that according to the National Retail Federation, back-to-school spending in the US is expected to reach a record high in 2023. The retail trade group predicts that spending will reach above $135 billion this year, an increase of more than $24 billion from 2022.

Continuar leyendo la historia

Notable Names in the US Education Market

Some of the biggest education companies operating in the US are 2U, Inc. (NASDAQ:TWOU), Stride, Inc. (NYSE:LRN), and Grand Canyon Education, Inc. (NASDAQ:LOPE).

Growing spending can translate to increased demand for educational products and services. Grand Canyon Education, Inc. (NASDAQ:LOPE) is an educational services company that is leading educational transformation and ranks among the best education stocks to buy in 2023. It provides education services to colleges and universities in the US, which can include technology solutions such as learning management systems, internal administration, and support services. Other services that Grand Canyon Education, Inc. (NASDAQ:LOPE) offers include faculty training and development, class scheduling, program and curriculum development, and counseling services. On November 2, Grand Canyon Education, Inc. (NASDAQ:LOPE) reported earnings for the fiscal third quarter of 2023. The company reported an EPS of $1.26 and beat estimates by $0.17. The company’s revenue for the quarter grew by 6.32% year-over-year and amounted to $221.91 million, ahead of market consensus by $2.29 million.

Education companies are teaming up with educational institutions and continuously creating new and relevant courses to attract more students and prepare them for the ever-evolving job landscape. Stride, Inc. (NYSE:LRN), formerly K12 Inc., is an education management organization (EMO) that offers online and blended education programs. On November 29, Stride, Inc. (NYSE:LRN) reported that the University of New England (UNE) has teamed up with MedCerts to offer a variety of healthcare-focused classes. MedCerts, a subsidiary of Stride, Inc. (NYSE:LRN), is known for its innovation in online healthcare and IT career training. Through UNE’s list of healthcare offerings, the new classes will increase the available options for students who are interested in pursuing a rewarding career in healthcare. The new partnership between Stride, Inc.’s (NYSE:LRN) MedCerts and the University of New England (UNE) aims to fight against the healthcare worker shortage in the US by accelerating student pathways to in-demand roles.

2U, Inc. (NASDAQ:TWOU) is an American edtech company and the parent company of the online education platform edX. On September 18, 2U, Inc. (NASDAQ:TWOU) announced that edX and HP Inc. (NYSE:HPQ) have partnered up to launch a new online Professional Certificate program in Esports Management, Game Design, and Programming. This new program includes courses that encompass both technical skills including coding and testing, as well as essential business skills, such as marketing, storytelling, and content creation. With over 60 curated models, the new Professional Certificate program will help learners prepare for jobs in the gaming, media, and information and communication technology (ICT) sectors. President of partnerships at 2U, Inc. (NASDAQ:TWOU), Andrew Hermalyn, said:

Now that we have discussed what’s going on in the US education sector, let’s take a look at the 25 smartest states with the highest average IQ.

pathdoc/Shutterstock.com

Methodology

In this article, we have listed 25 smartest states with the highest average IQ. To rank the US states with the highest IQ scores, we consulted the “Updated IQ and Well-Being Scores for the 50 U.S. States” report by Bryan J. Pesta. This report is available at the National Institutes of Health’s website and it provides us with state IQ scores for all of the 50 US states. We used the data available and narrowed down our selection to rank the 25 smartest states with the highest average IQ, which are listed below in ascending order.

By the way, Insider Monkey is an investing website that tracks the movements of corporate insiders and hedge funds. By using a consensus approach, we identify the best stock picks of more than 900 hedge funds investing in US stocks. The top 10 consensus stock picks of hedge funds outperformed the S&P 500 Index by more than 140 percentage points over the last 10 years (see the details here). Whether you are a beginner investor or a professional one looking for the best stocks to buy, you can benefit from the wisdom of hedge funds and corporate insiders.

25 Smartest States with the Highest Average IQ

25. Maryland

State IQ Score: 100

Maryland is a state in the Mid-Atlantic region of the US that ranks among the top 25 smartest states with the highest average IQ. According to recently reported data, Maryland has an estimated IQ score of 100. 

24. Ohio

State IQ Score: 100

Ohio is a Midwestern US state that ranks among the most populated states and has an estimated IQ score of 100. Ohio is home to a thriving manufacturing sector, and it is one of the biggest automobile-producing states in the US.

23. Pennsylvania

State IQ Score: 100.2

Pennsylvania is a state in the Mid-Atlantic region that is known for its diverse geography. It is the fifth-most populated state in the US, despite being the 33rd-largest in terms of size. According to recently reported data, Pennsylvania has an estimated IQ score of 100.2.

22. Oregon

State IQ Score: 100.3

Oregon is a state in the Pacific Northwest region. It is one of the most geographically diverse states and it also ranks high among the states with the smallest gender pay gap in 2023. With an IQ score of 100.3, Oregon ranks 22nd on our list of smartest states with the highest average IQ.

