5 matches found
Large Language Models As a (Bad) Security Norm in the Context of Regulation and Compliance
The use of Large Language Models LLM by providers of cybersecurity and digital infrastructures of all kinds is an ongoing development. It is suggested and on an experimental basis used to write the code for the systems, and potentially fed with sensitive data or what would otherwise be considered...
SolarWinds and Market Incentives
In early 2021, IEEE Security and Privacy asked a number of board members for brief perspectives on the SolarWinds incident while it was still breaking news. This was my response. The penetration of government and corporate networks worldwide is the result of inadequate cyberdefenses across the...
IoT Cybersecurity Improvement Act Passed, Heads to President's Desk
Security experts are applauding the recent stamp of approval by the U.S. Senate on a groundbreaking internet-of-things IoT security regulatory effort. The IoT Cybersecurity Improvement Act, which was led in bipartisan sponsorship by Reps. Will Hurd R-Texas and Robin Kelly D-Ill., would require th...
ITV: New rules to prevent children’s ‘smart’ toys from being hacked
In the run up to Christmas we were asked by ITV's Chris Choi to demonstrate some of the security fails we see in kids toys all the time. We showed him our research on My Friend Cayla, and Tekstra Toucan amongst others, and made the point that while manufacturers need standards and codes of practi...
Ransomware and the Internet of Things
As devastating as the latest widespread ransomware attacks have been, it's a problem with a solution. If your copy of Windows is relatively current and you've kept it updated, your laptop is immune. It's only older unpatched systems on your computer that are vulnerable. Patching is how the comput...