Detecting malware, especially ransomware, is essential to securing today's interconnected ecosystems, including cloud storage, enterprise file-sharing, and database services. Training high-performing artificial intelligence (AI) detectors requires diverse datasets, which are often distributed across multiple organizations, making centralization necessary. However, centralized learning is often impractical due to security, privacy regulations, data ownership issues, and legal barriers to cross-organizational sharing. Compounding this challenge, ransomware evolves rapidly, demanding models that are both robust and adaptable. In this paper, we evaluate Federated Learning (FL) using the Sherpa.ai FL platform, which enables multiple organizations to collaboratively train a ransomware detection model while keeping raw data local and secure. This paradigm is particularly relevant for cybersecurity companies (including both software and hardware vendors) that deploy ransomware detection or firewall systems across millions of endpoints. In such environments, data cannot be transferred outside the customer's device due to strict security, privacy, or regulatory constraints. Although FL applies broadly to malware threats, we validate the approach using the Ransomware Storage Access Patterns (RanSAP) dataset. Our experiments demonstrate that FL improves ransomware detection accuracy by a relative 9% over server-local models and achieves performance comparable to centralized training. These results indicate that FL offers a scalable, high-performing, and privacy-preserving framework for proactive ransomware detection across organizational and regulatory boundaries.

Resecurity, a cybersecurity company providing managed threat detection and response, has opened a new office in Silicon Beach, an area known as the technology capital of Southern California. Resecurity becomes the first recognizable cybersecurity player in the area, making the local tech ecosystem more diverse and progressive. While Silicon Valley is known as the tech and startup hub throughout California, Silicon Beach is a rising ecosystem in this arena. Silicon Beach is home to an innovative collection of tech companies in Los Angeles (LA). The region has attracted an estimated 500 tech companies, ranging from startups, like Bird and Fair, to global policy think tanks and established tech giants like the RAND Corporation, SpaceX, Google and Facebook.

Artificial intelligence (A.I.) isn't quite ready to take over the world, but it's moving a step closer. A recent survey released by Morning Consult and IBM finds that the COVID-19 pandemic, coupled with the continuing need to automate manual tasks and cybersecurity, has pushed more organizations to adopt A.I. technologies. The Global AI Adoption Index 2022 report, which is based on questions sent to approximately 7,500 IT leaders across the globe, finds that 35 percent of organizations surveyed are deploying A.I. today; another 42 percent are "exploring" these technologies. The study added that A.I. adoption was up four percentage points compared to a previous report released in 2021. As with many other cutting-edge technologies, the survey found that COVID-19 played a significant role in increasing A.I. adoption, as companies looked to automate certain tasks as a way to overcome tech skill gaps (as well as some of the labor shortages associated with the pandemic).

IBM has been warning about the cybersecurity skills gap for several years now and has recently released a report on the lack of artificial intelligence (AI) skills across Europe. The company said in a Friday email to SC Media that cybersecurity has been experiencing a significant workforce and skills shortage globally, and AI can offer a crucial technology path for helping solve it. "Given that AI skillsets are not yet widespread, embedding AI into existing toolsets that security teams are already using in their daily processes will be key to overcoming this barrier," IBM stated in the email. "AI has great potential to solve some of the biggest challenges facing security teams -- from analyzing the massive amounts of security data that exists to helping resource-strapped security teams prioritize threats that pose the greatest risk, or even recommending and automating parts of the response process." Oliver Tavakoli, CTO at Vectra, said the potential of machine learning (ML) and AI materially helping in the pursuit of a large set of problems across many industries has created an acute imbalance in the supply and demand of AI talent.

DataDome, a cybersecurity company, announced that it has raised $35 million from Elephant, and its historical investor ISAI. The firm is known for its Software as a Service (SaaS) solution that uses artificial intelligence to protect the data of companies suffering from fraud committed by malicious robots. This investment will allow DataDome to strengthen its teams. Founded in 2015 by Fabien Grenier and Benjamin Fabre, DataDome is a cybersecurity company whose main mission is to help companies protect their data and digital activities. A fast-growing demand: bot fraud attacks are constantly on the rise as they are up 47% over the last six months.

The cybersecurity industry is trending upwards. More people are sharing sensitive data online, which entices criminals to find new ways to attack internet users. Every industry faces change, but the change the cybersecurity industry is facing may threaten job security. What Change is Threatening Job Security? A couple of trends are doing this.

October is quite the busy month. Not only is it the start of the fourth quarter and the third-quarter earnings season, but October is also Cybersecurity Awareness Month. So, today I'd like to raise some awareness on a new type of cybersecurity breach. During the coronavirus pandemic, cybercrime has risen by over 600%, and now the malicious hackers are becoming more creative by using artificial intelligence (AI) and machine learning (ML) to evade detection. For example, with AI, hackers are now using data poisoning to target data used to train the machine learning systems.

In May of 2017, a nasty cyber attack hit more than 200,000 computers in 150 countries over the course of just a few days. Dubbed "WannaCry," it exploited a vulnerability that was first discovered by the National Security Agency (NSA) and later stolen and disseminated online. It worked like this: After successfully breaching a computer, WannaCry encrypted that computer's files and rendered them unreadable. In order to recover their imprisoned material, targets of the attack were told they needed to purchase special decryption software. Guess who sold that software? The so-called "ransomware" siege affected individuals as well as large organizations, including the U.K.'s National Health Service, Russian banks, Chinese schools, Spanish telecom giant Telefonica and the U.S.-based delivery service FedEx.

The majority of Information Security teams' cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not.

The majority of Information Security teams' cybersecurity analysts are overwhelmed today analyzing security logs, thwarting breach attempts, investigating potential fraud incidents and more. The following graphic compares the percentage of organizations by industry who are relying on AI to improve their cybersecurity. The bottom line is all organizations have an urgent need to improve endpoint security and resilience, protect privileged access credentials, reduce fraudulent transactions, and secure every mobile device applying Zero Trust principles. Many are relying on AI and machine learning to determine if login and resource requests are legitimate or not based on past behavioral and system use patterns. Several of the top ten companies to watch take into account a diverse series of indicators to determine if a login attempt, transaction, or system resource request is legitimate or not.