Security News

At its annual re:Inforce conference, Amazon Web Services has announced new and enhanced security features and tools. To facilitate the concerted push to get customers to secure their accounts with multiple authentication factors, AWS has added support for FIDO2 passkeys as a second authentication method.

Many of the underlying open-source projects are unvetted for the purpose of AI. In return for the massive financial benefits corporations receive by leveraging open source in AI, it is in their best interest to contribute towards community efforts and to the foundational security of the open-source components up front. Making deep and lasting positive change for security universally will require collaboration across industry participants, both for ease and financial gain, as well as to avoid the involvement of further oversight by governmental organizations in both the open source and private sectors.

First, there needs to be a shift in thinking when it comes to data security and an acknowledgment that the threat landscape has become much more complex with the majority of sensitive corporate data now residing in the cloud rather than in dedicated private data centers, multiple servers, network equipment, and storage devices. Instead, organizations must think about adopting a defense-in-depth approach to their security strategy - one that provides continuous insights into what's happening to their mobile devices, and an ability to detect and respond with AI-driven automation to protect sensitive data in the cloud no matter where it goes.

85% of managed service and security providers face significant challenges maintaining compliance for customers, with lack of resources, expertise, or technology cited as the most common roadblocks to offering managed compliance, according to Apptega. While 80% of the surveyed providers provide some form of compliance offering, many only offer compliance in an advisory capacity and only 15% offer compliance primarily as a managed service.

This is why a network security policy must be in place to create security guidelines for devices that transport and store company data. To protect company data and reputation, it is essential to ensure the network is secured from unauthorized access, data loss, malware infestations and security breaches.

Your profile can be used to present content that appears more relevant based on your possible interests, such as by adapting the order in which content is shown to you, so that it is even easier for you to find content that matches your interests. Content presented to you on this service can be based on your content personalisation profiles, which can reflect your activity on this or other services, possible interests and personal aspects.

With Anthropic's map, the researchers can explore how neuron-like data points, called features, affect a generative AI's output. The researchers go into detail in their paper on scaling and evaluating sparse autoencoders; put very simply, the goal is to make features more understandable - and therefore more steerable - to humans.

This week, I hosted the seventeenth Workshop on Security and Human Behavior at the Harvard Kennedy School. This is the first workshop since our co-founder, Ross Anderson, died unexpectedly.

2023 was a year of unprecedented cyberattacks. Ransomware crippled businesses, DDoS attacks disrupted critical services, and data breaches exposed millions of sensitive records. The cost of these...

26% of organizations don’t provide IT security training to end-users, according to Hornetsecurity. The Hornetsecurity survey, which compiled feedback from industry professionals worldwide, also...