Security

Toward a Standardized Security Reference Architecture for SMBs and Small Governments

May 16, 2024 by Open Group

By John Linford, Security Portfolio Forum Director, The Open Group & Michelle Horrobin, Digital Portfolio Director, The Open Group

As has become evident in recent years and even months, modern organizations offer new products which are, more and more, dependent on digital components, and need to be secure to avoid falling victim to increasingly sophisticated and increasingly frequent cyber attacks. On top of having organizational, internal reasons for improving their security posture, these organizations also must keep up with increasing scrutiny and compliance requirements from governments and regulatory agencies, as well as customers and partners. Consequently, not only might a successful cyber attack leave an organization unable to operate, but it might also result in media backlash and fines and judgements for breaches and violations for the organization.

Colorado Enacts BIPA-Like Regulatory Obligations (and More), Ushering in a New Era of Biometrics Regulation in the U.S.

May 16, 2024 by Holt Hackney

By David J. Oberly In late April, Colorado took a major step toward adding further complexity to the already fragmented U.S. biometrics legal landscape with the passage of HB 1130. The bill, which amends the […]

Artificial Intelligence: What are the Major Cyber Threats for 2024?

May 3, 2024 by Holt Hackney

By Ed Watal, Founder & Principal — Intellibus Artificial intelligence has become one of the most contentious technologies in history. For every person who hails AI as the force behind the “revolution of work,” another […]

IMF Warns Cyberattacks Threaten Banking Collapse, Financial Firms Must Fortify Defenses

April 30, 2024 by Holt Hackney

Five ways threat actors attack banks and financial institutions. By Erich Kron According to the International Monetary Fund, cyberattacks against the banking and financial services industry are increasing exponentially. The threat level is currently so…

NIST 2.0 as a Framework for All

April 29, 2024 by Holt Hackney

By Utsav Adhikari, of Logpoint Originally developed for federal use, the National Institute for Standards and Technology (NIST) Cybersecurity Framework (CSF) has been widely adopted across the world (and translated into numerous languages) by organisat…

Artificial Intelligence at Its Worst

April 26, 2024 by Holt Hackney

By Shelly Palmer In a disturbing exploitation of AI, former Pikesville High School (Maryland) athletic director Dazhon Darien was arrested for allegedly impersonating the school’s principal using AI voice synthesis to disseminate false racist and…

AI Bias and the Dangers It Poses for the World of Cybersecurity

April 24, 2024 by Holt Hackney

By Khurram Mir, of Kualitatem AI technology is becoming increasingly popular across a range of industries, which are using it to speed up their processes and improve productivity. While this promises to increase efficiency, the […]

AI Cybersecurity Risks and How to Manage Them | Ardoq

April 19, 2024 by Stuart Armstrong

AI is everywhere. In 2023, one-third of respondents to a McKinsey survey confirmed they used generative AI for at least one core business function. The promises of AI are exciting, and the vendors of the tools your organization uses every…

Improving Return on Security Investment: Threat Modeling and The Open Group Open FAIR™ Risk Analysis as a KPI for Agile Projects

April 16, 2024 by Open Group

The first three posts of this series have laid plain the need to supplement ongoing threat modeling activities with quantitative risk analysis, such as the process described in The Open Group Open FAIR™ Body of Knowledge. They’ve briefly discussed a way to incorporate Open FAIR Risk Analysis in the threat modeling process and illustrate how the results would improve return on security investment by deliberately selecting cost-effective combinations of controls. But questions remain: