網路安全概要: 美國、英國政府對建立安全的 AI 系統提出建言
Looking for guidance on developing AI systems that are safe and compliant? Check out new best practices from the U.S. and U.K. cyber agencies. Plus, a new survey shows generative AI adoption is booming, but security and privacy concerns remain. In addition, CISA is warning municipal water plants abo...
網路安全概要: U.S. 政府修法,對軟體廠商進行問卷調查尋求有關安全評估的意見
Uncle Sam wants your input on the latest version of the “Secure Software Development Attestation Form” that federal agencies will use to assess the security of software vendors. Plus, it’s warning cyber teams about the threats from the Rhysida and Scattered Spider cybercrime groups. In addition, the...
網路安全概要: Are SBOMs on Your Supply Chain Security Radar Screen? Check Out New Recommendations from CISA and NSA
The SBOM concept is still half-baked, but CISA and NSA want to help change that with new best practices for software vendors, developers and buyers. Plus, there’s new guidance about the Royal ransomware gang – as ransomware attacks grow. In addition, Google highlights a new typosquatting trend impac...
網路安全概要: Critical Infrastructure Security in the Spotlight in November
It’s “Critical Infrastructure Security and Resilience Month” – check out new resources from the U.S. government to better protect these essential organizations. Plus, the U.K.’s cyber agency is offering fresh guidance for mitigating the quantum computing threat. In addition, do you need a generative...
網路安全概要: Why Organizations Struggle to Prevent Attacks and How They Can Do Better
Find out the top people, process and technology challenges hurting cybersecurity teams identified in a commissioned study by Forrester Consulting on behalf of Tenable....
網路安全概要: GenAI Drives Broader Use of Artificial Intelligence Tech for Cyber
Check out how organizations’ enthusiasm over generative AI is fueling artificial intelligence adoption for cybersecurity. Plus, how CISA plans to revamp the U.S. government’s cyber incident response plan. In addition, learn about a new set of best practices for protecting cloud backups. Also, why bo...
網路安全概要: SANS Offers Tips for Maximizing Smaller OT Security Budgets
A SANS Institute survey found that budgets for ICS/OT security have shrunk, and advises on how to do more with less. Plus, hiring managers boost starting salaries to recruit stellar cyber pros. In addition, CISA’s Cybersecurity Awareness Month campaign challenges tech vendors to build safer products...
網路安全概要: 隨著網路威脅加劇,資安長預期預算會更加緊縮
After double-digit growth in the past two years, cybersecurity budgets expanded more modestly in 2023. Plus, a survey offers an inside look at how organizations are grappling with cyber challenges. In addition, the U.S. and Japan warn about a China-linked group that’s stealthily compromising network...
網路安全概要: 在攻擊使得網路保險理賠不斷攀升以及 Snatch 勒索軟體變種觸發警示之際,DHS 追蹤最新勒索軟體趨勢
Check out the new ransomware trends documented by DHS, as well as a joint CISA-FBI alert about the Snatch ransomware. Plus, find out what CISA has in store for its Known Exploited Vulnerabilities catalog. Furthermore, don’t miss new source-code management tips from the OpenSSF. And much more!...
網路安全概要: 取得深度偽造威脅、開放原始碼風險、AI 系統安全及勒索軟體集團的最新資訊
Tasked with securing your org’s new AI systems? Check out a new Google paper with tips and best practices. Plus, open source security experts huddled at a conference this week – find out what they talked about. Also, Uncle Sam says it’s time to prep for deepfake attacks. And much more!...
網路安全概要: Cyber Pros Taxed by Overwork, Understaffing and Lack of Support, as Stress Takes a Toll
Life is getting harder for cybersecurity pros, but there are ways to improve working conditions. Check out what a study found. Meanwhile, there’s a new, free attack-emulation tool for OT security teams. Plus, the U.S. government is alerting about exploits to CVE-2022-47966 and CVE-2022-42475. We als...
網路安全概要: Curb Your Enthusiasm Over ChatGPT-type Tools at Work, Says U.K.’s NCSC
As OpenAI released ChatGPT Enterprise, the U.K.’s cyber agency warned about the risks of workplace use of AI chatbots. Plus, the QakBot botnet got torn down, but the malware threat remains – what CISA suggests you do. Moreover, new quantum-resistant algorithms are due next year. And much more!...