21. Kansas

State IQ Score: 100.5

Kansas is a landlocked state in the Midwestern US. Named after the Kansas River, the state of Kansas is known for its rolling hills, vast prairies, and natural beauty. According to the most recently reported data, Kansas has an estimated IQ score of 100.5.

20. Idaho

State IQ Score: 100.5

Idaho is a northwestern US state that is known for its unspoiled, mountainous landscapes and wilderness. With an IQ score of 100.5, Idaho ranks among the top 20 smartest states with the highest average IQ. Idaho is also known for its potatoes, trout and precious stones, and it has been nicknamed the Gem State.

19. Indiana

State IQ Score: 100.6

Indiana is a state in the Midwestern region of the US that is known for its vast farmlands. Indiana is also known for its manufacturing industry and steel production. According to recently reported data, Indiana has an estimated IQ score of 100.6.

18. South Dakota

State IQ Score: 100.7

South Dakota is a state in the North Central region that is best known for Mount Rushmore and The Black Hills. It ranks among some of the least populated and least densely populated states in the US. With an IQ score of 100.7, South Dakota ranks 18th on our list of smartest states with the highest average IQ.

17. Maine

State IQ Score: 100.9

Maine is the Easternmost state in the New England region, and it is considered to be one of the most rural states in the US. Nicknamed “The Pine Tree State”, Maine is known for its national parks, beautiful coastlines, and attraction sites including lighthouses. Maine has an estimated IQ score of 100.9.

16. New Jersey

State IQ Score: 101

New Jersey is a northeastern US state that is known for its boardwalk beaches and Atlantic City casinos, which attract millions of tourists each year. While being one of the smallest states by area, New Jersey is the most densely populated state in the US. The state's estimated IQ score is 101.

15. Montana

State IQ Score: 101.1

Montana is a Western state that ranks among the top 15 on our list of smartest states with the highest average IQ. As one of the largest and least populated states in the US, Montana is defined by its diverse terrain ranging from the Rocky Mountains to the Great Plains. Montana has an estimated IQ score of 101.1.

14. Iowa

State IQ Score: 101.1

Iowa is a state in the upper Midwestern region of the US and it sits between the Missouri and Mississippi rivers. It is known for its diverse agricultural production and is one of the biggest food-producing states in the US. According to recently reported data, Iowa has an estimated IQ score of 101.1.

13. Colorado

State IQ Score: 101.1

Colorado is a state in the Mountain West sub-region that is known for its magnificent scenery of mountains, rivers, and plains. The state of Colorado ranks high among the most educated states in America, and it has an IQ score of 101.1.

12. Wisconsin

State IQ Score: 101.2

Wisconsin is a state in the upper Midwestern US, and it ranks among the top 12 smartest states with the highest average IQ with an estimated IQ score of 101.2. Nicknamed America’s Dairyland, Wisconsin is known for its cheese and dairy products.

11. Connecticut

State IQ Score: 101.2

Connecticut is one of the smallest and most densely populated states in the US. Connecticut is known for its rolling hills, beautiful scenery, and autumn colors. Connecticut has an estimated IQ score of 101.2, and it is one of the most educated states in the US.

10. Nebraska

State IQ Score: 101.2

Nebraska is a midwestern US state that ranks among the top 10 smartest states with the highest average IQ. According to the most recently reported data, Nebraska has an IQ score of 101.2. Nicknamed “The Cornhusker State”, Nebraska is known for its vast prairies and spacious farmlands while also being a leading agricultural state.

9. Virginia

State IQ Score: 101.2

Virginia is a state in the Mid-Atlantic and Southeastern regions of the US. Nicknamed the Mother of Presidents, Virginia has been home to as many as 8 different US presidents, including four of the country’s first five presidents. Virginia has an estimated IQ score of 101.2.

8. Utah

State IQ Score: 101.5

Utah is a landlocked state in the Mountain West sub-region of the Western US. Nicknamed the Beehive State, it is known for its stunning natural landscapes and incredible national parks. With an IQ score of 101.5, Utah ranks 8th on our list of smartest states with the highest average IQ.

7. Washington

State IQ Score: 101.5

Nicknamed “The Evergreen State”, the state of Washington is known for its mountainous landscapes and an abundance of evergreen forests. According to recently reported data, Washington state has an estimated IQ score of 101.5. Washington also ranks high among the states with the most job growth in 2023.

6. Wyoming

State IQ Score: 101.7

Wyoming is a state in the Mountain West sub-region of the Western US and with an estimated IQ score of 101.7, it ranks high among the smartest states with the highest average IQ. Known for its beautiful nature and stunning National Parks, Wyoming is the least populated state in the US.

Click to continue memorizing and see 5 Smartest States with the Highest Average IQ.

Suggested Articles:

Disclosure: None. 25 Smartest States with the Highest Average IQ is published on Insider Monkey.