New Episode!
A Brand Story from the Road to #RSAC 2025 — Featuring Akamai Technologies

Every year, as we get ready for RSA Conference, we fire up the engine and the mics—not just to cover the #tech, but to capture the #business, the strategy, and most importantly, the human side of #cybersecurity.

Our latest Brand Story does just that.

In this pre-conference conversation, we sit down with Rupesh Chokshi, SVP & GM of Application Security at #Akamai, to talk about the shifting cybersecurity landscape as we move deeper into the #AI era. From #APIattacks and #LLM scraping to hybrid infrastructures and #zerotrust environments, it’s clear that security is no longer just a barrier—it’s a business enabler.

And Akamai is right at the center of that transformation.

We explore what it means to build real #cyberresilience, how organizations can rethink their security strategy in an AI-driven world, and why this year’s #RSAC2025 Conference is set to be a defining moment for both innovation and trust.

A special thank you to Akamai for sponsoring our RSAC 2025 coverage and continuing to support conversations that matter.

Watch the teaser: https://youtu.be/NH4APVuZfRc
Full episode: https://youtu.be/DMm6INJ_2Z8
Listen on the podcast: https://brand-stories-podcast.simplecast.com/episodes/ai-security-and-the-hybrid-world-akamais-vision-for-rsac-2025-with-rupesh-chokshi-svp-gm-application-security-akamai-a-rsac-conference-2025-brand-story-pre-event-conversation
Learn more about Akamai: https://www.itspmagazine.com/directory/akamai
Follow all of our RSAC 2025 stories: https://www.itspmagazine.com/rsac

We’ll see you in San Francisco for more conversations to share with your audience!

— Marco Ciappelli & Sean Martin, CISSP
ITSPmagazine Co-Founders

AI in the workplace: friend or foe? Let's be honest, tools like ChatGPT certainly make life easier in many ways. But are we stopping to think about the security implications? We could be looking at a whole new wave of Shadow IT, with AI tools popping up that nobody's really tracking. And guess what? Your standard security playbook probably doesn't cover this.

Speaking as a pentester, I see firsthand how quickly these gaps can be exploited. It often happens when employees feed sensitive company data into various AI tools without fully understanding where that information goes or how it's used. Honestly, it's like leaving the door wide open for data leaks.

We seriously need to boost awareness around this and establish clear guidelines for using AI responsibly. Plus, regular pentesting is absolutely key to uncovering these vulnerabilities *before* they turn into major breaches.

So, what are your thoughts? Where do you see the biggest AI security risks lurking? Let's discuss!

‘No AI Agents are Allowed.’ EU Bans Use of AI Assistants in Virtual Meetings – Source: www.techrepublic.com https://ciso2ciso.com/no-ai-agents-are-allowed-eu-bans-use-of-ai-assistants-in-virtual-meetings-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #ArtificialIntelligence #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #videoconferencing #virtualassistants #virtualmeetings #International #AIsecurity #anthropic #Security #Europe #OpenAI #emea #News #AI #EU

AI coding tools can hallucinate fake packages, leading to slopsquatting attacks where hackers inject malware. Vibe coding increases the risk. Always verify dependencies suggested by AI.
#AISecurity #SupplyChain #DevSecOps

Right, seeing *yet another* headline about some AI tool claiming it can do "everything" in security. Sorry, but let's get this straight: automated scans ARE NOT proper pentests. Period.

It just takes a whole lot more than letting a scanner run its course. You know? Real security, the kind that actually works, is built on rolling up your sleeves – we're talking hands-on testing, applying critical thinking, and truly *understanding* the system inside and out.

And let's be real for a sec: sometimes, what gets sold is simply what clients *want* to hear at that moment, rather than the robust solutions they genuinely *need*. It's a tough conversation sometimes, but a necessary one.

So, over to you: What do you see as the main pitfalls or biggest dangers when relying on AI-based security solutions? Let me know your thoughts below!

Researchers claim breakthrough in fight against AI’s frustrating security hole - In the AI world, a vulnerability called "prompt injection" has haunted dev... - https://arstechnica.com/information-technology/2025/04/researchers-claim-breakthrough-in-fight-against-ais-frustrating-security-hole/ #largelanguagemodels #promptinjections #machinelearning #googledeepmind #simonwillison #rileygooside #aisecurity #chatgpt #chatgtp #biz⁢ #google #ai

Man, this whole AI hype train... Yeah, sure, the tools are definitely getting sharper and faster, no doubt about it. But an AI pulling off a *real* pentest? Seriously doubt that's happening anytime soon. Let's be real: automated scans are useful, but they just aren't the same beast as a genuine penetration test.

Honestly, I think security needs to be woven right into the fabric of a company from the get-go. It can't just be an afterthought you tack on when alarms are already blaring.

Now, don't get me wrong, AI definitely brings its own set of dangers – disinformation is a big one that springs to mind. But here's the thing: we absolutely *have* to get our heads around these tools and figure them out. If we don't keep pace, we risk becoming irrelevant pretty quick.

So, curious to hear what you all think – where do the greatest pitfalls lie with AI in the security field? What keeps you up at night?

