Security News

U.S. President Joe Biden has signed an executive order that aims to ban the bulk sale and transfer of Americans' private data to "Countries of concern" such as China, Russia, Iran, North Korea, Cuba, and Venezuela. "Our adversaries are exploiting Americans' sensitive personal data to threaten our national security. They are purchasing this data to use to blackmail and surveil individuals, target those they view as dissidents here in the United States, and engage in other malicious activities," said Attorney General Merrick B. Garland.

The executive order features wide-ranging guidance on maintaining safety, civil rights and privacy within government agencies while promoting AI innovation and competition throughout the U.S. Although the executive order doesn't specify generative artificial intelligence, it was likely issued in reaction to the proliferation of generative AI, which has become a hot topic since the public release of OpenAI's ChatGPT in November 2022. Any company developing " any foundation model that poses a serious risk to national security, national economic security, or national public health and safety " must keep the U.S. government informed of their training and red team safety tests, the executive order states.

Order the development of a National Security Memorandum that directs further actions on AI and security, to be developed by the National Security Council and White House Chief of Staff. Protect Americans' privacy by prioritizing federal support for accelerating the development and use of privacy-preserving techniques-including ones that use cutting-edge AI and that let AI systems be trained while preserving the privacy of the training data.

Federal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. 67% of government agencies are confident or very confident they are prepared to meet the zero trust requirements laid out by the U.S. government's Memorandum M-22-09, which includes implementing security orchestration, automation, and response technology.

In this Help Net Security video, Nick Mistry, SVP and CISO at Lineaje, offers tips to simplify the process of compliance with U.S. Executive Order 14028. A key part of U.S. Executive Order 14028 is for organizations that work with federal agencies to publish accurate Software Bill of Materials.

U.S. President Joe Biden on Monday signed an executive order that restricts the use of commercial spyware by federal government agencies. The order said the spyware ecosystem "Poses significant counterintelligence or security risks to the United States Government or significant risks of improper use by a foreign government or foreign person."

When you install software are you sure it's code you can trust? There are so many questions we need to ask: do you know how that application got to you, how it was built and what third-party software is running under the hood? With no visibility into how that software was built, there was no way to know that that software shouldn't be trusted.

Seventy-two percent of federal cybersecurity leaders say the White House's May 2021 Cybersecurity Executive Order addresses only a fraction of today's cybersecurity challenges, according to a study from MeriTalk. The study - which surveyed 150 federal cybersecurity leaders across Civilian and Department of Defense agencies - found that, while the EO brings cybersecurity issues to the forefront, federal cyber leaders need to shift gears to make real progress.

For too long, both the private and public sectors have not prioritized cybersecurity efforts enough and only acted in "Good faith" - an inadequate effort to improve cybersecurity. Recently, President Biden issued the Executive Order on Improving the Nation's Cybersecurity, to set government standards and best practices for cybersecurity across sectors, and it is good to see the focus on automation.

The Executive Order can be seen as a response to the extent and effect of recent breaches, and the acceptance that Federal departments and agencies are failing to adequately secure their systems. An August 2021 Senate Report titled Federal Cybersecurity: America's Data Still at Risk comments, "This report finds that these seven Federal agencies still have not met the basic cybersecurity standards necessary to protect America's sensitive data."