Page 983«..1020..982983984985..9901,000..»

10% of expired certificates on the internet pose a security threat – Security Magazine

10% of expired certificates on the internet pose a security threat | Security Magazine This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more. This Website Uses CookiesBy closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.

Continued here:
10% of expired certificates on the internet pose a security threat - Security Magazine

Read More..

How Global IPMI is Shaping the Future of Internet and Technology – Fagen wasanni

Exploring the Impact: How Global IPMI is Shaping the Future of Internet and Technology

The global Internet Protocol Managed Implementations (IPMI) is rapidly transforming the landscape of the internet and technology, heralding a new era of digital innovation. This powerful tool is not only revolutionizing the way we interact with technology but also shaping the future of the internet, making it more efficient, secure, and user-friendly.

IPMI is a set of computer interface specifications that allows for the management and monitoring of computer systems independently of the operating system. This technology is particularly beneficial in data centers and large enterprises where it enables administrators to manage servers and networks remotely, thereby reducing operational costs and improving efficiency.

The global IPMI is playing a pivotal role in the evolution of the internet. It is facilitating the transition from traditional, hardware-based networks to software-defined networks (SDNs), a shift that is expected to redefine the internets architecture. SDNs offer numerous advantages over traditional networks, including greater flexibility, scalability, and cost-effectiveness. They allow network administrators to manage network services through abstraction of lower-level functionality, which simplifies network design and operation.

Moreover, the global IPMI is also contributing to the advancement of cloud computing. By providing remote management capabilities, IPMI allows for the seamless operation of cloud-based services. This is particularly crucial in todays digital age, where businesses are increasingly relying on cloud computing for data storage and processing. With IPMI, businesses can ensure the continuous operation of their cloud services, thereby enhancing their productivity and competitiveness.

In addition to transforming the internets architecture and facilitating cloud computing, the global IPMI is also enhancing internet security. By allowing for remote monitoring and management of computer systems, IPMI enables the early detection and mitigation of cyber threats. This is particularly important in an era where cyber-attacks are becoming increasingly sophisticated and widespread. With IPMI, businesses can protect their digital assets and ensure the integrity of their data.

Furthermore, the global IPMI is also driving the development of the Internet of Things (IoT). By providing a platform for the remote management of devices, IPMI is facilitating the integration of various devices into the internet, thereby enabling the creation of smart homes, smart cities, and smart industries. This is expected to revolutionize our daily lives, making them more convenient and efficient.

In conclusion, the global IPMI is shaping the future of the internet and technology in profound ways. By facilitating the transition to software-defined networks, enhancing internet security, driving the development of the Internet of Things, and enabling the seamless operation of cloud-based services, IPMI is heralding a new era of digital innovation. As this technology continues to evolve, we can expect to see even more transformative changes in the way we interact with the internet and technology. The future of the internet and technology is indeed bright, thanks to the global IPMI.

See the article here:
How Global IPMI is Shaping the Future of Internet and Technology - Fagen wasanni

Read More..

Internet of Things (IoT) Meets Hand-Held Chemical and Metal … – Fagen wasanni

The Internet of Things (IoT) is revolutionizing various sectors, and the security industry is no exception. The integration of IoT with hand-held chemical and metal detectors is emerging as the next frontier in smart security solutions. This innovative convergence is set to redefine the way we approach safety and security, offering unprecedented levels of efficiency, accuracy, and convenience.

Hand-held chemical and metal detectors have long been a staple in security protocols across various industries. From airports and schools to industrial facilities and public events, these devices play a crucial role in detecting harmful substances and potential threats. However, the advent of IoT technology is taking their functionality to new heights.

IoT, a network of interconnected devices that communicate and exchange data, is transforming these traditional hand-held detectors into smart, connected devices. By integrating IoT technology, these detectors can now transmit real-time data to a centralized system, enabling immediate response to potential threats. This not only enhances the efficiency of security operations but also significantly reduces the risk of human error.

Moreover, the incorporation of IoT into these detectors allows for remote monitoring and control. Security personnel can now manage and operate these devices from a distance, making it possible to cover larger areas and access hard-to-reach places. This feature is particularly beneficial in hazardous environments where human presence might pose a risk.

The fusion of IoT and hand-held detectors also paves the way for predictive analytics. By collecting and analyzing data over time, these smart detectors can identify patterns and predict potential security breaches. This proactive approach to security can help prevent incidents before they occur, ensuring a safer environment.

Furthermore, the integration of IoT technology enhances the versatility of these detectors. They can now be programmed to detect a wider range of substances, from explosives and narcotics to hazardous chemicals. This broadened scope of detection makes these devices an invaluable tool in various sectors, including law enforcement, industrial safety, and environmental monitoring.

