Paper presents a holistic overview and applicable methodology for impartially assessing intelligent systemsSEATTLE – Nov. 14, 2024 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment, today released Artificial Intelligence (AI) Risk Management: Thinking Beyond Regulatory Boundaries. Drafted by CSA’s AI Governance & Compliance Working Group, the document offers a comprehensive framework for auditing AI systems, addressing the critical aspects of AI technology and providing auditors with much-needed insights and tools to ensure the reliability and responsible innovation of intelligent systems..
Originally published by Tamnoon.As businesses continue migrating to the cloud and expanding their cloud footprint, scaling remediation of misconfigurations and reducing cloud threat exposure becomes a continuous battle for SecOps teams. Managed cloud security services offer the much-needed solution for cloud security teams; what MDR is to SOC teams, managed cloud security services are to security engineers. In this post, we’ll explore six key benefits of managed cloud security in 2024, and why it’s a game-changer for organizations managing security in the cloud.
Source: https://cloudsecurityalliance.org/articles/6-top-benefits-of-managed-cloud-security
Originally published by Oasis Security.Written by Marta Dern.We’ve covered the ins and outs of Non-Human Identity (NHI) Management—what it is, why it matters, and the best practices for handling these digital identities. But how do you translate theory into action? What does the deployment of an effective NHI Management program look like in practice?Just like any successful initiative, a solid plan is the foundation. As Antoine de Saint-Exupéry said, “A goal without a plan is just a wish”—and…
Source: https://cloudsecurityalliance.org/articles/non-human-identity-management-program-guide-step-by-step
Originally published by Vanta.Written by Toni Ng.In today’s complex business landscape, effective executive reporting is not just about sharing information; it’s about using the insights to take action and demonstrating the value of your compliance and security efforts. This blog outlines five essential practices to help you refine your reporting skills and ensure your insights resonate with key stakeholders and support informed decision-making.
Source: https://cloudsecurityalliance.org/articles/5-best-practices-for-executive-reporting
Originally published by Diligent.The EU AI Act comes into force on 1 August 2024. It is the world’s first comprehensive legislation designed to address artificial intelligence (AI) risks by establishing a set of rules and obligations aimed at safeguarding the health, safety, and fundamental rights of EU citizens. In doing so, it seeks to support responsible, innovative AI development and build trust between EU citizens and AI.
In this article, you’ll discover:
- What the EU Artificial Intelligence Act is
- The EU AI Act timeline for implementation
- The implications of the EU AI Act for organisations
- Steps to promote the responsible and ethical use of AI
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.
Source: https://threatpost.com/watering-hole-attacks-push-scanbox-keylogger/180490/
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.
Source: https://threatpost.com/0ktapus-victimize-130-firms/180487/
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.
Source: https://threatpost.com/ransomware-attacks-are-on-the-rise/180481/
Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.
Source: https://threatpost.com/cybercriminals-are-selling-access-to-chinese-surveillance-cameras/180478/
2.5 million people were affected, in a breach that could spell more trouble down the line.
Source: https://threatpost.com/student-loan-breach-exposes-2-5m-records/180492/
