WEBVTT ae81fe4e-468a-469b-962c-c87752d9e85a-0 00:00:00.120 --> 00:00:01.240 Hi, Colin and Jurgen. c8f8e1ab-9972-4bae-ac8d-ed35f12f5d79-0 00:00:01.240 --> 00:00:02.600 Thank you for being here. f913e2f2-de77-40a8-986b-b3b4b0abb327-0 00:00:02.920 --> 00:00:05.880 The rise of cyber threats is always increasing. ceb45a50-2b32-4c04-891a-688cef0c7e38-0 00:00:05.880 --> 00:00:07.840 So how can businesses keep up? 28b3d069-51a2-4e59-b1cf-88c50d023540-0 00:00:08.480 --> 00:00:11.655 Yeah, it's all about building a good and strong cyber defense 28b3d069-51a2-4e59-b1cf-88c50d023540-1 00:00:11.655 --> 00:00:14.062 foundation, but also of regularly testing your 28b3d069-51a2-4e59-b1cf-88c50d023540-2 00:00:14.062 --> 00:00:15.240 cybersecurity controls. da3f3f55-f437-4473-8acf-80340b52f722-0 00:00:15.520 --> 00:00:18.170 I recommend to clients, do regular red teaming, purple da3f3f55-f437-4473-8acf-80340b52f722-1 00:00:18.170 --> 00:00:21.157 teaming exercises, really test your controls so you can get a da3f3f55-f437-4473-8acf-80340b52f722-2 00:00:21.157 --> 00:00:24.193 really good understanding of how robust your security controls da3f3f55-f437-4473-8acf-80340b52f722-3 00:00:24.193 --> 00:00:27.180 are when you actually put them through the test, when you run da3f3f55-f437-4473-8acf-80340b52f722-4 00:00:27.180 --> 00:00:30.023 some real threat simulations against your environments. So da3f3f55-f437-4473-8acf-80340b52f722-5 00:00:30.023 --> 00:00:32.240 what the attackers would be doing, basically. 1e321ac6-8ffa-4830-ad10-c069b42d8c38-0 00:00:33.160 --> 00:00:35.640 I think this is where we've seen organizations really have to 1e321ac6-8ffa-4830-ad10-c069b42d8c38-1 00:00:35.640 --> 00:00:37.000 focus this at the business level. 230c033b-11a5-401e-a7bb-b84aa5fc79e5-0 00:00:37.040 --> 00:00:38.400 This becomes a business imperative. e2b1994d-5c4f-4ed3-a16f-1f402823ed64-0 00:00:38.400 --> 00:00:41.080 This is not just a cybersecurity problem or technology problem. c963b9a3-79c7-433f-bc58-ef1cb4e6b53d-0 00:00:41.080 --> 00:00:43.545 You have to understand the business risks, the threats and c963b9a3-79c7-433f-bc58-ef1cb4e6b53d-1 00:00:43.545 --> 00:00:46.136 how in the event that something bad does happen, what are the c963b9a3-79c7-433f-bc58-ef1cb4e6b53d-2 00:00:46.136 --> 00:00:46.680 implications. 937e5e41-bbb4-4f60-a7c1-3dde1f94073c-0 00:00:46.840 --> 00:00:49.304 So then you're making the right decisions on, as Jurgen was 937e5e41-bbb4-4f60-a7c1-3dde1f94073c-1 00:00:49.304 --> 00:00:51.891 saying, what defenses are you putting in place so you can make 937e5e41-bbb4-4f60-a7c1-3dde1f94073c-2 00:00:51.891 --> 00:00:53.000 your organization stronger. bd48439a-3b35-4582-bb47-b8ccccc02966-0 00:00:53.680 --> 00:00:54.040 Well, GenAI 9b675cde-75d4-4411-9d96-62deaff2d05e-0 00:00:54.040 --> 00:00:55.640 is totally changing the game. ab3c5a99-fbfa-43ac-a7fd-40c888ea84f6-0 00:00:55.640 --> 00:00:56.720 So how is GenAI 8b0ffcbf-69bd-4a4d-89fc-7617a48cbcef-0 00:00:56.720 --> 00:00:59.080 transforming the cybersecurity landscape? d563ebbb-fec2-4f3b-945c-afd401238cf4-0 00:00:59.880 --> 00:01:02.120 Yeah, so there are two sides, as always, to it, right? 493d506d-7dea-485b-838a-811dcad6715a-0 00:01:02.120 --> 00:01:04.120 What are the defenders doing with GenAI? b17b5103-52af-4841-a9ad-37563fcebe95-0 00:01:04.120 --> 00:01:04.480 063bbefa-c1c4-4232-9a0e-c583b436f7f4-0 00:01:04.480 --> 00:01:07.225 And obviously defenders are using it to help, for example, 063bbefa-c1c4-4232-9a0e-c583b436f7f4-1 00:01:07.225 --> 00:01:10.110 overcome the talent gap that our industry has been facing for 063bbefa-c1c4-4232-9a0e-c583b436f7f4-2 00:01:10.110 --> 00:01:11.320 many, many decades, right? b2dab6c4-06b4-48e1-a870-ee7739a13c3c-0 00:01:11.520 --> 00:01:15.558 So automating processes, helping streamline cyber defense b2dab6c4-06b4-48e1-a870-ee7739a13c3c-1 00:01:15.558 --> 00:01:17.160 operations, using GenAI 15ec0eda-7ce1-43ae-bf77-cc627db8e97e-0 00:01:17.160 --> 00:01:21.120 to basically help them with critical decision making, right. d12f53b3-8383-4bb3-9269-844f704cb474-0 00:01:21.320 --> 00:01:24.185 But of course, on the other side, right, the bad guys are d12f53b3-8383-4bb3-9269-844f704cb474-1 00:01:24.185 --> 00:01:25.520 also starting to use GenAI. 