U.S. Department of Labor OCIO’s Post

We all learnt that seeing is believing and now we need to prepare for a new reality. We unearthed cases of audio deepfakes being used for enterprise compromise way back in 2018 with Hugh Thompson, Ph.D. and since then, the deepfake technology has advanced tremendously. It is scary to think about the attack vectors AI will unleash upon enterprises. Things will only get worse as AI agents and applications make their way into the enterprise. But it is easy to blame the technology here. The truth is that fundamentals of security have not changed with AI and the adoption of proper authentication, authorization, and audit mechanisms can mitigate situations like these. How that will look in the world of AI is TBD. https://lnkd.in/gFeX337z

The Department of Commerce’s Bureau of Industry and Security recently announced the expansion of the Validated End User (VEU) program to include data centers. The VEU program allows preapproved end users to receive certain controlled items without individual export licenses. The expansion of the program recognizes the benefits of artificial intelligence and the crucial role data centers play for AI development, and it reflects the United States’ commitment to facilitating AI development while mitigating risk to U.S. national security. Read the memo: https://lnkd.in/efbXmUsJ #ArtificialIntelligence #ExportControl #NationalSecurity 

Current vulnerabilities: Humans have already been manipulated into giving away vast amounts of personal data, often in exchange for "free" services or minor conveniences. AI's growing capabilities: Advanced AI systems are becoming increasingly adept at analyzing and predicting human behavior, potentially making manipulation even more sophisticated and harder to detect. It highlights a potential future where AI systems might offer significant benefits in exchange for comprehensive personal data access.

Exciting news! 🎉 Our RST Report Hub has undergone notable enhancements. 🛠️ Integration with RST Noise Control is now live, enabling automatic flagging of well-known or popular IP addresses, domains, URLs, or hashes as Observables, correcting the previous misclassification by some authors as Indicators of Compromise found in Threat Intelligence reports. 🔍 Another noteworthy update improves the parsing of victim/target relationships. Previously, an issue existed where the engine sometimes incorrectly identified countries related to the attacker as victims. Even if a threat actor originates from a certain country, they still can be targeting that same country they are from even though it is unconventional. Now is has been addressed. There are so many nuances and we keep improving the engine, tuning our models, adjusting its AI capabilities. [the picture is from one of our favourite integrations - OpenCTI] * RST Report Hub is an electronic library of threat reports from hundreds of security companies, individual researchers and cyber communities. These reports undergo transformation from human-readable formats to machine-readable ones, including STIX 2.1. Extensive multilingual translation, archiving as PDFs, and summarization are conducted. Key data, encompassing threat actors, names, software, CVEs, geolocation, industry, etc., is automatically extracted, with due credit to the original report author. #threatintel #ai #ml #parsing

Safety: The New Paradigm Shift in Cybersecurity—When Does AI Become Too Powerful to be unsafe for humanity? Globally, regulators are crunching the numbers. As AI evolves at a rapid speed, the critical question is clear: How do we know when AI becomes too powerful? In the U.S., any AI model that processes 100 septillion calculations per second (10 to the 26th flops) now must be reported to the government, with California introducing even tougher requirements. The Golden State adds an extra layer of scrutiny by targeting AI models that cost at least $100 million to develop. Across the Atlantic, the European Union’s AI Act takes a slightly different approach, setting its regulatory threshold at 10 to the 25th flops—a standard 10 times lower than that of the U.S. As the race to regulate continues, how will these new standards shape the future of AI? #AIRegulation #AIAct #ArtificialIntelligence #AIDevelopment #TechRegulation #AISafety #AIInnovation #TechPolicy #AIStandards #FutureOfAI #AICompliance #GovTech #DigitalRegulation #EmergingTech

🔍 Illuminating Shadow AI: Access Our New On-Demand Webcast!💡 Here's what you can expect to learn: 1 - Discover how to detect and control AI applications that are flying under the radar, posing unseen risks. 2 - Learn about the unintended consequences of AI use, including privacy violations and data mishandling, and how to prevent them. 3 - Understand the steps to create and enforce policies that balance innovation with security and compliance. 🔗 Don’t miss out on this opportunity to gain critical insights and enhance your AI strategy. Click the link below to watch now! 📍 Watch Here: https://lnkd.in/dbaAiqEq Join industry experts Debra Brown from Savvy and Dan Clarke from Truyo | An IntraEdge Company as they share real-world examples and actionable strategies to help you navigate the complexities of Shadow AI. Let’s illuminate the path to a secure and innovative AI future! #ShadowAI #AIGovernance #SaaSSecurity #Webcast #SavvySecurity #InterEdge #Truyo

🚨 What are the cybersecurity risks in AI? Brief Insights 🚨 🤖 AI Hallucination: Guard against misinformation as AI may present incorrect statements as facts. Verify the accuracy of data-driven insights. 🔄 Biased Brilliance: Address the gullibility of AI in responding to leading questions. Mitigate biases for fair and equitable applications. ☠️ Toxic Content Creation: Watch out for 'prompt injection attacks' coercing AI into generating harmful content. Stay vigilant against manipulation. 🔍 Data Poisoning: Tampering with training data poses a threat to AI security and bias. Protect against silent intruders as AI exchanges data with third party application. 👉 👉 👉 Advice for Secure AI Development: Follow the Guidelines for Secure AI System Development, a collaborative effort by NCSC, CISA, and agencies from 17 countries. https://lnkd.in/dXfkFUpX

In 2023, governments made significant strides in embracing artificial intelligence (AI), ushering in a new era of responsible AI use. This momentum is poised to continue into 2024, with state and local governments taking the lead in regulating AI as congressional action remains stagnant. The focus is on generative AI, which is expected to revolutionize various governmental functions, from drafting communications to policy analysis. While optimism surrounds AI's potential to enhance efficiency, concerns persist regarding cybersecurity threats and workforce displacement. Governments must tread cautiously, balancing AI's benefits with ethical and security considerations. Read more in this article from Route Fifty, which includes commentary from our Senior Vice President of Research and Development, Ben Sebree. #ArtificialIntelligence #DigitalTransformation #LocalGovernment #GovTech CivicPlus https://lnkd.in/esz_khjY

A recent survey reveals that 63% of public sector employees need a clearer understanding of generative AI. This knowledge gap could hinder your organization's leveraging this game-changing technology. While some governments already use generative AI to streamline procurement, analyze data, and draft communications, many hesitate to adopt it due to data privacy, security, and bias concerns. Ready to bridge the knowledge gap and empower your workforce? @CivicPlus offers solutions like our AI-powered Chatbot, designed specifically for local governments. It's a practical way to introduce your team to AI while providing immediate value to your residents. Learn more about how CivicPlus can help your government harness the power of AI 👉: https://lnkd.in/een5g-6u #LocalGovernment #ArtificialIntelligence #GenerativeAI #EmergingTechnologies #ResponsibleAI #ResidentEngagement @RouteFifty https://lnkd.in/enZyiP9B

As Artificial Intelligence (AI) reshapes industries and society, data security has become one of the most pressing issues. AI-powered platforms rely on vast amounts of data to function effectively, and the sensitive nature of this data necessitates strong security measures. One major concern is "data exfiltration" or "information leakage," which refers to the unintentional or unauthorised exposure of sensitive company data, including intellectual property (IP), trade secrets, and business strategies. This blog post explores the critical role of data security in AI, the unique challenges AI platforms face, and how Pentimenti.AI addresses these challenges through multi-layered security solutions. Read the full article here: https://bit.ly/3N0CLUl #PentimentiAI #BusinessApplication #AI #DataSecurity #Sandboxing