Welcome to CISO Corner. Dark Reading's weekly article digest is tailored specifically for security operations readers and security his leaders. Each week, we bring you stories from across our news operations, The Edge, DR Technology, DR Global, and commentary sections. We are committed to providing diverse perspectives to support the operationalization of cybersecurity strategies for leaders in organizations of all shapes and sizes.
In this issue's CISO corner
-
Competition for AI-powered security platforms intensifies
-
Why MLBOM can help secure your AI/ML supply chain
-
The fight for cybersecurity awareness
-
An ambitious training initiative unlocks the talents of visually impaired people
-
Financial data of Vietnamese cybercrime group CoralRaider Nets
-
XZ Utils Scare reveals the hard truth about software security
-
NSA updates Zero Trust advice to reduce attack surface
Competition for AI-powered security platforms intensifies
Robert Lemos, Contributing Writer, Dark Reading
Microsoft, Google, and Simbian each offer generative AI systems that allow security operations teams to automate cybersecurity tasks using natural language.
Both Google and Microsoft have committed significant resources to developing generative artificial intelligence (AI) tools for cybersecurity. Microsoft's Security Copilot can discover breaches, collect data, and analyze it with the help of generative AI. Google's Gemini in Security is also a similar rival service.
Simbian is a unique system that leverages generative AI and large-scale language models (LLM) to help security teams automate the configuration of event management systems (SIEMs) or security orchestration, automation, and response (SOAR). We entered the fray with this in mind. ).
Each product has its own benefits, but all aim to streamline processes for stressed cybersecurity teams. The question that remains unanswered is whether teams can ultimately trust that automated systems will work as intended.
read more: Competition for AI-powered security platforms intensifies
Related: How AI and automation can help close the cybersecurity talent gap
Why MLBOM can help secure your AI/ML supply chain
Commentary by Diana Kelly, CISO, Protect AI
Machine learning bill of materials (MLBOM) frameworks can bring transparency, auditability, control, and forensic insight to AI and ML supply chains.
of Software bill of materials (SBOM) has become an essential tool for identifying the code that makes up an application, but in the era of artificial intelligence (AI), SBOM has several limitations in machine learning frameworks.
Machine learning software bills of materials (MLBOMs) fill the gaps left by traditional SBOMs and have the potential to add data and asset protection.
read more: Why MLBOM can help secure your AI/ML supply chain
Related: Current status of SBOM
The fight for cybersecurity awareness
Comment by Erik Gross, CISO, QAD
Investing in cybersecurity skills creates a safer digital world for everyone.
Spreading risk awareness is the best way to reduce cybersecurity risks, but continually training and retraining people on the latest threats can be a challenge. The age of artificial intelligence has made it even more difficult.
Building a culture of security is paramount, and it can be achieved with thoughtfulness. Cyber security training We focus on a personal approach, storytelling, and helping people feel safe talking openly about cybersecurity. Cybersecurity training processes that accept that humans are unpredictable and complex creatures have had the greatest success.
read more: The fight for cybersecurity awareness
Related: Q&A: Cybersecurity training gap in industrial networks
An ambitious training initiative unlocks the talents of visually impaired people
Dark Reading, Contributing Writer, Jennifer Rawinski
Novacoast's Apex program prepares individuals with visual impairments for careers in cybersecurity.
Blind and visually impaired (BVI) people are an untapped human resource. Cybersecurity companies struggling to attract talent. With just a computer equipped with a screen reader and a Braille keyboard, people in the BVI can become valuable contributors. Two cyber CEOs who want to get into cybersecurity have launched his Apex program, an online, on-demand he course for BVI residents.
To date, four students have completed the course and one has already taken a position as a SOC 1 analyst. The White House is now involved, and a short film featuring the Apex program is also in the works.
read more: An ambitious training initiative unlocks the talents of visually impaired people
Related: 3 ways companies can overcome the cybersecurity skills shortage
Financial data of Vietnamese cybercrime group CoralRaider Nets
Robert Lemos, Contributing Writer, Dark Reading
CoralRaider has a complex attack chain, uses Telegram for command and control, and appears to be targeting victims in Asian countries and inadvertently infecting itself.
newcomer Cybercrime in Vietnam In this scene, a group called CoralRaider is making moves, making some rudimentary mistakes along the way, including infecting their own systems.
Security researchers at Cisco Talos have been tracking CoralRaider's activities and found that even though the group has struggled to get its operations off the ground, they are motivated by profit. So far, the Cisco Talos analyst said he has yet to see any signs that CoralRaider has successfully delivered a payload, but the group is actively working on improving its cybercriminal skills.
read more: Financial data of Vietnamese cybercrime group CoralRaider Nets
Related: Ransomware, junk bank accounts: Cyber threats soar in Vietnam
XZ Utils Scare reveals the hard truth about software security
Written by Jai Vijayan, Contributing Writer, Dark Reading
Much of the open source code embedded in enterprise software stacks comes from projects that are small, under-resourced, and run by volunteers.
The recently discovered backdoor in the XZ Utils tool should be a wake-up call to cyber teams that open source repositories are riddled with vulnerabilities.
These projects are run by volunteers, lack resources, and are unable to respond to the latest threats. XZ Utils itself can be operated by one person. Companies using these open source codes do so at their own risk.
Organizations are encouraged to scrutinize their use. Code from public repository Determine whether appropriate security controls are in place. Experts also recommend having engineering and cybersecurity teams define processes and roles for deploying open source code.
read more: XZ Utils Scare reveals the hard truth about software security
NSA updates Zero Trust advice to reduce attack surface
From Dark Reading Staff
The agency encourages the widespread use of encryption, data loss prevention, and data rights management to protect data, networks, and users.
In an ongoing effort to provide support to both the public and private sectors to embark on their plans. The road to zero trust, the National Security Agency has issued guidance related to data protection, or “data pillars” as the NSA classifies them. The agency's recommendations include the use of encryption, tagging, labeling, and more.
Prior to this data security guidance, the NSA provided a detailed guide on macro and micro-segmentation of networks and its role in building a Zero Trust framework.
read more: NSA updates Zero Trust advice to reduce attack surface
Related: NSA's Zero Trust Guidelines Focus on Segmentation
