Subscribe
Share
Share
Embed
HPE news. Tech insights. World-class innovations. We take you straight to the source — interviewing tech's foremost thought leaders and change-makers that are propelling businesses and industries forward.
SAM JARRELL
Good morning, Michael.
MICHAEL BIRD
Good afternoon Sam. How are you? How are you today?
SAM JARRELL
I am doing pretty well. How are you doing?
MICHAEL BIRD
I am. Very good. Have you played any games recently? I know, you mentioned that you are a gamer on the podcast several times. what games do you play, Sam?
SAM JARRELL
all kinds. I love like cozy games like a good farming sim from time to time. I used to back in the day, be into like MMO RPGs, massively multi like player online ones. but those are very time consuming.
MICHAEL BIRD
You got all the right lingo.
but anyway, so when you are playing these games. Do you feel like you're constantly having to adjust what you are doing to counter the threats or the, or the villains or the enemy, or potentially even other players, as their game start develops
SAM JARRELL
sometimes yes, I'd say generally, like as you're ramping up into a game, yes.
MICHAEL BIRD
I think I'm very much a, I'll get very comfortable in that playing style and then an enemy will do something completely different and then it'll completely throw me, um, I'm not a good strategist.
but sadly much as I'd love to discuss video games,
we are gonna be talking about real life and how everything is changing in the world of AI.
I’m Michael Bird.
SAM JARRELL
I'm Sam Jarrell
And welcome to Technology Now from HPE.
MICHAEL BIRD
Now Sam, as technology becomes more and more integrated into our lives, the number of cyber attacks has skyrocketed. Analysis published by Total Assure last year predicted around 803 million cyber attacks per day around the world. Staggering number with approaching 300 million of those attacks becoming a full instance And we'll of course link this in the show notes. Crazy numbers.
SAM JARRELL
That is insane. it seems like the threats only continue to rise, whether it's like an institution or like the spam texts that you get when someone's trying to impersonate like the mail service and say that you owe fees.
but of course we do have security in place to try and prevent these attacks going anywhere.
MICHAEL BIRD
Yeah, we do. And also the same technology, which attackers leverage can also be used defensively. things like AI can be used to spot threats or really anything that doesn't look right to try and keep our organizations and our data safe.
SAM JARRELL
And we've also discussed things like Zero Trust on this podcast before.
MICHAEL BIRD
And have no fear, it will come up in today’s interview. However, my conversation with David Hughes, Senior VP SASE & Security at HPE Networking covers far more than just Zero Trust because even networks themselves can be used as a sensor for security.
However ,before we get into any of that, I wanted to set the scene a little bit so the first thing I asked David to tell me was: what does the current threat landscape actually look like in 2026?
DAVID HUGHES
So the threat landscape today is, getting, every year intensified both in terms of scale and speed and the kind of industrialization
MICHAEL BIRD
And it changes quickly right?
DAVID HUGHES
Absolutely. And particularly with the, injection of AI and agent ai, generative ai. change is continuing to accelerate
MICHAEL BIRD
And I guess with ai from an attacker's perspective, it makes, everything much, much easier, maybe more automated.
DAVID HUGHES
Well, yeah, there's lots of different ways that attackers can use ai, but when you think about agentic ai, it allows them to be able to, automate and move more quickly without having to write automation code.
They can be driving these systems with, plain English language and, be able to operate at scale. Around the clock. you're able to run 24 by seven.
And if you want to cover more ground, you just start more agents.
MICHAEL BIRD
Yeah. AI don't, doesn't need to sleep
DAVID HUGHES
No
MICHAEL BIRD
Can you just sort of describe some of the more common threats that we have at the moment?
DAVID HUGHES
Well, there's all kinds of threats, but obviously there's different kinds of, uh, things, people after they can be after credentials. So tr trying to steal people's credentials, which is a base for doing something else.
In future, there's, been able to,take control, install. Remote access Trojan so that they can control someone's laptop or computer, There's, ransomware where your data's encrypted and then you need to pay to get keys to, decrypt that data. there's a whole variety of, common schemes.
MICHAEL BIRD
I remember that. is it called spearfishing, which is where you are specifically targeting a specific person with specific information about them.
But presumably with agen ai. That could be all automated. You can go and find all that information at scale and you can, you know, target them at scale.
DAVID HUGHES
yeah, Agentic AI helps collect and correlate information automatically. Yeah. And then generative AI lets people, deep fake audio, deep fake videos, things that they can use in social engineering, which might make it easier, for them to do, kind of spear phishing type thing.