However, as with any technological advancement, the integration of IoT into hand-held detectors also presents certain challenges. Data security is a primary concern, as these devices transmit sensitive information over the network. Ensuring the integrity and confidentiality of this data is paramount. Additionally, the complexity of IoT technology might require specialized training for security personnel, adding to the operational costs.

Despite these challenges, the intersection of IoT and hand-held chemical and metal detectors is a promising development in the realm of smart security solutions. It represents a significant leap forward in our ability to detect and respond to potential threats, offering a more proactive, efficient, and comprehensive approach to security.

In conclusion, the fusion of IoT technology with hand-held chemical and metal detectors is pioneering a new era in security solutions. As we continue to explore this intersection, we can expect to see further advancements that will redefine our approach to safety and security. The future of smart security solutions lies in harnessing the power of IoT, transforming traditional security devices into connected, intelligent systems that offer unprecedented levels of protection.

See the rest here:
Internet of Things (IoT) Meets Hand-Held Chemical and Metal ... - Fagen wasanni

Read More..

Menlo turns up the HEAT on web browser attacks with new threat prevention suite – CSO Online

Menlo Security has announced the release of HEAT Shield and HEAT Visibility, a new suite of threat prevention products designed to tackle web browser attacks. Generally available now across Menlo Security's global network, HEAT Shield and HEAT Visibility prevent attacks from infiltrating enterprise networks and provide actionable intelligence to help mitigate threats, according to the vendor. Both use AI/machine learning (ML) technology and are built upon Menlo Security's cloud-based Isolation Core, which monitors and analyzes over 400 billion web sessions annually, the firm said.

Evasive threats are growing as threat actors evolve how they deploy phishing and malware attacks, targeting users via web browsers. The traditional approach for web security has focused on the server side of the equation, deploying things such as web application firewalls (WAFs) for the purpose. Commonly deployed security infrastructure can be blind to actions occurring inside the browser and fall short in combating web-based attacks. Attackers have spotted that while the front door has been bolted, there's a window round the back that's been left open, and so are finding ways of exploiting that weakness. Hybrid work models and the shift to SaaS/web-based applications have made browsers a prime target for attackers who use malicious websites and file downloads to breach organizations.

Findings from the Q1 2023 Watchguard Internet Security Report show phishers leveraging novel browser-based social engineering strategies to carry out attacks. Watchguard detected several common malicious domains using a web browser's notification features to do the same social engineering techniques that had once been done via pop-ups. The firm theorized that this is because browsers' relatively new notification capabilities don't have the same protections in place as for pop-ups.

HEAT Shield is built to detect and block phishing attacks before they can infiltrate the enterprise network, Menlo said in a press release. It uses AI-based techniques - including computer vision combined with URL risk scoring and analysis of the web page elements - to determine if a link being accessed is a phishing site designed to steal a user's credentials, according to the vendor. It also leverages Menlo's Isolation Core to power dynamic security policies which can be applied to users based on web session events and behavior to prevent attackers from gaining access to the endpoint.

In parallel, HEAT Visibility performs continual analysis of web traffic and applies AI/ML-powered classifiers that identify the presence of evasive attacks. This delivers actionable alerts that enable security teams to reduce mean time to detect (MTTD) and mean time to respond (MTTR) to threats that could be targeting enterprise users, Menlo said.

A HEAT attack dashboard then allows customers to receive detailed threat intelligence, which can be integrated into their existing SIEM or SOC platforms, while HEAT alerts sent to SOC teams provide threat visibility to enrich threat intelligence sources and enhance/accelerate incident response capabilities, it added.

Web browser attacks are a significant threat for modern organizations for a host of reasons, Poornima DeBolle, chief product officer and co-founder, Menlo, tells CSO. "With the growth of cloud apps, the browser is the new desktop, with users spending an average of 75% of their workday using the web browser."

Given the power embedded within the browser (script execution etc.), it's a tool that threat actors can exploit to maximize the success of their attack campaigns, DeBolle says. "Web content is also an advantage to threat actors as they can use tools such as obfuscation and even CAPTCHA to prevent security solutions from analyzing the content and identifying it as malicious. They unveil the real intent only once it is inside the browser on an endpoint at which time it's too late."

Read the original:
Menlo turns up the HEAT on web browser attacks with new threat prevention suite - CSO Online

Read More..

2023: The Year of Edge Computing – Revolutionizing Internet … – Fagen wasanni

Exploring 2023: The Year of Edge Computing Revolutionizing Internet Performance and Security

As we venture into 2023, the world of technology is set to witness a significant shift with the rise of edge computing. This innovative approach to data processing is poised to revolutionize internet performance and security, marking 2023 as the year of edge computing.

