Welcome to CISO Corner, the weekly collection of Dark Reading articles designed specifically for readers and security leaders involved in security operations. Each week we offer articles collected from our news operations, The Edge, DR Technology, DR Global and our Comments section. We are committed to bringing you a diverse set of perspectives to support the work of operationalizing cybersecurity strategies, for leaders of organizations of all shapes and sizes.
In this issue of CISO Corner
-
The race for AI-powered security platforms heats up
-
Why MLBOMs are useful for securing the AI/ML supply chain
-
The fight for cybersecurity awareness
-
An ambitious training initiative that exploits the talents of the blind and visually impaired
-
Vietnamese cybercrime group CoralRaider collects financial data
-
XZ Utils Scare exposes hard truths about software security
-
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
The race for AI-powered security platforms heats up
By Robert Lemos, Contributing Writer, Dark Reading
Microsoft, Google, and Simbian each offer generative AI systems that enable security operations teams to use natural language to automate cybersecurity tasks.
Both Google and Microsoft have committed significant resources to developing generative artificial intelligence (AI) tools for cybersecurity. Microsoft’s Security Copilot can detect breaches, collect and analyze data with the help of generative artificial intelligence. Google’s Twins in security it is a similar rival service.
Now a startup has entered the fray, Simbian, with its own system that leverages generative artificial intelligence and large language models (LLMs) to help security teams by automating the configuration of event management systems (SIEMs) or l security orchestration, automation and response (SOAR). ).
While each offering has its own set of benefits, they all aim to simplify processes for stressed cybersecurity teams. The question that has not yet been answered is whether teams will ultimately trust automated systems to operate as intended.
To know more: The race for AI-powered security platforms heats up
Related: How AI and Automation Can Help Close the Cybersecurity Talent Gap
Why MLBOMs are useful for securing the AI/ML supply chain
Commentary by Diana Kelley, CISO, Protect AI
A machine learning bill of materials (MLBOM) framework can provide transparency, auditability, control, and forensics in AI and ML supply chains.
THE software bill of materials (SBOM) has become an essential tool for identifying the code that makes up an application, but in the age of artificial intelligence (AI), SBOM has some limitations in machine learning frameworks.
A machine learning software bill of material, or MLBOM, could fill gaps left in a traditional SBOM and add protections to data and assets.
To know more: Why MLBOMs are useful for securing the AI/ML supply chain
Related: Where are the SBOMs located today
The fight for cybersecurity awareness
Commentary by Erik Gross, CISO, QAD
Investing in cybersecurity skills creates a safer digital world for everyone.
Spreading risk awareness is the best way to mitigate cybersecurity risk, but the task of constantly training and retraining people on the latest threats can be daunting. The age of artificial intelligence makes everything even more difficult.
Building a culture of safety is critical and can be achieved with careful thought cybersecurity training with a focus on personal approach, storytelling and helping people feel comfortable talking openly about cybersecurity. Humans are unpredictable, and a cybersecurity training process that accepts that humans are complex creatures has been the most successful.
To know more: The fight for cybersecurity awareness
Related: Q&A: The cybersecurity training gap in industrial networks
An ambitious training initiative that exploits the talents of the blind and visually impaired
By Jennifer Lawinski, Contributing Writer, Dark Reading
Novacoast’s Apex program prepares people with visual impairments for careers in cybersecurity.
Blind and visually impaired (BVI) people represent an untapped talent resource cybersecurity companies struggle to attract talent. With just a computer equipped with a screen reader and Braille keyboard, people in the BVI can become valuable collaborators. Two IT CEOs have launched the Apex programme, an on-demand online course for people in the British Virgin Islands looking to enter the cybersecurity field.
So far, four students have completed the course and one has already landed a job as a SOC 1 analyst. Now the White House is involved and there’s even a short film in the works with the Apex program.
To know more: An ambitious training initiative that exploits the talents of the blind and visually impaired
Related: 3 ways companies can overcome the cybersecurity skills gap
Vietnamese cybercrime group CoralRaider collects financial data
By Robert Lemos, Contributing Writer, Dark Reading
With a complex chain of attacks and using Telegram for command and control, CoralRaider targets victims in Asian countries and appears to have accidentally infected itself as well.
A newcomer to the Vietnamese cybercrime scene, a group called CoralRaider is making moves — and rookie mistakes like infecting their own systems — along the way.
Security researchers at Cisco Talos have been monitoring CoralRaider’s activities and found that they are motivated by profit, even as the group has difficulty getting its operations off the ground. So far, Cisco Talos analysts have seen no indication that CoralRaider has yet successfully delivered a payload, but the group is actively working to improve its cybercrime skills.
To know more: Vietnamese cybercrime group CoralRaider collects financial data
Related: Ransomware and junk bank accounts: Cyber threats proliferate in Vietnam
XZ Utils Scare exposes hard truths about software security
By Jai Vijayan, Contributing Writer, Dark Reading
Much of the open source code incorporated into enterprise software stacks comes from small, under-resourced, volunteer-run projects.
The recently discovered backdoor in the XZ Utils tool should be a wake-up call to IT teams that open source repositories are riddled with vulnerabilities.
These projects are run by volunteers, under-resourced and unable to keep up with the latest threats. XZ Utilis is itself a one-person operation. Companies that use code from these open sources do so at their own risk.
Organizations are advised to verify their use code from public repositories and determine whether they have adequate security controls. Experts also recommend that engineering and cybersecurity teams define processes and roles for onboarding open source code.
To know more: XZ Utils Scare exposes hard truths about software security
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
By the Dark Reading staff
The Agency encourages broader use of encryption, data loss prevention, and data rights management to safeguard data, networks, and users.
In its ongoing effort to provide support to both the public and private sectors to achieve a path towards Zero Trust, the National Security Administration has published guidance related to data protection, or as the NSA calls it, the “data pillar.” The agency’s recommendations include the use of encryption, tagging, labeling and more.
Prior to these data security guidelines, the NSA provided detailed guidance on network macro- and micro-segmentation and its role in creating a zero-trust framework.
To know more: NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
Related: The NSA’s Zero Trust guidelines focus on segmentation