The challenges within the AI supply chain mirror those of the broader software supply chain, with added complexity when integrating large language models (LLMs) or machine learning (ML) models into organizational frameworks.

Cybersecurity professionals face a dilemma: sharing information after an attack can prevent future incidents, but businesses often hesitate due to fears of litigation, customer inquiries, and reputational harm.

A cost-effective encryption strategy starts with effective key management, which involves making critical decisions about where to store encryption keys, how to manage them, and how to prepare for the post-quantum future.

AI systems trained to excel at tasks can learn to lie and deceive in order to gain an advantage, posing serious risks to society such as fraud, election tampering, and even the potential loss of human control over AI.

NIST has only analyzed 2 of the nearly 2,000 new vulnerabilities received in May. The backlog is attributed to an increase in software and vulnerabilities, as well as a change in interagency support, according to NIST.

Tokens are valuable assets for threat actors, as they can be easily obtained through various attack methods and provide unauthorized access to corporate systems without requiring multi-factor authentication.

Red teaming involves employing ethical hackers to rigorously test AI systems for security and safety issues. It is crucial for developing responsible AI that balances innovation and compliance with ethical standards and regulatory requirements.

US officials say that a notorious Chinese hacking operation named Volt Typhoon has permanently altered the cyberthreat landscape by moving beyond traditional nation-state espionage goals and instead aiming to cause disruption and sow societal panic.

Password protection alone is not enough to securely protect files and drives, as it can be easily circumvented, and hardware-based encryption is recommended for robust data security.

Cybersecurity experts at the RSA Conference highlighted the growing sophistication of cyber threats, including the expanding attack surface, identity-based attacks leveraging AI-generated deepfakes, and the use of generative AI to create malware.