Edge computing, in essence, is a distributed computing paradigm that brings computation and data storage closer to the sources of data. This is done to improve response times and save bandwidth, thereby enhancing the overall performance of the internet. The concept is not entirely new, but its potential has been largely untapped until now. As we move into 2023, the technology industry is gearing up to harness the full power of edge computing.

The primary driver behind this shift is the exponential growth of data. With the proliferation of Internet of Things (IoT) devices, the volume of data generated is increasing at an unprecedented rate. Traditional cloud computing models, where data is sent to a central server for processing, are struggling to keep up. Edge computing offers a solution by processing data at the edge of the network, closer to the source. This reduces latency, improves speed, and enhances the user experience.

Moreover, edge computing is set to revolutionize internet security. In traditional models, data is vulnerable during transmission to the central server. Edge computing mitigates this risk by processing data locally, reducing the amount of data that needs to be transmitted and therefore the potential for interception. This is particularly crucial in an era where data breaches and cyber threats are increasingly common.

The benefits of edge computing are not limited to performance and security. It also has the potential to drive significant cost savings. By reducing the amount of data that needs to be transmitted and stored in the cloud, businesses can save on bandwidth and storage costs. Furthermore, by processing data locally, businesses can make real-time decisions, improving efficiency and productivity.

The rise of edge computing in 2023 is also expected to fuel innovation. By enabling real-time data processing, it opens up new possibilities for applications in areas such as autonomous vehicles, smart cities, and healthcare. For instance, in healthcare, edge computing could enable real-time monitoring and analysis of patient data, leading to faster diagnosis and treatment.

However, the transition to edge computing is not without challenges. It requires significant investment in infrastructure and a shift in mindset from centralized to distributed computing. There are also concerns about data privacy and regulation, as data is processed closer to the user.

Despite these challenges, the momentum behind edge computing is undeniable. Major tech companies are already investing heavily in this area, and a growing number of businesses are recognizing the benefits. As we move into 2023, we can expect to see edge computing move from the periphery to the mainstream, revolutionizing internet performance and security.

In conclusion, 2023 is set to be a pivotal year for edge computing. With its potential to enhance internet performance, bolster security, drive cost savings, and fuel innovation, edge computing is poised to transform the technology landscape. As we navigate this exciting new frontier, one thing is clear: the future of computing lies at the edge.

Excerpt from:
2023: The Year of Edge Computing - Revolutionizing Internet ... - Fagen wasanni

Read More..

Deciphering the AIGC Compliance Blueprint (Part III): Security … – Lexology

1. INTRODUCTION

Pursuant to Article 17 of the Interim Measures for the Management of Generative Artificial Intelligence Services (AIGC Measures), providers offering AI-related services with public opinion nature or capable of social mobilization shall conduct security assessment in line with applicable laws and regulations. With respect to the market entry of AIGC products, security assessment is a pivotal step in ensuring both product compliance and user security. As Part III in a series of articles intended to chart the regulatory course for AIGC and explore its potential trajectory under the current legal advancements, this article aims to dissect the complex nature of security assessment by tracing its historical development and exploring the current landscape. This article will also analyze how to formulate and execute effective security assessment strategies, offering insight into facilitating successful market entry of AIGC products.

2. THE SECURITY ASSESSMENT: VERSION 0.5

In 2017, the Cyberspace Administration of China (CAC) already introduced the regulatory approach of security assessment in the Regulations on the Security Assessment of New Technologies or New applications for Internet-based News Information Services (Double-new Measures). The Double-new Measures stipulates that internet news service providers should conduct security assessment and compile a written security assessment report when (1) applying new technologies, adjusting or adding application functions related to news rendering or bearing the public opinion nature or social mobilization capabilities, or (2) causing changes in user scale, functions, technical implementation methods, basic resource allocation and other aspects which lead to significant changes in news rendering, public opinion nature or social mobilization capabilities. Such service providers must submit the required security assessment report to the CAC or its provincial offices for review. This early form of security assessment is what the industry now refers to as the Double-new Assessment (new technology, new application).

However, under the Double-new Measures, the duty to conduct security assessment is confined to providers of internet news information services, in light of which, the security assessment requirement under the Double-new Measures does not apply to AIGC products which does not concern news information services. We refer to this early form of security assessment as Security Assessment 0.5.

3. THE SECURITY ASSESSMENT: VERSION 1.0

A year after the implementation of the Double-new Measures, the CAC issued the Provisions on the Security Assessment of Internet Information Services with Public Opinion Nature or Social Mobilization Capacity (Public Opinion Provisions). This time, the application scope of security assessment was no longer confined to news information services. According to Article 3 of the Public Opinion Provisions, providers of internet information services shall carry out security assessment under the following circumstances:

* Information services with public opinion nature or social mobilization capacity are implemented online, or corresponding functions are integrated into such online information services.

