UMNAI’s Post

As local governments undergo digital transformation to improve public service delivery, they encounter distinct challenges and opportunities in the realms of artificial intelligence (AI) and cybersecurity. This session will delve into the vital intersection of these two fields, focusing on practical strategies for integrating AI technologies while protecting sensitive citizen data and critical infrastructure. Participants will gain insights into specific cyber threats facing municipalities, explore effective risk management practices tailored to local governance, and learn how to cultivate a culture of cybersecurity awareness among staff and constituents. Join us to uncover how local governments can harness AI to enhance service delivery while implementing robust measures to mitigate cyber risks. Anne Balduzzi Hartman Executive Advisors Marcus Hensel VRSA Nick Serfass Richmond Technology Council - rvatech/ Cindy Atkinson #VML #VirginiaMunicipalLeague #EconomicDevelopment #AI #EmergingTech #TechForGood #ITLeadership #TechnologyLeadership

In an era where digital threats are evolving at an unprecedented pace, Artificial Intelligence (AI) has emerged as a game-changer in cybersecurity and it can drive transformative impact on the broader business landscape. If you would like to learn more, please join me and ISC2 on March 27th 2024 for an insigtful conversation!

🚨Insightful Update: AI and the Evolving Cyber Threat Landscape - NCSC Assessment 2023🌐🛡 In the dynamic realm of cybersecurity, the interplay between AI and emerging threats is reshaping our strategic approach. The Bletchley AI Safety Summit of November 2023, a significant event in the tech world, brought this into sharp focus. Here's a detailed look at the key takeaways from the National Cyber Security Centre (NCSC) assessment and their implications: AI-Driven Cyber Threats: AI's role in cyber attacks is not a distant future scenario but an immediate concern. The NCSC predicts a significant increase in both the volume and complexity of cyber attacks in the next couple of years, primarily driven by AI advancements. Enhanced Attack Techniques: One of the more unsettling revelations is AI's utility in cyber reconnaissance and social engineering. These sophisticated methods make attacks more elusive and challenging to detect. Diverse Impact Across Threat Actors: The utilisation of AI in cyber operations will differ vastly. While highly capable state actors and organised cybercrime groups are expected to see a moderate capability boost, less skilled hackers will find AI tools particularly advantageous, especially in areas like phishing. 📊Trend Analysis: AI is enabling faster and more efficient data analysis, directly contributing to the increasing impact of cyber attacks. The commoditisation of AI-enabled capabilities in criminal markets is a worrying trend, likely to be a reality by 2025. AI is lowering barriers for entry-level cybercriminals, fueling global ransomware threats. 🛡 Steps Towards Cyber Resilience: The advent of Generative AI and Large Language Models (LLMs) poses new challenges to traditional cybersecurity measures. AI-driven reconnaissance underscores the need for rapid and effective patching of network vulnerabilities. 💡NCSC's Proactive Approach: Recognising the urgent need for secure AI development, the NCSC is actively collaborating with partners to establish guidelines and best practices. The publication of 'Guidelines for Secure AI System Development' in November 2023 is a step towards this goal. As we navigate these turbulent waters, it's imperative that organisations and individuals stay informed and vigilant. The integration of AI in cybersecurity is a double-edged sword, offering both formidable challenges and groundbreaking solutions. #CyberSecurity #ArtificialIntelligence #NCSC #AIrisks #CyberThreats #TechTrends

👉 Attention small and midsize enterprise #CISOs, the latest National Institute of Standards and Technology (NIST) report on AI dives deep into the emergence of adversarial #artificialintelligence threats. Measured Analytics and Insurance summarized the report in this article: “Cybersecurity for SMEs: Tackling the Challenges of Adversarial Machine Learning and AI Threats" 🔗: https://lnkd.in/ePRj3nfe 💡 Evasion, poisoning, privacy breaches, and data abuse—are your systems prepared to withstand these attacks? (see the slideshow below) Read Measured's latest blog post for an in-depth analysis and to stay ahead in this fight against AI vulnerabilities. 🤖 From subtle evasion tactics to outright poisoning of AI models, adversaries are finding innovative ways to compromise AI systems. As NIST's Apostol Vassilev puts it, "We are encouraging the community to come up with better defenses." It's a call to arms for all of us in the security field. (quote from the NIST Report) “Most of these attacks are fairly easy to mount and require minimum knowledge of the AI system and limited adversarial capabilities,” said co-author Alina Oprea, a professor at Northeastern University. “Poisoning attacks, for example, can be mounted by controlling a few dozen training samples, which would be a very small percentage of the entire training set.” (quote from the NIST Report) #MachineLearning #AdversarialAI #ArtificialIntelligence #InfoSec #ThreatIntelligence #cybersecurity #riskmanagement

https://lnkd.in/ea9PsTCe CISA plans to implement five lines of effort to unify and accelerate the 2023-2025 road map: 1) responsible use of AI: deploy AI-enabled software tools to bolster cyber defenses and support critical infrastructure, which are passed through a rigorous selection process upon selection 2) adopt AI systems: drive adoption of strong vulnerability management practices, specifying a vulnerability disclosure process and providing guidance for security testing and red teaming exercises for AI systems 3) protect critical infrastructure from malicious use of AI 4) collaborate with interagency, international partners and the public: through AI working groups, attending or participating in interagency meetings, and closely coordinating with Homeland Security entities 5) expand AI expertise in the workforce: human vigilance, oversight, and intuition are always needed to detect AI- and non-AI-based cyber threats and to ensure AI systems are free from errors, biases, and manipulation #responsibleai #CISA #cyber #cyberattack #cybersecurity #cyberdefense