Or, a multi-stage thing where they are impersonating someone's boss very, effectively and able to get the information they need that way.
MICHAEL BIRD
Yeah. And, and deep fake audio video has, developed so quickly.
It's getting more and more impressive and more and more, realistic,
And that makes those attacks potentially more viable at scale.
DAVID HUGHES
I think that all these things are improving at a dramatic rate when you look at, agent AI and you know what it can do.
On the plus side, it absolutely is revolutionizing the way we think about coding. And, so all of these things that can be used, by adversaries, you can use yourself as well on, on the positive side, in terms of being able to implement defenses, faster and more effectively,
MICHAEL BIRD
it seems like it's a bit of an arms race
DAVID HUGHES
it's always been an arms race. It's just that new kinds of arms are continually being invented and, I think it's really important for companies, enterprises, organizations to make sure that they are rapidly adopting new defense technology as it becomes available.
MICHAEL BIRD
So, HPE Threat Labs have recently released their inaugural report. What exactly is HPE Threat Labs?
DAVID HUGHES
HPE Threat Labs is, the organization we have in HPE. Which, researchers threats, we run, deception networks that collect information about different threats that are out there, as well as, we have telemetry that comes from our customers network so that we can track what's going on in the environment.
the Threat Labs team analyzes all of that, and they are responsible for managing our threat feeds that, help us, block and mitigate for. these threats in real time.
MICHAEL BIRD
so David, can you give some of the, the highlights of the report?
DAVID HUGHES
Yeah. I'm not sure you'd say highlights when you're talking about, things being compromised, but when you look at the stats, what you'll see is that it's affecting all industries, but in particular we see a concentration in financial services and technology and in, in governments.
And, you
Know, the attacks are coming both from. nation states as well as organized, syndicates that, really set up like enterprises. They're very organized and very methodical in terms of how they're going about, attacking and the, and monetizing their capabilities
MICHAEL BIRD
are these emerging threats or are these sort of threats been around for a while, but they're maybe changing?
DAVID HUGHES
there's always new techniques. but one of the things with ag gentech AI and automation is that you are able to use some of the older techniques, but without having, to have a human in the loop, you are able to, deploy them more broadly and more rapidly.
MICHAEL BIRD
So, how should organizations combat that sort of thing? Or is it something that HPE, releases out to customers? So customers don't need to do anything?
DAVID HUGHES
so generally when people deploy, say our firewall solutions, part of that subscription is a threat feed.
And so every day they're getting updates dynamically based on the threats that we are seeing in the field and how they're evolving. there's also things like the Cyber Threat Alliance where all the leading vendors share. cyber threat intelligence. And so the combination of what our research team does along with what we learn in the industry, along with other open source feeds, those all go into
the threat feeds that we distribute to customers.
And the customers themselves don't have to do anything. This is all automated.
MICHAEL BIRD
so how do you go about building security into, to a network from the start?
DAVID HUGHES
Yeah. One of the really important things is that with the escalating threats, you really want to use every single technique that you have. And one of the, kind of real latent assets that companies have is their network. The network can be a security sensor and it can be a security enforcement point.
So as a sensor. It's monitoring with Telemetry from the network. You can monitor the behavior of say, All of your iot devices, you may have a door lock that's internet controlled. The telemetry we collect every day, 24 by seven tells us how that door lock should operate. Maybe twice a day.
It calls to a particular, DNS server. And so that we can detect when that changes, when there's anomaly. So if that device is hacked, we see a change in behavior. And so using the network as a sensor. Is one way that you can augment your security strategy. The second thing is using the network as an enforcement point.
So of course firewalls can be used as enforcement points, but you can also block traffic earlier, near the edge in an access point or in a switch if you have a way of. Taking global policy, you know, defined by a security team, and then have that implemented by the network. So a lot of what we are doing at HPE is really at the intersection of networking and security, helping the security teams and the network teams partner with each other and making sure that the network is actually a important piece of the security puzzle.
MICHAEL BIRD
network as a sensor from a security perspective is a really interesting concept because I mean, the door lock example. I guess if you could augment that with other sensors and other information, you could maybe come to some conclusions that as a human looking at that data, you may not be able to come to those conclusions.
Is that the sort of thing
DAVID HUGHES
it's impossible to do as a human. Yeah, because we are collecting billions of data points. Um, and the door lock is just one kind of sensor, so there's hundreds of thousands of types of sensor that we track. And so for every kind of sensor we are building a baseline.