* There are new technologies or new applications that will cause significant changes in information services functions, technical implementation methods, basic resource allocation, etc., thus leading to major changes in public opinion nature or social mobilization capacity.

* User scale is markedly increasing, resulting in major changes in the public opinion nature or social mobilization capacity of such information services.

* Unlawful or harmful information has been disseminated, which indicates that the existing security measures fall short to effectively prevent and control cybersecurity risks.

* Other circumstances occur where cyberspace administrations or public security bureaus at the prefecture level and above notify in writing that security assessment is required.

In such circumstances, providers of internet information services are obligated to conduct security assessment and submit the security assessment report to the cyberspace administrations or public security bureaus at the prefecture level and above via the National Internet Security Management Service Platform (https://www.beian.gov.cn/portal/index.do). The specific requirements for security assessment can be found in Article 5 of the Public Opinion Provisions.

Additionally, cyberspace administrations or public security bureaus have the authority to initiate on-site inspections based on their evaluations. Generally, providers of internet information services should furnish the designated public security bureau with relevant documents for on-site inspections. Looking from the submission window and on-site inspection bodies, the public security bureau is the primary body responsible for implementing Security Assessment 1.0.

Even though Security Assessment 1.0, by law, is closely related to internet information services characterized by public opinion nature or social mobilization capacity, in practice, interpretation of what qualifies as such services is somewhat expansive, virtually covering all products featuring internet information interaction functionalities or channels. The submission process for Security Assessment 1.0 is very transparent, and businesses simply need to accurately complete the forms and submit their assessment reports under the guidance of the Security Assessment User Manual available on the National Internet Security Management Service Platform. Generally, the review of the security assessment reports, from submission to approval, can be accomplished within a month.

4. THE SECURITY ASSESSMENT: VERSION 2.0DEADLINE

Fast forward to 2023, a year of exceptional growth and development in the field of artificial intelligence. AIGC product developers, primarily those working on large models, are now required to provide comprehensive Double-new Assessment reports to the CAC. Such reports must meet extensive requirements, normally including over a hundred pages of meticulous details, which are quite different from Security Assessment 1.0 reports submitted via the National Internet Security Management Service Platform. Hence, we refer to this as Security Assessment 2.0.

The primary regulatory targets of Security Assessment 2.0 are AIGC developers. Based on our experience and observations, Security Assessment 2.0 differs from Security Assessment 1.0 in the following ways:

Regulatory authorities have been closely monitoring the potential security risks of AIGC products for some time. Back in 2021, the CAC, along with the Ministry of Public Security (MPS), issued directives to strengthen the security assessment of emerging internet technologies and applications, especially those related to voice-centric social media and deepfake technologies. The cited legal basis then was the Public Opinion Provisions. Fast forward two years to today, and we now see significantly enhancements in the rigor of regulatory oversight, with major AIGC product developers currently grappling with the requirements of Security Assessment 2.0.

Interestingly, Security Assessment 2.0 appears to be implemented in practice despite a lack of clear statutory guidance. Pursuant to Article 6 of the draft AIGC Measures, service providers shall declare the security assessment to the CAC before launching any AIGC products to the public per the Public Opinion Provisions. Compared to Security Assessment 1.0, Article 6 of the draft AIGC Measures revise up the regulatory body from the cyberspace administration offices or public security bureaus at the prefecture level and above to the CAC. Hence, it was once perceived as the legal basis for Security Assessment 2.0.

But in the officially released AIGC Measures, the requirements for declaring security assessment to the CAC have been modified. It now states, those providing AIGC services with public opinion nature or social mobilization capacity, security assessment should be conducted according to relevant provisions of the state. This updated, albeit somewhat nebulous, statutory requirement may be interpreted in several ways:

* Possible Interpretation 1. AIGC services with public opinion nature or social mobilization capacity fall under the category of internet information services with public opinion nature or social mobilization capacity. Thus, AIGC service providers should satisfy the relevant requirements set forth in the Public Opinion Provisions, including the submission of Security Assessment 1.0.

* Possible Interpretation 2. The term relevant provisions of the state is not confined to the Public Opinion Provisions. Therefore, AIGC service providers should also comply with other applicable laws and regulations. If other applicable laws and regulations put forward similar security assessment requirements, AIGC service providers should also fulfill their relevant assessment obligations in accordance with such laws and regulations.

In addition, the requirements for security assessment also recur in other AI-related legislations. For instance, providers of algorithmic recommendation services that bear public opinion nature or social mobilization capacity must conduct security assessment. Similarly, providers and technical supporters of deep synthesis services with specific functionalities must also perform security assessment according to relevant laws and regulations. The recurring requirements of security assessment across different legislative frameworks inevitably cause confusion among businesses. Consequently, we cautiously foresee that the CAC may introduce auxiliary regulations or specific assessment guidelines for Security Assessment 2.0 in the future, thereby filling the current legislative gap.

