AI Supply Chain; AI security platforms; Cyber ​​awareness

Welcome to the CISO Corner, Dark Reading’s weekly digest of articles designed specifically for security operations readers and security leaders. Each week, we feature articles from our news operation, The Age, DR Technology, DR Global, and our commentary section. We are committed to bringing you a diverse set of perspectives to support the work of enabling cybersecurity strategies, for leaders in organizations of all shapes and sizes.

In this issue of CISO Corner

The race for AI-powered security platforms has accelerated

By Robert Lemos, Contributing Writer, Dark Reading

Microsoft, Google and Symbian each offer creative AI systems that allow security operations teams to use natural language to automate cybersecurity tasks.

Both Google and Microsoft have committed massive resources to developing generative artificial intelligence (AI) tools for cybersecurity. Microsoft’s Security Copilot can detect breaches, collect data and analyze it with the help of generative AI. Google’s Gemini in Security There is a similar rival service.

Now a startup has entered the fray, Symbian, with its system that leverages creative AI as well as large language models (LLMs) to automatically configure event management systems (SIEM) or security orchestration, automation, and response ( (SOAR) to support security teams. ).

While each offering has its advantages, they all strive to streamline the process for stressed cybersecurity teams. The question remains to be answered as to whether teams will eventually trust automated systems to perform as intended.

Read more: The race for AI-powered security platforms has accelerated

Related: How AI and Automation Can Help Close the Cybersecurity Talent Gap

Why MLBOMs are useful for securing the AI/ML supply chain.

Commentary from Diana Kelly, CISO, Protect AI

A machine learning bill of material (MLBOM) framework can bring transparency, auditability, control and forensic insight to AI and ML supply chains.

gave Software Bill of Materials (SBOM) has become an essential tool for identifying the code that makes up an application, but in the age of artificial intelligence (AI), SBOM’s machine learning framework has some limitations.

Machine learning software can fill the gaps left in the bill of material, or MLBOM, traditional SBOM and add considerations to data and assets.

Read more: Why MLBOMs are useful for securing the AI/ML supply chain.

Related: Where SBOMs stand today.

The fight for cybersecurity awareness

Commentary by Eric Gross, CISO, QAD

Investing in cybersecurity skills creates a safer digital world for everyone.

Spreading threat awareness is the best way to reduce cybersecurity risk, but the task of constantly training and retraining people on the latest threats can be daunting. The age of artificial intelligence is making it even more difficult.

Building a culture of safety is paramount, and can be achieved through thoughtful consideration. Cyber ​​security training Personal perspective, storytelling, and helping people talk openly about cybersecurity. Humans are unpredictable, and cybersecurity training processes that accept that humans are complex creatures have achieved the greatest success.

Read more: The fight for cybersecurity awareness

Related: Q&A: The Cybersecurity Training Gap in Industrial Networks

The ambitious training initiative taps the talents of the blind and visually impaired.

By Jennifer Lavinsky, Contributing Writer, Dark Reading

Novacoast’s Apex program prepares the visually impaired for cybersecurity careers.

Not a usable resource for blind and visually impaired (BVI) individuals. Cybersecurity companies struggling to attract talent. With just a computer with a screen reader and Braille keyboard, BVI people can become valuable partners. Two cyber CEOs have launched the Apex program, an on-demand course for BVI people who want to get involved in cyber security.

So far, four students have completed the course and one has already secured a job as a SOC 1 analyst. Now the White House is getting involved, and there’s even a short film in the works featuring the Apex program.

Read more: The ambitious training initiative taps the talents of the blind and visually impaired.

Related: 3 Ways Businesses Can Overcome the Cybersecurity Skills Shortage

Vietnamese cybercrime group Coral Raider Net financial data

By Robert Lemos, Contributing Writer, Dark Reading

With a complex attack chain and using Telegram for its command and control, CoralRaider targets victims in Asian countries – and seems to accidentally infect itself as well.

But a newcomer Vietnamese cybercrime In the scene, a group called CoralRaider is on the move — and cheaters make mistakes like infecting their systems — along the way.

Security researchers at Cisco Talos have been tracking CoralRaider’s activities and have found them to be profit-driven, though the group is having trouble getting its operations off the ground. So far, Cisco Talos analysts have seen no indication CoralRaider has yet successfully delivered a payload, but the group is actively working to improve its cybercrime expertise.

Read more: Vietnamese cybercrime group Coral Raider Net financial data

Related: Ransomware, Junk Bank Accounts: Cyber ​​Threats Proliferate in Vietnam

XZ Utils Scare exposes the hard truths about software security.

By Jai Vijayan, Contributing Writer, Dark Reading

Much of the open source code embedded in the enterprise software stack comes from small, low-resource, volunteer-run projects.

A recently discovered backdoor in the XZ Utils tool should be a wake-up call to cyber teams that open source repositories are riddled with vulnerabilities.

These projects are volunteer-run, under-resourced, and unable to address the latest threats. XZ Utils itself is a one-man operation. Organizations using code from these open sources do so at their own risk.

Organizations are advised to check their usage. Code from public repositories and determine whether they have adequate security controls in place. Experts also recommend defining the process and role of onboarding to open source code for engineering and cybersecurity teams.

Read more: XZ Utils Scare exposes the hard truths about software security.

NSA Updates Zero Trust Advice to Reduce Attack Surfaces

By Dark Reading Staff

The agency encourages the broader use of encryption, data loss prevention, and data rights management to protect data, networks, and users.

In its ongoing efforts to provide support to both the public as well as the private, sectors The path to zero trust, the National Security Administration has issued guidance on data protection, or as the NSA classifies it, the “data pillar.” The agency’s recommendations include the use of encryption, tagging, labeling and more.

Prior to this data security guidance, the NSA provided a detailed guide to network macro- and micro-segmentation and its role in building a zero-trust framework.

Read more: NSA Updates Zero Trust Advice to Reduce Attack Surfaces

Related: The NSA’s Zero Trust Guidelines focus on segmentation.