IBM has updated its Guardium platform to optimize protections for security threats stemming from the current tech environment: “shadow AI” and quantum exposure. The new IBM Guardium Data Security Center leverages tools from both IBM Guardium AI Security and IBM Guardium Quantum Safe, allowing for cross-environment protection with unified controls in a single dashboard. Data monitoring and governance, data detection and response, data and AI security posture management and cryptography management to deflect quantum attacks can now be managed from an omniscient perspective, allowing security teams to integrate workflows. Continue reading Big Blue Updates Tech in IBM Guardium Data Security Center

President Biden issued the first-ever National Security Memorandum on Artificial Intelligence, outlining how the Pentagon, intelligence agencies and various national security groups should use artificial intelligence technology to advance national interests and deter threats, touching on everything from nuclear weapons to the supply chain. “The NSM is designed to galvanize federal government adoption of AI to advance the national security mission, including by ensuring that such adoption reflects democratic values and protects human rights, civil rights, civil liberties and privacy,” the White House announced in a statement. Continue reading The White House Defines Government Objectives Involving AI

Google introduced Threat Intelligence at the RSA Conference in San Francisco this week. Claiming actionable information at “visibility only Google can deliver, based on billions of signals across devices and emails,” Threat Intelligence draws on the capabilities of the company’s Gemini LLMs, Mandiant cybersecurity arm, and cloud-based VirusTotal tool. An AI-powered Gemini agent “provides conversational search” across the repository of Threat Intelligence, “enabling customers to gain insights and protect themselves from threats faster than ever before,” Google says in a move to empower even small teams without IT departments with threat protection. Continue reading Google Taps AI for Its ‘Threat Intelligence’ Cybersecurity Plan

Responding to a government assessment of recent cyberattacks, Microsoft CEO Satya Nadella issued a company-wide memo prioritizing security. “If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security,” the executive wrote. “In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems,” Nadella added. The escalation sees Microsoft expanding the scope of its Secure Future Initiative based on government recommendations and insights gained from breaches linked to state-sponsored Russian hackers. Continue reading Microsoft Doubles Down on Security Following Cyberattacks

Google has unveiled a new policy, the AI Cyber Defense Initiative, designed to harness the power of artificial intelligence to improve global cybersecurity defenses. The proposed policy aims to counteract rapidly evolving threats by using AI to improve threat detection, automate vulnerability management and enhance incident response effectiveness. The Alphabet company introduced its new plan at the Munich Security Conference, where it also announced it has a pool of $2 million to award businesses and academic institutions for research initiatives involving large language models, code verification and other AI uses for cyber offense and defense. Continue reading Google Targets Global Security with AI Cyber Defense Initiative

Ransomware attacks have surged in the 12 months ending in June 2023, with the United States accounting for 43 percent of the 1,900 attacks reported — 7x greater than that of the second most popular target, the United Kingdom, at 196. The period marked a 75 percent increase in U.S. ransomware attacks, which were perpetrated by 48 different groups including CL0P, a gang believed to have ties to Russia. U.S. companies, governmental organizations and individual consumers were targeted during the period, with healthcare and educational institutions disproportionately impacted, according to a study by cybersecurity firm Malwarebytes. Continue reading U.S. Impacted by Significant Increase in Ransomware Attacks

The cost of a data breach can run as high as $4.54 million today, up from $3.86 million in 2020, according to an IBM study that says the fastest-growing — and costliest — type of cyberattack is ransomware. That’s why more companies are turning to cyber insurance to hedge their bets. Last year, the global market for such policies was estimated to be in the $13.33 billion range, and projected to reach $84.62 billion by 2030. Because the increased frequency of attacks has resulted in increased payouts, insurance providers now often require proof of adequate security measures. Continue reading Companies Turn to Cyber Insurance as Global Threats Surge