Of what is normal behavior. And from there we know what is anomalous behavior and we don't just have to learn this one customer at a time. It's with fleet learning, so across, our entire customer base. And so that, that's a really important piece of, being able to defend against threats, which use an IoT device as a hopping point.
So coming back to the report, one of the. Things that, we've seen is that in, especially the most sophisticated attacks, they're kind of multi-step. It's not just one thing that you do for the bad guys to get what they want. There's usually a couple of two or three or four or five steps, but often on that chain, in fact, in a majority of cases, on that chain somewhere is an IOT device or a a consumer type device.
And. It That means it's really important to be able to track the behavior of those devices to understand if they've been compromised.
MICHAEL BIRD
because I suppose an, an iot device can sometimes feel a bit, like it's, it's not a proper network device, so maybe it doesn't, maybe organizations don't think they properly need to secure it.
And, and actually what you are saying is sometimes those, those devices can be good. Uh, attack vectors
DAVID HUGHES
those devices. They're basically a complete server inside that IOT device. So it may look like something small or something insignificant, but from the point of view of being a point to leap off from, they're very capable.
MICHAEL BIRD
Yeah. 'cause if you have the ability to be able to write data to it, and it's connected to your network, maybe connected into your network, then you could use that as a good jumping off point.
DAVID HUGHES
Yes
MICHAEL BIRD
Yeah. I'm guessing what we're talking about here to some extent is, is zero trust, with regards to sort of securing your network and, as a way to block entry points into your network.
And, and so that's where Zero Trust comes in
DAVID HUGHES
Well, yeah. Zero Trust is all about making sure that. Users are only able to connect to the applications that they need to be using as part of their organization's policy. And that, um, iot devices are only able to connect to those resources that they need in order to do the job.
So for the example of the door lock, it's connecting back to the manufacturer's website, for instance. now what?
MICHAEL BIRD
What
DAVID HUGHES
Zero trust means when it comes to networking is all about being able to enforce that policy, that global policy, with the network. So rather than having a network where anything can talk to anything, you have a network where each device or each identity can only talk to the resources that identity needs to get its job done.
And so this means that when something's compromised. Instead of it being able to be a leaping leapfrog kind of point to get to anywhere, it's only going to have a few locations or a few applications or a few servers, um, to which it's authorized to connect.
MICHAEL BIRD
And if your door lock tries to connect onto your file server, or a part of the file server, it's never accessed before, the network should be like, Hmm, this isn't right.
DAVID HUGHES
Yeah. In it's two ways of setting up Without zero trust, the, door lock would be able to access the server with a, fine grained zero trust policy that door lock would, wouldn't even be able to see the server. Yeah.
Because that's the whole idea of zero trust, least privilege access. And, it will not be able to even see the things that, it's not allowed to connect to.
MICHAEL BIRD
but of course the balance here is that, there's the, sort of security spectrum. Because on one side you give users and devices access to everything, and from their perspective, everything is completely frictionless. And then the other end of the scale, you give them access to.
Nothing, and the network is completely secure. And so I guess Zero Trust is trying to find that balance of giving really good user experience, but also making sure your network is secure
DAVID HUGHES
I would describe it this way. So in, in the traditional internet when it started, it was really an any, to any network where any server and any university could be used to connect to any server and any other university.
You know, this is back in the 1970s and eighties. and then obviously as it became adopted by enterprise. Things like firewalls were invented so that you could have a good insight and a bad outside and block things coming in and out through a single point. But as things have gotten much, much more complicated over the last couple of decades, people have deployed, firewalls everywhere during what we call segmentation. That's kind of the traditional way any to any, and then cutting back zero trust is really starting from the other end of nothing. Can connect to anything and then adding roles to allow access. So it's kind of a additive rather than subtractive approach.
Now, as you pointed out, it can be frustrating, for users that, want to do something new. there may need to be a policy added for them to be able to do that. But in terms of the, of balancing. the experience of the user with the, safety of the user. I think people are realizing that in the current environment it's much more tilted towards, better to start with default deny, which is another word for zero trust.
MICHAEL BIRD
that was a great interview. Thank you so much, David, for your time. I really, really enjoyed having you, on technology now. Now, Sam, what did you think, what did you think of that?
