Collaborate Disseminate
NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides acti… Continue reading Integrating software supply chain security in DevSecOps CI/CD pipelines
The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as intended, are available when needed, and work without revealing sensitive da… Continue reading Released: AI security guidelines backed by 18 countries
Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. In this Help Net Security interview, … Continue reading AI threat landscape: Model theft and inference attacks emerge as top concerns
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the U.S. Department of State, the U.S. Department of the Treasury, and the Federal Bureau of Investig… Continue reading U.S. warns of North Korean hackers posing as IT freelancers
In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government released a first of its kind National Maritime Cyber Security Plan (NMCP), accompany… Continue reading Navigating the waters of maritime cybersecurity
The healthcare sector is undergoing digitalization and adopts new technologies to improve patient care, offer new services for remote patients and reach operational excellence. The integration of new technologies in the complex healthcare IT infrastruc… Continue reading ENISA Releases Guidelines for Cloud Security for Healthcare Services
The European Union Agency for Cybersecurity (ENISA) released its Guidelines for Securing the IoT, which covers the entire IoT supply chain – hardware, software and services. Supply chains are currently facing a broad range of threats, from physical thr… Continue reading Guide: Security measures for IoT product development
Over the last decade, I have focused quite heavily on technology and the cybersecurity space. I’ve been motivated to create a world that is more inclusive and safer. In 2019, I began a bit of a different journey. Whilst still motivated in a security po… Continue reading 5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity
According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company builds software in some form or another. As a professional in the field of info… Continue reading In the era of AI, standards are falling behind
The Forum of Incident Response and Security Teams (FIRST) has released an updated set of coordination principles – Guidelines for Multi-Party Vulnerability Coordination and Disclosure version 1.1. Stakeholder roles and communication paths The purpose T… Continue reading FIRST releases updated coordination principles for Multi-Party Vulnerability Coordination and Disclosure