Unpacking CISA’s AI guidelines

CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both federal and vendor cybersecurity infrastructure in the federal marketplace. In… Continue reading Unpacking CISA’s AI guidelines

Integrating software supply chain security in DevSecOps CI/CD pipelines

NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides acti… Continue reading Integrating software supply chain security in DevSecOps CI/CD pipelines

Released: AI security guidelines backed by 18 countries

The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive da… Continue reading Released: AI security guidelines backed by 18 countries

AI threat landscape: Model theft and inference attacks emerge as top concerns

Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. In this Help Net Security interview, … Continue reading AI threat landscape: Model theft and inference attacks emerge as top concerns

U.S. warns of North Korean hackers posing as IT freelancers

Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investig… Continue reading U.S. warns of North Korean hackers posing as IT freelancers

Navigating the waters of maritime cybersecurity

In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan (NMCP), accompany… Continue reading Navigating the waters of maritime cybersecurity

ENISA Releases Guidelines for Cloud Security for Healthcare Services

The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastruc… Continue reading ENISA Releases Guidelines for Cloud Security for Healthcare Services

Guide: Security measures for IoT product development

The European Union Agency for Cybersecurity (ENISA) released its Guidelines for Securing the IoT, which covers the entire IoT supply chain – hardware, software and services. Supply chains are currently facing a broad range of threats, from physical thr… Continue reading Guide: Security measures for IoT product development

5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity

Over the last decade, I have focused quite heavily on technology and the cybersecurity space. I’ve been motivated to create a world that is more inclusive and safer. In 2019, I began a bit of a different journey. Whilst still motivated in a security po… Continue reading 5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity

In the era of AI, standards are falling behind

According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company builds software in some form or another. As a professional in the field of info… Continue reading In the era of AI, standards are falling behind