SAM JARRELL
I really enjoyed the conversation there at the end, about zero trust and starting from the opposite end, which is like default deny. To then adding roles. It actually makes me think a little bit about how, communications functions. So,
when you don't want something to leak, for example, then. You default deny everyone who doesn't need to be working on it. Right? And then slowly over time, you start to bring in more and more people. The closer you get to announcing something. But that's, that way you can keep track of who is in the know about something so that it doesn't go where it's not supposed to.
So it, the zero trust model actually feels very familiar to me
MICHAEL BIRD
we did an episode, a few weeks back where we talked about self-driving networks and it's a really similar conversation.
like you have to think about your network in a different way. if you start from nobody has access to anything and then add things in,
I just wanna talk about the threat landscape as it relates to AI and generative ai. You know, one of the things that I thought was really interesting was the fact that we've maybe come from a place where, if you wanted to create an attack, you would have to
Probably write your own piece of code. but you know, we live in the world of vibe coding. You know, you could probably vibe, code, something like that.
SAM JARRELL
Yeah, that's true. And If you look at the Threat Labs report, it's called In the Wild. I've taken a look through it and what's interesting to me is like how automated.
these attack campaigns and deep fakes can become at this stage. So it's almost like the same as like you would try to automate processes within an actual business. And that's how a lot of these, cyber crime organizations are functioning now is more like a Fortune 500 and less like an underground CD institution but the, Use of AI for like deep faking or phishing and things like that, that to me is scary. And I feel as though I've heard stories about like, now there's needs to be like more human level security protocols with people because you'll have a, person who's being, impersonated maybe on the phone calling a lower level person, and that person works in finance and they're being directed.
to do something that they're actually not supposed to do. But they're getting the pressure of I'm the CEO, or I'm the CFO, I'm telling you, I'm giving permission. But now there need to be more human sort of level protocols where it's like, is there a secret word that only you know, and you've spoken verbally?
Or how, how do you prevent the impersonation from threatening your organization? So to me, that's a fascinating conversation.
MICHAEL BIRD
I've actually had this conversation with family members, and I've basically said, if you get a call or even a video call from me, and I'm asking for money or something that's suspicious, here's what I want you to do. I'm not gonna say on this podcast, but to try and add a human element to it
because you're right, even in the last year, it's become so much more sophisticated and we are getting to the stage where. Even somebody that you are close
to, it's hard to differentiate. and I think saying I could recognize a deepfake video, I think that's potentially a risky thing to do to rely on that.
SAM JARRELL
it starts to introduce more and more of the need for these analog processes, which used to feel quite outdated in order to, uh, to protect us from these much more modern attacks.
Right? So it's funny how it all kind of comes back full circle again
MICHAEL BIRD
Yeah.
I think that's quite interesting. Um, now, Sam, obviously things change incredibly quickly in the world of cybersecurity. However, I did think it was important to leave our interview with a final thought from David about what he thinks people should be doing to what he thinks people should be doing to stay ahead of the curve when it comes to emerging threats.
DAVID HUGHES
there's always been the same defense in depth or multi-layer defense People need to be adopting, all the technology they can, versus putting all their eggs in one basket and thinking that there's one miracle cure, but.
What I'd say is that for HPE networking, we are really focused on making sure our customers are able to use their network as part of an overall security solution. Making sure that security and networking are thought of together. I think for many customers, they think of them as two separate things, and they may be missing out a lot in terms of being able to use the network as a sensor and use the network as an enforcement point.
SAM JARRELL
Okay that brings us to the end of Technology Now for this week.
Thank you to our guest, David Hughes
And of course, to our listeners.
Thank you so much for joining us.
MICHAEL BIRD
If you’ve enjoyed this episode, please do let us know – rate and review us wherever you listen to episodes and if you want to get in contact with us, send us an email to technology now AT hpe.com and don’t forget to subscribe so you can listen first every week.
Technology Now is hosted by Sam Jarrell and myself, Michael Bird
This episode was produced by Harry Lampert and Izzie Clarke with production support from Alysha Kempson-Taylor, Beckie Bird, Alyssa Mitry, and Janessa Ayache. Our theme music was composed by Greg Hooper.
SAM JARRELL
Our social editorial team is Rebecca Wissinger, Judy-Anne Goldman and Jacqueline Green and our social media designers are Alejandra Garcia, and Ambar Maldonado.
MICHAEL BIRD
Technology Now is a Fresh Air Production for Hewlett Packard Enterprise.
(and) we’ll see you next week. Cheers!
SAM JARRELL
Bye y’all