47d2bdab-db45-4e78-ae01-353d6afa763b-0 00:01:25.600 --> 00:01:25.960 97a61f5d-c0ff-4bd9-a6bc-49c9dd65b7a4-0 00:01:26.120 --> 00:01:28.762 We've seen them, for example, use it, especially around social 97a61f5d-c0ff-4bd9-a6bc-49c9dd65b7a4-1 00:01:28.762 --> 00:01:29.560 engineering, right? 8be3164d-ded4-4c5b-926c-b1d72db6b503-0 00:01:29.880 --> 00:01:33.208 Building more convincing social engineering attacks with better 8be3164d-ded4-4c5b-926c-b1d72db6b503-1 00:01:33.208 --> 00:01:36.432 impersonations that allows them to really have these targeted 8be3164d-ded4-4c5b-926c-b1d72db6b503-2 00:01:36.432 --> 00:01:39.552 phishing campaigns and go after those individuals and those 8be3164d-ded4-4c5b-926c-b1d72db6b503-3 00:01:39.552 --> 00:01:40.280 organizations. c66e46d9-a2ca-408e-ad41-63d02b2f4790-0 00:01:41.480 --> 00:01:44.080 I think what we've seen is that this is not a fundamental change c66e46d9-a2ca-408e-ad41-63d02b2f4790-1 00:01:44.080 --> 00:01:45.840 to what you do in your cybersecurity world. f07cb20e-655a-46a4-a935-5c699e19b108-0 00:01:46.000 --> 00:01:48.838 You should be building off of good existing practices, how you f07cb20e-655a-46a4-a935-5c699e19b108-1 00:01:48.838 --> 00:01:49.920 can do better, stronger. 32109875-7893-41b0-9af3-d1241fea8563-0 00:01:50.200 --> 00:01:52.490 I think that we try to have organizations think about is 32109875-7893-41b0-9af3-d1241fea8563-1 00:01:52.490 --> 00:01:54.982 making sure that this doesn't introduce new tech debt because 32109875-7893-41b0-9af3-d1241fea8563-2 00:01:54.982 --> 00:01:57.273 you've done something so fast you haven't thought of the 32109875-7893-41b0-9af3-d1241fea8563-3 00:01:57.273 --> 00:01:58.639 cybersecurity implications of it. e6831128-6a99-436c-a990-095ee0ac8577-0 00:01:59.080 --> 00:02:01.310 And then making sure that you're actually protecting your e6831128-6a99-436c-a990-095ee0ac8577-1 00:02:01.310 --> 00:02:03.541 information and making sure that, what is the model doing e6831128-6a99-436c-a990-095ee0ac8577-2 00:02:03.541 --> 00:02:04.079 with the data? b5b12976-78e0-4cf5-9c9e-642366e4c562-0 00:02:04.080 --> 00:02:05.240 Does it stay in your environment? 4253ff33-aec7-4749-96a8-bb1f46dc07f9-0 00:02:05.240 --> 00:02:06.320 Does it leave your environment? dde0cd5f-dab1-404e-90df-b2bee04334b9-0 00:02:06.440 --> 00:02:08.579 And then ultimately, what are third parties doing with the dde0cd5f-dab1-404e-90df-b2bee04334b9-1 00:02:08.579 --> 00:02:10.320 data you give them and how are they using GenAI d04de522-d119-4e14-b0b6-aa3975f0935e-0 00:02:10.320 --> 00:02:13.037 in their own applications, in their own situations, so that d04de522-d119-4e14-b0b6-aa3975f0935e-1 00:02:13.037 --> 00:02:16.027 you make sure that whatever they are using your data for is still d04de522-d119-4e14-b0b6-aa3975f0935e-2 00:02:16.027 --> 00:02:16.480 protected. f97e8474-9388-4227-9c3f-f77cb1e76103-0 00:02:17.240 --> 00:02:20.720 So how are BCG and Mandiant working together to safeguard f97e8474-9388-4227-9c3f-f77cb1e76103-1 00:02:20.720 --> 00:02:21.560 organizations? 188a8345-76fb-4207-8aa4-a62b4257c0e7-0 00:02:21.720 --> 00:02:23.875 So I think this has been a great opportunity from a partnership 188a8345-76fb-4207-8aa4-a62b4257c0e7-1 00:02:23.875 --> 00:02:24.280 perspective. 