5. THE SECURITY ASSESSMENT: MIIT VERSION

In addition to Security Assessments 0.5, 1.0, and 2.0, all of which were supervised by the cyberspace administration offices or public security bureaus, the Ministry of Industry and Information Technology (MIIT) introduced another variant of security assessment, referred to as the MIIT Version.

The inception of the MIIT Version can be traced back to the Internet New Business Security Assessment Management Measures (Draft for Comments) (the MIIT Measures). It was promulgated by the MIIT in 2017, which requires telecommunications business operators to carry out security assessment - also known as Double-new Assessments - regarding potential cybersecurity threats that their new Internet services may pose. Despite the MIIT Measures not having officially taken effect, the MIIT has subsequently released a succession of industry standards that pertain to the security assessment of new internet technologies and services within the telecommunications sector. This progression has enabled the practical implementation of the MIIT Version of the security assessment:

The MIIT Version of security assessment currently operates under a well-established service procedure, and recognized assessment institutions are available to conduct the process. Notably, the content of the MIIT Version largely intersects with the requirements of Security Assessment 2.0. The extent to which the CAC, MIIT, and MPS will coordinate and harmonize their regulatory scopes and benchmarks in the future remains an open question.

6. CONCLUSIONS

The existing dialogue surrounding security assessment remains ambiguous, leaving businesses in dire need of further clarification and definition from the regulatory authorities. Its indisputable that Security Assessment 2.0 has emerged as the toughest hurdle to cross before AIGC products can enter the market. We would strongly advise businesses that havent commenced preparation to deal with this matter with utmost seriousness. Initiating internal projects at an early stage, dedicating personnel, and enlisting external legal help if needed, could be instrumental in facilitating the smooth market entry of AIGC products.

Read the rest here:
Deciphering the AIGC Compliance Blueprint (Part III): Security ... - Lexology

Read More..

AI and cyber: everyone, everywhere | Professional Security – JTC Associates Ltd

Check Point Head of Engineering US East, Mark Ostrowski, says AI is rapidly transforming enterprise endeavours. He provides frameworks for thinking about AI as it relates to cybersecurity, delves into how to assess the accuracy of security products, explains recent advancements in AI-powered cyber security tools, and so much more.

How is AI becoming an everyday tool within the cyber security corporate world?

I would answer this question in two different ways. The first way is, from a pure cyber security perspective, AI is a critical component of providing the best threat prevention. Check Point has over 70 engines that give us the ability to have the best prevention in the industry. And almost half of those involve some type of artificial intelligence. But thats not new. Thats something thats been going on for many, many, many years. So thats one aspect.

I think the area in which its become the most interesting, as of recently like from December of last year and onwards is how much generative AI, things like ChatGPT, has moved beyond that gimmick phase. Now, its like how do we incorporate generative AI in our products? Or in our customer service model? Or How do we take that technology and then make what we do better by leveraging this technology? And were seeing it all over the place. Were seeing it, like I mentioned, with getting better customer success, were seeing it in relation to creating more accurate data so that we can deliver a better product. And thats really industry independent. So, thats what I would say are the two things that Ive noticed the most in recent years all the way to the present day.

So, why is data such a core component of any AI technology?

Im not a mathematician or a data scientist, but AI from my perspective was really born from What do we do when we have so much data? Were talking about hundreds of thousands, millions or billions of data points on a daily basis. So, when you start to look at why AI is important, and how math, and how algorithms and how all of the things that were talking about have come about, its because of the vast quantity of data that we have.

The amount of data that we have is really proportional with how lets just take internet security as an exampleten years ago, we had far fewer microphones and cameras, and IoT devices, and then you fast forward a decade and look at how much devices are connected technological advances have occurred. Thats why AI is so important the only way that you can actually process that amount of data is with a better artificial intelligence or machine learning approach.

If organizations are looking at various AI-based security solutions, what kinds of engines should they look for?

Lets just look at cyber security from a pure preventative perspective first. When you look at the industry and hear all of the chatter, everybody is saying that they have AI in their product now, just because thats turned into the buzz, right?

What you need to watch to really break it down is how theyre actually using AI to give better outcomes in the cyber security field. And that kind of goes back to the first question, right? Theres a difference between Im going to build a generative AI model that helps customers search my website to get better data versus how does the company that Im looking to do business with leverage AI that actually gives me better security outcomes? And that actually ties back into the previous question that you asked, around data. So, you factor in the people, take the data, you take the math itself in the machine learning models, and you put that all together when you make a decision around who youre going to put your trust in to get better cyber security outcomes, they really should have all three components of that, delivering something that can prevent an attack.

