A startup led by former AWS and Oracle AI executives completed a Series A funding round to strengthen security around ML systems and AI applications. Seattle-based Protect AI plans to use the $35 million investment to expand its AI Radar tool and research unique threats in the AI and ML landscape.
Supply chain compromise, open-source technology and rapid advances in AI capabilities pose significant challenges to safeguarding artificial intelligence systems. The "giant leap" achieved by systems such as ChatGPT makes it tough to discern whether someone is interacting with a human or a machine.
With both excitement and fear swirling around the opportunities and risks offered by emerging AI, seven technology companies - including Microsoft, Amazon, Google and Meta - have promised the White House they would ensure the development of AI products that are safe, secure and trustworthy.
In the latest weekly update, ISMG editors discuss key takeaways from ISMG's recent Healthcare Summit, how the healthcare sector is embracing generative AI tools, and why Microsoft just decided to give all customers access to expanded logging capabilities.
Organizations went from having little information about their security posture to drowning in so many alerts that no human could possibly understand it all. Broadcom has focused on artificial intelligence for IT operations to help companies identity and remediate the root cause of security alerts.
Unnecessary cyber alerts are a threat that can overwhelm defenders, leading to burnout and reduced efficiency within the team. Chris Waynforth, vice president and general manager at Expel, said adopting automation solutions to filter and prioritize alerts allows for more effective incident response.
Researchers are warning of an uptick in attacks using a series of malicious Microsoft Office documents designed to drop LokiBot, an information stealer capable of sweeping up credentials. LokiBot has been active since 2015 and specializes in information stealing through malicious email attachments.
To rethink security strategies, enterprises should tap into edge computing, adopt technologies such as generative AI and ensure "secure by default" practices, said Fastly Vice President Sean Leach. He discussed the evolving risk landscape and third-party providers' role in managing security.
Generative AI is growing rapidly as organizations seek ways to transform human tasks. With the ability to process and analyze large volumes of data in real time, AI can empower defenders to detect and respond to threats more effectively, said John Giamatteo, cybersecurity president at BlackBerry.
Supply chain attacks, such as the MOVEit data breach that has affected more than 150 organizations, are "the nature of the landscape now," said security leader Ian Hill of Upp Corp. The answer to this scourge may be using generative AI to qualify partners and to analyze and score supply chain risk.
Service providers typically lack the skills and large security teams needed to thwart complex and high-volume cyberattacks on their own, said A10 Networks CEO Dhrupad Trivedi. MSPs telecom and cloud providers struggle to assess the scale of cyber incidents and to detect and remediate them.
Organizations need to adopt a creative approach when building policies around the legal, commercial and reputational risks raised by generative AI tools - such as with privacy, consumer protection and contractual obligations, said legal expert Anna King of Markel.
Cloudflare and Check Point joined Proofpoint and Microsoft atop Forrester's email security rankings, while Trend Micro, Barracuda Networks and Mimecast tumbled from the leaders category. A number of security vendors have gotten into email protection in recent years by acquiring CAPES startups.
As generative AI applications become more common in healthcare, organizations will need to carefully consider critical third-party risk issues involving the use of these technologies, said Damian Chung, business information security officer at security firm Netskope.
A Chinese state hacker is using novel tradecraft to gain initial access to victim systems, according to CrowdStrike. Targeted organizations include those in the communications, manufacturing, utility, transportation, construction, maritime, government, IT and education sectors.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.