National Security Agency’s Artificial Intelligence Security Center (NSA AISC) published the joint Cybersecurity Information Sheet Deploying AI Systems Securely in collaboration with CISA, the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD ACSC), the Canadian Centre for Cyber Security (CCCS), the New Zealand National Cyber Security Centre (NCSC-NZ), and the United Kingdom’s National Cyber Security Centre (NCSC-UK). The guidance provides best practices for deploying and operating externally developed artificial intelligence (AI) systems and aims to: 1)Improve the confidentiality, integrity, and availability of AI systems.  2)Ensure there are appropriate mitigations for known vulnerabilities in AI systems. 3)Provide methodologies and controls to protect, detect, and respond to malicious activity against AI systems and related data and services. This report expands upon the ‘secure deployment’ and ‘secure operation and maintenance’ sections of the Guidelines for secure AI system development and incorporates mitigation considerations from Engaging with Artificial Intelligence (AI). #artificialintelligence #ai #securitytriad #cybersecurity #risks #llm #machinelearning

Vulnerabilities that refer to weaknesses in artificial intelligence (AI) systems can be exploited by hackers to compromise the security or functionality of a system. These vulnerabilities can arise from various sources, including the design of the AI model, the data used to train the model, and the deployment and operation of the model in default settings. This Measured blog focuses on in-depth analysis and guides on how to stay ahead against such attacks. https://lnkd.in/daJU-YhB

According to a newly released report from Swimlane, a concerning 74% of cybersecurity decision-makers are aware of sensitive data being input into public AI models despite having established protocols in place. The report, “Reality Check: Is AI Living Up to Its Cybersecurity Promises?“, reveals that the rush to embrace AI, especially generative AI and large language models, has outpaced most organizations’ ability to keep their data safe and effectively enforce security protocols. As AI becomes more integral to organizational operations, companies are grappling with both its benefits and the associated risks. To better understand this landscape, Swimlane surveyed 500 cybersecurity decision-makers in the United States and the United Kingdom to uncover how AI is influencing data security and governance, workforce strategies, and cybersecurity budgets. Read more: https://lnkd.in/gwXGXKuZ #IndiaTechnologyNews #AIReport #Cybersecurity #DataRisks #SensitiveData #CyberLeaders #DataProtection #AIAwareness #CyberThreats #RiskManagement #DataSecurity

New Post: #CISA Joins #ACSC-led Guidance on How to Use #AI Systems Securely - https://lnkd.in/d-q9F8bz CISA Joins ACSC-led Guidance on How to Use AI Systems Securely 01/23/2024 06:00 PM EST CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) on Engaging with Artificial Intelligence—joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the guidance: Federal Bureau of Investigation (FBI) National Security Agency (NSA) United Kingdom (UK) National Cyber Security Centre (NCSC-UK) Canadian Centre for Cyber Security (CCCS) New Zealand National Cyber Security Centre (NCSC-NZ) and CERT NZ Germany Federal Office for Information Security (BSI) Israel National Cyber Directorate (INCD) Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and the Secretariat of Science, Technology and Innovation Policy, Cabinet Office Norway National Cyber Security Centre (NCSC-NO) Singapore Cyber Security Agency (CSA) Sweden National Cybersecurity Center The guidance provides AI systems users with an overview of AI-related threats as well as steps that can help them manage AI-related risks while engaging with AI systems. The guidance covers the following AI-related threats: Data poisoning Input manipulation Generative AI hallucinations Privacy and intellectual property threats Model stealing and training data exfiltration Re-identification of anonymized data Note: This guidance is primarily for users of AI systems. CISA encourages developers of AI systems to review the recently published Guidelines for Secure AI System Development. To learn more about how CISA and our partners are addressing both the cybersecurity opportunities and risks associated with AI technologies, visit CISA.gov/AI. Robert Williams#News247WorldPress

New Post: #CISA Joins #ACSC-led Guidance on How to Use #AI Systems Securely - https://lnkd.in/dFM_PppN CISA Joins ACSC-led Guidance on How to Use AI Systems Securely 01/23/2024 06:00 PM EST CISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) on Engaging with Artificial Intelligence—joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the guidance: Federal Bureau of Investigation (FBI) National Security Agency (NSA) United Kingdom (UK) National Cyber Security Centre (NCSC-UK) Canadian Centre for Cyber Security (CCCS) New Zealand National Cyber Security Centre (NCSC-NZ) and CERT NZ Germany Federal Office for Information Security (BSI) Israel National Cyber Directorate (INCD) Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and the Secretariat of Science, Technology and Innovation Policy, Cabinet Office Norway National Cyber Security Centre (NCSC-NO) Singapore Cyber Security Agency (CSA) Sweden National Cybersecurity Center The guidance provides AI systems users with an overview of AI-related threats as well as steps that can help them manage AI-related risks while engaging with AI systems. The guidance covers the following AI-related threats: Data poisoning Input manipulation Generative AI hallucinations Privacy and intellectual property threats Model stealing and training data exfiltration Re-identification of anonymized data Note: This guidance is primarily for users of AI systems. CISA encourages developers of AI systems to review the recently published Guidelines for Secure AI System Development. To learn more about how CISA and our partners are addressing both the cybersecurity opportunities and risks associated with AI technologies, visit CISA.gov/AI. Robert Williams#News247WorldPress