And we havent even talked about how, after you have the AI and machine learning model start making decisions, you have to have the infrastructure that can actually block the attack itself. So, whether its on your mobile device, whether its on your network, your cloud instance or in your code repository really when you think about this question, its about not only having the best AI and the best data and the best people and the best map, but its also about how can I take that verdict and actually create an outcome that makes my organization safer? So, I think those are critical components of any decision that anybody would make.

How do solutions providers ensure the accuracy and reliability of AI models?

This is a little bit more of a technical question. I think, when we think about artificial intelligence, if you consider how its matured over even just a short period of time, you kind of had basic machine learning models lets take the most common use-case example: Google images, for looking at images. The reason as to why you can go to Google Images and type in whatever you want to type in, and you get 1,000s of responses is because there was a model that was trained to (metaphorically) say, hey, this is what a [strawberry, alien, fill-in-the-blank] looks like. These are the characteristics of it.

So, every time that the model is looking at an image, I can then predict that it is going to be what I had searched for. So, thats kind of the classic machine learning model You establish whats called ground truth, and then from there, you just use the model to perform work thats unsupervised, and in this unsupervised way, create the recognition of particular images. Whats happened over the years is that weve moved from that classic machine learning to deep learning. And then to multiple layers of deep learning, which is neural network capability, which really tries to mimic how our brains work. It makes a lot of decisions in a very quick fashion, and with very high accuracy and precision.

If you look at the maturity of artificial intelligence in the cyber world and the evolution of leveraging this technology, it just gives us the ability to have better outcomes, because were looking at more things, and more layers and able to arrive at more precise outcomes. And again, if you look at ChatGPT, to rewind a bit, think of how much data is being fed into that model to be able to give the responses that we have. That accuracy is because of how much data was put in and because of the accuracy of the actual model is itself. So, all of these things are sort of intertwined and give you that accuracy that people are looking for.

How do research teams and data scientists contribute to the continuous performance and development of AI models?

Im not a data scientist, but when you think about Check Points approach to this weve dedicated a lot of really smart people to our research. So, its not just about hey, I have this great algorithm, and I have all of this data that Im feeding into it, Im going to get this result that Im looking for.

I think that we can look at Check Point Research and how that team has really elevated our ability to provide the best prevention. Theres a human element to AI development. There needs to be constant feedback, there needs to be constant evolution. There needs to be human research, right? Not just the artificial intelligence engines doing the research.

I think that when you tie that all together, it gives you better performance, it gives you better accuracy and more relevant data. Because, at the end of the day, we havent reached the point in our world where machines are taking over, right? So the extent to which research and data scientists are looking at the algorithm, looking at how to process the data, looking at how to enrich the data, taking more and more different areas of telemetry these are things that are being made by very smart people, like data scientists and researchers, and that ultimately gives us the results that were looking for. So, the human dimension of the feedback loop is super important.

Is there anything else that you would like to share?

In summary, weve talked a lot about artificial intelligence, obviously. If you think about it, in a very large scope, AI has really dominated a lot of the conversations in media, as well as in the cyber world and even outside the cyber world. Its amazing how extensive the curiosity has become. Ill get questions from relatives that I never would have thought would murmur the word artificial intelligence, and now, theyre asking Mark, should I be doing this? or Is this a tool that I should be using? And I think thats what makes it most interesting. Its become pervasive, really for everybody, in our everyday lives.

We look at things like Siri and Alexa as these things that are kind of nice to have around the house. But the fact that AI is so deeply rooted in those types of things is something that people need to consider. With the cars that we drive my car is able to recognize traffic patterns and make turns for me those things are possible because of strong artificial intelligence.

AI is not only going to become more and more pervasive, as the technologies get stronger and stronger, but I also think that there should be some recognition around where the limits should be. Thats in the future thats something that will come in later, and I think that well be able to throttle that either negatively or positively as things develop.

One follow-up question: It sounds like you have some concerns around household AI, like Siri and Alexa. Could you perhaps elaborate on that?

Yeah. Lets just use a very simple example. If you think about how powerful generative AI has become in a very short period of time, and you think about, through a pure safety perspective in the social world, having your voice, your images, your information about where you go and where you visit, all of this information is now sort of publicly out there more than its ever been before.

And now, we have this technology that can actually take a lot of that information and in a very short period of time, create something or predict something that perhaps we dont want to be predicted. So I think that from a pure safety perspective, I think those are things that as consumers, as fathers, as mothers, as grandparents, we should really think about how much data do we want to put out there?

Because the reality is that if someone is looking to cause harm or to take advantage, the more data that they have, the more acute and severe the attack could be. I think thats the negative side of this. And I say that because in the cyber world, we always like to consider negative outcomes because were always trying to prevent attacks.

