Security News

Here is what matters most when it comes to artificial intelligence (AI) in cybersecurity: Outcomes. As the threat landscape evolves and generative AI is added to the toolsets available to...

Global leaders from 28 nations have gathered in the U.K. for an influential summit dedicated to AI regulation and safety. Day one of the AI Safety Summit culminated in the signing of the "Landmark" Bletchley Declaration on AI Safety, which commits 28 participating countries - including the U.K., U.S. and China - to jointly manage and mitigate risks from artificial intelligence while ensuring safe and responsible development and deployment.

The code of conduct provides guidelines for AI regulation across G7 countries and includes cybersecurity considerations and international standards. The Group of Seven countries have created a voluntary AI code of conduct, released on October 30, regarding the use of advanced artificial intelligence.

Google joins OpenAI and Microsoft in rewarding AI bug hunts. Google expanded its Vulnerability Rewards Program to include bugs and vulnerabilities that could be found in generative AI. Specifically, Google is looking for bug hunters for its own generative AI, products such as Google Bard, which is available in many countries, or Google Cloud's Contact Center AI, Agent Assist.

Once they gain access to a healthcare organization's system, cybercriminals can utilize AI to analyze large datasets, allowing them to gather valuable data, such as patients' personal identifiable information, for identity theft, fraud, or ransomware attacks. AI-powered attacks can exploit vulnerabilities in medical devices, compromise electronic health records, or disrupt critical healthcare services - forcing organizations to quickly revert to paper systems and human intervention for equipment monitoring or record exchanges.

The executive order features wide-ranging guidance on maintaining safety, civil rights and privacy within government agencies while promoting AI innovation and competition throughout the U.S. Although the executive order doesn't specify generative artificial intelligence, it was likely issued in reaction to the proliferation of generative AI, which has become a hot topic since the public release of OpenAI's ChatGPT in November 2022. Any company developing " any foundation model that poses a serious risk to national security, national economic security, or national public health and safety " must keep the U.S. government informed of their training and red team safety tests, the executive order states.

Order the development of a National Security Memorandum that directs further actions on AI and security, to be developed by the National Security Council and White House Chief of Staff. Protect Americans' privacy by prioritizing federal support for accelerating the development and use of privacy-preserving techniques-including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.

Google has expanded its bug bounty program, aka Vulnerability Rewards Program, to cover threats that could arise from Google's generative AI systems. Following the voluntary commitment to the Biden-⁠Harris Administration to develop responsible AI and manage its risks, Google has added AI-related risks to its bug bounty program, which gives recognition and compensation to ethical hackers who successfully find and disclose vulnerabilities in Google's systems.

Enterprises will invest nearly $16 billion worldwide on GenAI solutions in 2023, according to IDC. In this Help Net Security interview, Guy Guzner, CEO at Savvy, discusses the challenges and opportunities presented by in-house AI models, the security landscape surrounding them, and the future of AI cybersecurity. Organizations developing in-house AI models have a distinct advantage when it comes to critical security concerns.

Despite advancements in IT security measures, SMBs remain firmly in the crosshairs of cybercriminals, according to Devolutions. Devolutions CEO David Hervieux states, "The results from our survey dovetail nicely with October's National Cybersecurity Awareness Month - as one of our primary goals with this report is to expand awareness of the vulnerabilities that many SMBs face. It's not just about presenting stats but about truly educating the industry on the various pitfalls - and how SMBs can use the survey findings to identify gaps, develop strategies, and make informed decisions regarding their cybersecurity posture."