96c5b4f2-4c99-4d14-91eb-8795fb73bccb-0 00:02:24.280 --> 00:02:26.600 When Jurgen and I first started talking some time ago, we 96c5b4f2-4c99-4d14-91eb-8795fb73bccb-1 00:02:26.600 --> 00:02:29.000 realized that we were passing each other in the halls on on 96c5b4f2-4c99-4d14-91eb-8795fb73bccb-2 00:02:29.000 --> 00:02:30.680 several different incidents with clients. 8f45b77b-2a8f-4212-a7e9-008c8eb55141-0 00:02:30.960 --> 00:02:33.783 And it was really an opportunity to take the best of what both 8f45b77b-2a8f-4212-a7e9-008c8eb55141-1 00:02:33.783 --> 00:02:34.680 companies really do. 06b21972-388c-456e-b1b8-9061aeb10104-0 00:02:34.680 --> 00:02:37.149 How do we make sure that we're telling the story from the 06b21972-388c-456e-b1b8-9061aeb10104-1 00:02:37.149 --> 00:02:39.789 C-Suite all the way down to the people who are responding and 06b21972-388c-456e-b1b8-9061aeb10104-2 00:02:39.789 --> 00:02:41.280 giving the organization one voice. d1947cdb-9790-49a5-9ecf-1b0ba419acb2-0 00:02:41.280 --> 00:02:44.705 One consistent message and one way to actually respond to d1947cdb-9790-49a5-9ecf-1b0ba419acb2-1 00:02:44.705 --> 00:02:48.131 incidents when something happens. And then pre-breach and d1947cdb-9790-49a5-9ecf-1b0ba419acb2-2 00:02:48.131 --> 00:02:48.840 post-breach, 0ee6d9da-441e-4c5e-8820-876d632cfb76-0 00:02:48.840 --> 00:02:50.080 what else can we do with the organization? 97aa1751-7544-48fb-b293-70ed93f6b27a-0 00:02:50.080 --> 00:02:52.517 Because we think there's a lot that can be done, as Jurgen was 97aa1751-7544-48fb-b293-70ed93f6b27a-1 00:02:52.517 --> 00:02:54.451 alluding to before, in the security posture in an 97aa1751-7544-48fb-b293-70ed93f6b27a-2 00:02:54.451 --> 00:02:56.695 organization, understanding the risks and then how do you 97aa1751-7544-48fb-b293-70ed93f6b27a-3 00:02:56.695 --> 00:02:58.320 protect an organization more proactively? b006c1ac-0c6e-4765-85d0-b390e00cfb04-0 00:02:59.200 --> 00:03:02.015 Yeah, when Colin and I started working together, we saw how b006c1ac-0c6e-4765-85d0-b390e00cfb04-1 00:03:02.015 --> 00:03:04.878 well the portfolios of the two organizations complement each b006c1ac-0c6e-4765-85d0-b390e00cfb04-2 00:03:04.878 --> 00:03:05.160 other. 8bb7d58d-612d-43eb-a106-7012f439597f-0 00:03:05.400 --> 00:03:07.864 And as a consultant at heart, I'm always about building 8bb7d58d-612d-43eb-a106-7012f439597f-1 00:03:07.864 --> 00:03:09.360 solutions for our clients, right? b8189d44-3580-405e-a6a7-b60c3df74a6f-0 00:03:09.520 --> 00:03:11.720 As comprehensive of a solution as possible. 8293dffe-09f6-4695-bb0c-eef83f54d52a-0 00:03:11.920 --> 00:03:15.009 Understanding that cyber is one element of the overall risk 8293dffe-09f6-4695-bb0c-eef83f54d52a-1 00:03:15.009 --> 00:03:17.120 landscape that organizations are facing. fef28ad7-f890-44c1-b68f-2fcece8d6258-0 00:03:17.120 --> 00:03:20.374 And realizing that, by bringing together BCG and Mandiant, we fef28ad7-f890-44c1-b68f-2fcece8d6258-1 00:03:20.374 --> 00:03:23.155 can offer so much more capabilities and so much more fef28ad7-f890-44c1-b68f-2fcece8d6258-2 00:03:23.155 --> 00:03:25.360 comprehensive engagements to our clients. 92534449-0832-448f-bf0b-a79408ab0ff1-0 00:03:25.480 --> 00:03:27.840 That's really what what started this partnership. e197afc6-d425-4bf9-a70d-9f07d689d693-0 00:03:28.600 --> 00:03:31.200 Okay, comprehensive solutions for the risk landscape. 25370709-7480-44b8-9629-4e5024cec7eb-0 00:03:31.200 --> 00:03:32.320 Thank you for joining us. 7af8a5b1-1401-4a88-a7b7-2aa53f8031ac-0 00:03:32.680 --> 00:03:33.040 Thank you. 730df152-39d2-452c-a84b-e891c7566f00-0 00:03:33.200 --> 00:03:33.600 Thank you.