Hundreds of amendments are queued up for possible addition to the vast annual defense policy bill. Among those that senators are considering include regulations that address artificial intelligence, cybersecurity and proposals to test election systems for vulnerabilities. Adding cyber measures to the National Defense Authorization Act (NDAA) has become a tradition in recent years because it is “must-pass” legislation and renewed annually. Senate Majority Leader Chuck Schumer (D-New York) hopes to have the Senate’s version of the bill prior to the August recess that commences at the end of this week. Continue reading U.S. Senate Aims to Add Cyber Amendments to Defense Bill

Advancing President Biden’s push for responsible development of artificial intelligence, top AI firms including Anthropic, Google, Microsoft and OpenAI have launched the Frontier Model Forum, an industry forum that will work collaboratively with outside researchers and policymakers to implement best practices. The new group will focus on AI safety, research into its risks, and disseminating information to the public, governments and civil society. Other companies involved in building bleeding-edge AI models will also be invited to join and participate in technical evaluations and benchmarks. Continue reading Major Tech Players Launch Frontier Model Forum for Safe AI

President Biden has secured voluntary commitments from seven leading AI companies who say they will support the executive branch goal of advancing safe, secure and transparent development of artificial intelligence. Executives from Amazon, Anthropic, Google, Inflection, Meta, Microsoft and OpenAI convened at the White House on Friday to support the accord, which some criticized as a half measure, claiming the companies have already embraced independent security testing and a commitment to collaborating with each other and the government. Biden stressed the need to deploy AI altruistically, “to help address society’s greatest challenges.” Continue reading Top Tech Firms Support Government’s Planned AI Safeguards

The Biden administration has unveiled a new labeling system for smart devices. The U.S. Cyber Trust Mark identifies consumer electronics and appliances that meet security standards and are less vulnerable to cyberattacks. Companies including Amazon, Google, LG, Qualcomm, Samsung and retailer Best Buy participated in announcing the voluntary program. The Connectivity Standards Alliance (CSA), purveyor of the Matter smart home standard, has also pledged support. The program is scheduled to roll out in 2024. Devices bearing the U.S. Cyber Trust Mark will have met security standards established by the National Institute of Standards and Technology (NIST). Continue reading White House Announces Smart Device Cybersecurity Labeling

The Biden administration has issued an implementation framework for its National Cybersecurity Strategy, detailing how the federal government plans to regulate digital security issues. The highly anticipated document lists more than 65 initiatives for executing the “five pillars” of the March 2023 U.S. National Cybersecurity Strategy, described as a “bold, affirmative vision for cyberspace.” The implementation takes a two-pronged approach: empowering capable actors who can bear more of the security responsibility, and the need for incentives that facilitate investment in long-term resilience. Continue reading White House Releases Plan for Cybersecurity Implementation

Meta Platforms CEO Mark Zuckerberg received a letter this week from Senators Richard Blumenthal and Josh Hawley of the Subcommittee on Privacy, Technology & the Law that took the executive to task for an online leak of the company’s LLaMA artificial intelligence system. The 65-billion parameter language model, which is still under development, was open-sourced in February. Available on request through Meta’s GitHub portal, it wound up on 4chan and BitTorrent “making it available to anyone, anywhere in the world, without monitoring or oversight,” the senators wrote. Continue reading Senators Question Meta Platforms About Recent LLaMA Leak

A new government agency that licenses artificial intelligence above a certain capability, regular testing, and independent audits were some of the ideas to spring from a three-hour Senate judiciary subcommittee hearing to explore ways in which the government might regulate the nascent field. OpenAI co-founder and CEO Sam Altman advocated for all of the above, stressing the need for external validation by independent experts, strict cybersecurity, and a “whole of society approach” to combatting disinformation. While Altman emphasized AI’s advantages, he warned “if this technology goes wrong, it can go quite wrong.” Continue reading Politicians and Tech Leaders Gather to Discuss Regulating AI

Generative AI for cybersecurity is an emerging category with Google an early entrant. At this week’s RSA Conference 2023 in San Francisco, Google unveiled Cloud Security AI Workbench, a toolkit powered by a customized AI language model called Sec-PaLM that is “fine-tuned for security use cases.” Accenture is the first client to sign up for Workbench. Google also announced it is combining its Google Cloud and Mandiant ecosystems to offer a turnkey solution to ward off threats “from incident response through proactive defense,” drawing on integrations from more than 100 leading cybersecurity vendors. Continue reading Google Workbench Taps AI Tech for Next-Gen Cybersecurity