Its not to say that all of it is negative With really good AI comes really good outcomes too, like safer driving. Or medical field advances. We might have advancements in pharmaceuticals that we may never have otherwise imagined.

So, there are many positive outcomes that could come from this. But I think that sometimes we have to take a step back and think about how we can protect ourselves by avoiding distributing data and unintentionally giving threat actors or folks who want to do harm more data than we would like. Thats the concern that I have, especially when I look around at how pervasive AI has become and how much data is out there. Thats where I think that we should maybe throttle back a little bit, until we understand the guardrails that are going to be put forth, ultimately advancing our use of technologies like AI.

Continue reading here:
AI and cyber: everyone, everywhere | Professional Security - JTC Associates Ltd

Read More..

CERT-In warns users of AI-powered FraudGPT: Stay safe from cyber fraud – The Economic Times

CERT-In, the internet security agency, has issued a warning against FraudGPT, an AI-powered Chatbot that poses a significant risk in the realm of cybersecurity. This cutting-edge tool is being exploited by fraudsters to craft fraudulent content for cyber fraud and criminal activities.The Deceptive Capabilities of FraudGPTFraudGPT has the ability to produce highly authentic-looking phishing emails, text messages, and websites. This makes it difficult for users to discern genuine communications from fraudulent ones, leading to the inadvertent disclosure of sensitive information such as login credentials, financial details, or personal data.Furthermore, the AI-powered chatbot can generate deceptive messages to lure users into clicking on malicious links or downloading infected attachments, exposing them to malware infections. FraudGPT can even simulate human-like conversations, allowing hackers to engage with users and extract sensitive information or carry out harmful actions. Additionally, the tool can be employed to forge documents, invoices, and payment requests, facilitating financial scams.How to protect yourself with CERT-In's tips?To safeguard against the dangers of FraudGPT and other cyber threats, CERT-In recommends the following precautionary measures:

More here:
CERT-In warns users of AI-powered FraudGPT: Stay safe from cyber fraud - The Economic Times

Read More..

AFP helping to increase cyber safety awareness across the Pacific – Australian Federal Police

Editors note: Images available via Hightail.

The AFP is training and upskilling police officers across the Pacific in cybercrime investigations and delivering cyber safety education and awareness programs to assist Pacific police partners to keep their communities safe and secure online.

Cyber Safety Pasifika (CSP) was established by the Pacific Islands Chiefs of Police (PICP) with the aim of increasing cyber safety awareness in Pacific communities and upskilling Pacific police in the conduct of cybercrime investigations.

The AFP, through the Pacific Police Development Program Regional (PPDP-R), delivers CSP on behalf of the PICP to support safety and security across the Pacific region. CSP has rolled out training in Vanuatu, Kiribati, Fiji, Nauru and Samoa during the last year, with police force members from Papua New Guinea, Tuvalu, Tokelau, Solomon Islands and Tonga also taking part.

Participants undertook CSPs two key foundation programs Cyber Safety Awareness and Education Community Trainer, and Cybercrime Investigations.

CSPs awareness and education program equips Pacific police partners with the skills and confidence to deliver presentations to their communities on safely navigating the digital landscape. The program also aims to develop some of those partners into trainers in line with the by the Pacific, for the Pacific philosophy, thereby supporting Pacific police to lead the delivery of CSP courses in the future.

The cybercrime investigation program helps participants understand and investigate cyber and technology-enabled crime offences. The course equips Pacific police with tools and techniques that they can utilise in their unique environments when responding to cyber threats and incidents.

Over the past five years, 365 Pacific police officers have undertaken a face-to-face CSP program across 17 Pacific nations. Programs were delivered virtually during the COVID-19 pandemic to ensure police officers could still train and upskill.

The AFP partners with numerous organisations including the Australian Cyber Security Centre, the Asia-Pacific Network Information Centre, Digicel, the FBI, Meta, and New Zealand Police to ensure CSP programs are delivered by subject matter experts.

AFP Detective Superintendent PPDP-R Kathryn Polkinghorne said it was more important than ever to grow cyber capability across the Pacific.

The CSP program is extremely important to the Pacific region in raising community awareness and helping police officers enhance their skills and awareness in the effort to combat cybercrime, Detective Superintendent Polkinghorne said.

As internet connectivity across the Pacific region increases, cybercrime becomes a greater risk, so it is vital that police and the broader community know how to stay safe online.

The AFP is committed to working with our partners to support the Pacific to engage safely in the digital environment, noting the benefits for communities flowing from safe online connectivity.

The AFP has delivered the CSP program in Nauru and Samoa in recent months.