Hundreds of amendments are queued up for possible addition to the vast annual defense policy bill. Among those that senators are considering include regulations that address artificial intelligence, cybersecurity and proposals to test election systems for vulnerabilities. Adding cyber measures to the National Defense Authorization Act (NDAA) has become a tradition in recent years because it is “must-pass” legislation and renewed annually. Senate Majority Leader Chuck Schumer (D-New York) hopes to have the Senate’s version of the bill prior to the August recess that commences at the end of this week. Continue reading U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Generative AI for cybersecurity is an emerging category with Google an early entrant. At this week’s RSA Conference 2023 in San Francisco, Google unveiled Cloud Security AI Workbench, a toolkit powered by a customized AI language model called Sec-PaLM that is “fine-tuned for security use cases.” Accenture is the first client to sign up for Workbench. Google also announced it is combining its Google Cloud and Mandiant ecosystems to offer a turnkey solution to ward off threats “from incident response through proactive defense,” drawing on integrations from more than 100 leading cybersecurity vendors. Continue reading Google Workbench Taps AI Tech for Next-Gen Cybersecurity

The Biden administration has issued rules requiring key U.S. companies to meet minimum cybersecurity standards. The new National Cybersecurity Strategy (NCS) calls on software makers and American industry to be more active in the fight to repel hackers and ransomware groups even as the FBI accelerates global efforts to disrupt bad actors. Although the strategy is a policy document rather than an executive order, it represents a major policy shift, escalating participation by both the public and private sectors, while anticipating legislative changes required to give teeth to the plan. Continue reading Biden Advocates Tougher Cybersecurity for Private Enterprise

The U.S. is increasing efforts to thwart technology theft, launching what some are calling a “hack back” attack against adversaries who use illegal means in attempts to steal developmental secrets or strike at supply chains. Operating from 12 metropolitan regions, the new Disruptive Technology Strike Force (DTSF) will enforce laws protecting U.S. advanced technologies from illegal acquisition and use by nation-states. The goal of the DTSF — a joint venture of the Department of Justice and the Commerce Department — is “to strike back against adversaries trying to siphon off our best technology,” deputy attorney general Lisa Monaco said. Continue reading Federal Government Creates Strike Force to Fight Tech Theft

TikTok toured journalists through its new Transparency and Accountability Center last week. Located in Culver City, the facility features monitors displaying infographics that show how TikTok’s recommendation engine and content moderation affect the short-form videos that are the basis of its viral app. Computer workstations running a “code simulator” were made available so visitors could explore firsthand how the app’s algorithms influence video propagation. TikTok COO Vanessa Pappas told attendees that the new center, in development since 2020, aims to give lawmakers and others a more personal experience than the virtual tours previously offered. Continue reading TikTok Ups Transparency Efforts as Government Heat Builds

Anticompetitive practices, outrageous ticket fees and poor customer service were among the allegations leveled at Live Nation Entertainment Tuesday at a contentious Senate Judiciary Committee Hearing over botched Taylor Swift concert ticket presales by the company’s Ticketmaster subsidiary. Senator Amy Klobuchar (D-Minnesota) called the Live Nation relationship to Ticketmaster “the definition of monopoly,” adding that venues fearful of losing the company’s concerts don’t have the ability to push back because Live Nation is “so powerful that it doesn’t even need to exert pressure, it doesn’t need to threaten because people just fall in line.” Continue reading Senators Grill Live Nation on Antitrust After the Swift Debacle

Software company Kaseya was targeted by a cyberattack starting Friday that has since spread to hundreds of mainly small and medium-size businesses. On Monday, Kaseya chief executive Fred Voccola reported to Anne Neuberger, the deputy national security advisor for cyber and emerging technology, that the attackers demanded a $70 million ransomware payment and that his company wasn’t aware of any breach of critical infrastructure impacting national security. According to experts, the attackers may be members of REvil, a Russian cybercriminal group. Continue reading Massive Ransomware Attack Affects Hundreds of Businesses

On the heels of a cyberattack on Twitter this summer, the New York State Department of Financial Services (DFS) called for a dedicated regulator to oversee big social media platforms. In a 37-page report, the department described the July 15 attack in which accounts of Barack Obama, Joe Biden, Jeff Bezos, Elon Musk and others were hacked and used to promote a cryptocurrency scam. Three people have since been charged with posing as employees to launch that attack, which relied on relatively simple tactics. Continue reading New York State Calls for a Dedicated Social Media Regulator