The U.S. and a coalition of international government agencies have issued joint guidance that aims to get software companies to heighten security for their products. “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default” takes the position that today’s software is insecure by default and it is the customer’s burden to take steps to make it safe. Manufacturers should make their products safe before they ship by taking steps including deprecating the “default password,” writing their programs using only secure coding languages, providing free patches and setting up vulnerability reporting programs. Continue reading U.S. Agencies Join Global Coalition in Secure Software Push

Amidst calls to put the brakes on large language model development, OpenAI CEO Sam Altman has hit the global circuit to tout the advantages of artificial intelligence and commercial opportunities with his firm. Altman’s 17-city tour includes stops in Washington D.C., Toronto, Tokyo, Rio De Janeiro, Lagos, London, Paris, Madrid, Brussels, Munich, Tel Aviv, Singapore, Dubai, New Delhi, Jakarta, Seoul and Melbourne. On Monday, Altman met with Japanese Prime Minister Fumio Kishida and other government officials, vowing to collaborate on protecting user privacy and data protection. Continue reading OpenAI’s Altman Talks Up Machine Learning on Global Tour

In what the White House says is a precedent-setting move, President Biden has signed an executive order prohibiting use by the U.S. Government of “commercial spyware,” powerful cyber technology used by state actors to spy on journalists, dissidents and human rights activists. The White House defined the class of apps as “sophisticated and invasive cyber surveillance tools sold by vendors to access electronic devices remotely, extract their content, and manipulate their components, all without the knowledge or consent of the devices’ users,” explaining such technology “has proliferated in recent years with few controls and high risk of abuse.” Continue reading Biden Restricts the Government Use of Commercial Spyware

A bipartisan Senate bill to mitigate risks from adversarial nations is making its way around the hill. The Restricting the Emergence of Security Threats that Risk Information and Communications Technology (RESTRICT) Act directs the Commerce Department to implement procedures that “identify, deter, disrupt, prevent, prohibit and mitigate” foreign technology threats, as well as requiring Commerce to make available to intelligence agencies declassified information on the nature of the risk. The legislation is the most recent salvo by Congress in its attempt to repel invasive technologies by countries whose values clash with ours, exemplified by TikTok and China. Continue reading Senate RESTRICT Act Cracks Down on Tik Tok, Foreign Tech

The Biden administration has issued rules requiring key U.S. companies to meet minimum cybersecurity standards. The new National Cybersecurity Strategy (NCS) calls on software makers and American industry to be more active in the fight to repel hackers and ransomware groups even as the FBI accelerates global efforts to disrupt bad actors. Although the strategy is a policy document rather than an executive order, it represents a major policy shift, escalating participation by both the public and private sectors, while anticipating legislative changes required to give teeth to the plan. Continue reading Biden Advocates Tougher Cybersecurity for Private Enterprise

As technology leaders manage pressure to control costs, cloud computing expenditures are getting increased scrutiny. Dedicated teams to manage cloud spending and dedicated tools designed to increase efficiencies are two of the measures being employed. The result is that while cloud spending continues to increase, it is at a slower pace than had been expected. The latest Gartner projection posits worldwide growth of 18.5 percent, to $576.5 billion this year, slightly less than the 18.8 percent uptick previously forecast. This follows a Synergy Research finding of 27 percent Q4 U.S. growth, lagging the 31 percent expected. Continue reading CTOs Prioritize Controlling Cloud in Tough Economic Climate

A new generation of cybersecurity solutions is gaining attention for merging corporate networks with security tools like malware protection into one system that can be centrally managed. Akamai, Cisco, Cloudflare, Zscaler, Palo Alto Networks and others have begun offering consolidated cybersecurity platforms that span IT, operations and security, leveraging resources and theoretically reducing costs through shared expenses. Having all eyes on traffic and workloads via a single framework may also make it possible for chief information officers and IT personnel to be more effective and focused. Continue reading Cloud Platforms Combine Security, Operations for Efficiency