More than 50 police officers took part in the CSP program held in Nauru, including participants and observers from the Department of Education, Womens and Social Development Affairs, Nauru Government Information Office, Nauru Media and Nauru Government Information, Communication and Technology.

The program was successfully delivered through the Nauru-Australia Policing Partnership (NAPP) program, which has been in place since the AFP first deployed to Nauru in 2004.

Nauru Police Force Commissioner Iven Notte is a strong supporter of the CSP program and said expanding the delivery of the program to include key partners would further increase the understanding of cyber safety within the community.

It is very important to protect the Nauru community from cyber harm, Commissioner Notte said.

The CSP training better equips the Nauru Police Force to tackle these emerging problems alongside their partners.

CSP also successfully delivered two programs in Samoa, with participants from the Samoa Police, Prisons and Corrections Services.

Samoa Police Acting Commissioner Leiataua Samuelu Afamasaga, who opened the training course, said Pacific police could utilise the training to respond to cyber threats in their unique environment.

This course has provided our members with the skills and knowledge to succeed in this field. They have learned about the different types of cybercrime, the tools and techniques used by cyber criminals and the legal framework to investigate and prosecute cybercrimes, Leiataua said.

The course has provided our members with the opportunity to develop their problem-solving and analytical skills, and how apply them to the real world.

Media enquiries:AFP Media: (02) 5126 9297

Connect with us:Follow our Facebook, Twitter, LinkedIn, Instagram and YouTube pages to learn more about what the AFP does to keep Australia safe.

Read this article:
AFP helping to increase cyber safety awareness across the Pacific - Australian Federal Police

Read More..

The Future of Telecommunications: A Deep Dive into Wi-Fi Analytics – Fagen wasanni

Exploring the Future of Telecommunications: A Comprehensive Analysis of Wi-Fi Analytics

The future of telecommunications is a fascinating topic that is constantly evolving, with Wi-Fi analytics playing a pivotal role in shaping this landscape. As we delve deeper into the realm of Wi-Fi analytics, we uncover a world of possibilities that could revolutionize the way we communicate and interact with technology.

Wi-Fi analytics, at its core, is the process of collecting, analyzing, and interpreting data from Wi-Fi networks. This data can provide valuable insights into user behavior, network performance, and other critical aspects of a Wi-Fi network. With the advent of advanced technologies such as artificial intelligence and machine learning, the potential of Wi-Fi analytics has expanded exponentially.

One of the most significant developments in Wi-Fi analytics is the ability to track user behavior. By analyzing data from Wi-Fi networks, businesses can gain a deeper understanding of their customers habits and preferences. This information can be used to tailor services and products to meet customer needs more effectively, thereby enhancing customer satisfaction and loyalty.

Moreover, Wi-Fi analytics can also be used to optimize network performance. By analyzing data on network usage, businesses can identify bottlenecks and other issues that may be affecting the performance of their Wi-Fi networks. This can lead to more efficient network management and improved user experience.

In addition, Wi-Fi analytics can play a crucial role in enhancing security. By monitoring network activity, businesses can detect unusual patterns that may indicate a security breach. This can enable them to take proactive measures to protect their networks and data, thereby reducing the risk of cyber-attacks.

However, the potential of Wi-Fi analytics extends beyond these applications. With the advent of the Internet of Things (IoT), Wi-Fi analytics can play a crucial role in managing and optimizing the performance of IoT devices. By analyzing data from these devices, businesses can gain insights into their operation and usage, which can be used to enhance their functionality and efficiency.

Furthermore, Wi-Fi analytics can also play a key role in the development of smart cities. By analyzing data from Wi-Fi networks, city planners can gain insights into the behavior and needs of city residents. This can be used to design more efficient and sustainable urban environments.

Despite the immense potential of Wi-Fi analytics, there are also challenges that need to be addressed. One of the main challenges is the issue of privacy. As Wi-Fi analytics involves the collection and analysis of user data, it is essential to ensure that this is done in a manner that respects user privacy and complies with data protection regulations.

Another challenge is the need for advanced analytical skills. As Wi-Fi analytics involves the analysis of complex data, it requires a high level of expertise in data analysis and interpretation. This highlights the need for businesses to invest in training and development to equip their staff with the necessary skills.

In conclusion, Wi-Fi analytics represents a significant frontier in the future of telecommunications. By harnessing the power of this technology, businesses can gain valuable insights that can enhance their operations, improve customer satisfaction, and drive innovation. However, it is also essential to address the challenges associated with Wi-Fi analytics to fully realize its potential. As we move forward, it will be fascinating to see how Wi-Fi analytics continues to shape the future of telecommunications.

Read more here:
The Future of Telecommunications: A Deep Dive into Wi-Fi Analytics - Fagen wasanni

Read More..