AI-generated code presents new security vulnerabilities, highlighting the need for robust evaluation and safeguards. #AISecurity #SoftwareSecurity #AIrisks

More details: https://the-decoder.com/slopsquatting-one-in-five-ai-code-snippets-contains-fake-libraries - https://www.flagthis.com/news/13151

Red teamers relying on the same risk assessment twice will see different behaviors in their AI applications. You need continuous AI risk assessments.

https://bit.ly/Redteaming-AI-Apps

AI in cybersecurity? It's a wild concept, but honestly, pretty dicey too!

Sure, on one hand, AI can seriously help spot threats way faster than humans ever could. But let's not kid ourselves, the attackers aren't just sitting back! They're already using AI to cook up even nastier, more sophisticated attacks.

And here's the kicker: loads of companies seem to be jumping in without a real clue on how to actually *use* AI securely. That's a recipe for disaster, plain and simple. Relying on certifications won't cut it either if the fundamental tech isn't locked down tight.

Bottom line? We desperately need some solid ground rules for AI in this field before things get completely out of hand.

What's your gut feeling on this? How much faith can we *really* put in AI when the stakes are this high? Let me know below!

OpenAI is rolling out 'Verified Organization' ID checks soon. This aims to unlock future advanced models for devs while boosting security and preventing misuse. Get verified to stay ahead. #OpenAI #AISecurity #DevLife

https://frontbackgeek.com/the-rise-of-ai-powered-location-detection-should-we-worry/
#ailocation #dataprivacy #techsurveillance #aiconcerns #locationtracking #aisecurity

Team Topologies provides robust, AI-native team structures for AI/ML organizations. The four team types — Stream-aligned, Platform, Enabling, and Complicated subsystem — create clear boundaries that guide both human and AI agents, manage cognitive load, and enable fast flow, even in complex ML environments.

How is your organization structuring teams for success?

Watch the livestream and read the full article — https://confluxhq.com/insight/team-topologies-in-action-effective-structures-for-machine-learning-teams

Navigating the Future of AI Agents: Insights from Zico Kolter

As artificial intelligence evolves, the need for robust security measures becomes paramount. Zico Kolter from Carnegie Mellon University sheds light on the vulnerabilities of AI agents and the imperat...

https://news.lavx.hu/article/navigating-the-future-of-ai-agents-insights-from-zico-kolter

Man, this AI phishing stuff is getting wild!

Seriously, any newbie can now whip up a fake login page that looks scarily real in no time flat. And get this: the AI can even *host* the malicious site itself and swipe your credentials.

Speaking as a pentester, I'm telling you, this is a whole new level of phishing. Your typical automated scanners? They're often struggling to catch these sophisticated fakes. You've really got to stay sharp out there!

So, my question to you is: How are *you* staying safe from these AI-generated attacks? Drop your tips below!

NIST's new AML guidelines are here! From GenAI-specific threats to a detailed taxonomy of attacks & mitigations, this report is a game-changer for AI security.

https://zurl.co/WqFxE

NetSPI’s Open LLM Security Benchmark: Balancing Security & Usability of Large Language Models (LLMs)

https://github.com/NetSPI/Open-LLM-Security-Benchmark

Yo, IT-Sec crowd!

Anyone else noticing how *everyone* seems to be talking about AI-powered security tools these days? Yeah, it's everywhere. But let's be real for a sec – are they *truly* as amazing as the hype suggests?

I mean, okay, AI can definitely be useful for spotting anomalies and patterns, no doubt about that. But here's a thought: what happens if the AI itself gets compromised? Or what about when it starts churning out false alarms simply because it doesn't *really* grasp the situation?

Honestly, I've got my reservations. While automation is certainly nice to have, I'm convinced a skilled pentester, you know, one with actual brainpower and a strategic approach, still outsmarts any AI – at least for the time being. And look, if AI eventually *does* get significantly better, well, that just means it's time for us to add another skill to our toolkit.

So, what's your perspective on this? Do you see AI completely taking over the pentesting scene, or is that human touch going to remain irreplaceable? Let the debate begin!

Seriously, let's talk about these AI-generated "security" reports... Man, they really set off alarm bells for me. Sure, AI *can* definitely speed up certain processes, no argument there. But honestly, a proper pentest? That's a whole different beast compared to just running a few automated scans. You need real human expertise and critical thinking behind it.

So many people seem to think AI catches everything, but let's be real – these tools can seriously hallucinate sometimes. They just make stuff up! And what happens then? The client ends up *thinking* their system is locked down tight, when it’s actually got holes wide enough to drive a truck through.

Look, security isn't just some product you buy off the shelf; it's an ongoing *process*. AI should absolutely be part of our toolkit, there to *support* us, not replace us entirely.

And hey, before you blindly trust that shiny AI report? Maybe, just maybe, get an actual human pentester to lay eyes on it too. Better safe than sorry, wouldn't you agree?

What are your own experiences with AI in the IT security world? Are you feeling more skeptical or optimistic about its role? Drop your thoughts below!

Benchmarks Find ‘DeepSeek-V3-0324 Is More Vulnerable Than Qwen2.5-Max’ – Source: www.techrepublic.com https://ciso2ciso.com/benchmarks-find-deepseek-v3-0324-is-more-vulnerable-than-qwen2-5-max-source-www-techrepublic-com/ #threatsandvulnerabilities #rssfeedpostgeneratorecho #ArtificialIntelligence #SecurityonTechRepublic #SecurityTechRepublic #CyberSecurityNews #Cybersecurity #AIsecurity #deepseekv3 #qwen25max #AImodels #DeepSeek #Security #Alibaba #News #AI