guidelines
Unpacking CISA’s AI guidelines
CISA’s late April AI and infrastructure guidelines address 16 sectors along with their cybersecurity needs and operations concerning the growth of AI as a tool to build both …
Integrating software supply chain security in DevSecOps CI/CD pipelines
NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, …
Released: AI security guidelines backed by 18 countries
The UK National Cyber Security Centre (NCSC) has published new guidelines that can help developers and providers of AI-powered systems “build AI systems that function as …
AI threat landscape: Model theft and inference attacks emerge as top concerns
Generative AI has emerged as a powerful tool, heralded for its potential but also scrutinized for its implications. Enterprises will invest nearly $16 billion worldwide on …
US warns of North Korean hackers posing as IT freelancers
Companies and other organizations should be careful when employing IT freelancers, lest they end up hiring North Korean hackers. The advice comes from the US Department of …
Navigating the waters of maritime cybersecurity
In January 2021, new International Maritime Organization (IMO) guidelines on maritime cyber risk management went into effect. Around the same time, the U.S. government …
Guide: Security measures for IoT product development
The European Union Agency for Cybersecurity (ENISA) released its Guidelines for Securing the IoT, which covers the entire IoT supply chain – hardware, software and services. …
In the era of AI, standards are falling behind
According to a recent study, only a minority of software developers are actually working in a software development company. This means that nowadays literally every company …
FIRST releases updated coordination principles for Multi-Party Vulnerability Coordination and Disclosure
The Forum of Incident Response and Security Teams (FIRST) has released an updated set of coordination principles – Guidelines for Multi-Party Vulnerability Coordination and …
How to gather cyber threat intelligence from dark markets without breaking US law
The U.S. Department of Justice’s Cybersecurity Unit has released guidelines for organizations that want to gather cyber threat intelligence from dark web forums/markets but, …
ENISA publishes procurement guidelines for cybersecurity in hospitals
The EU Agency for Cybersecurity (ENISA) published a cybersecurity procurement guide for hospitals. The hospital is a vast ecosystem comprised of an entire network of devices, …
Guidelines for assessing ISPs’ security measures in the context of net neutrality
According to the EU’s net neutrality regulation, called the Open Internet Regulation, which came into force in 2016, internet providers should treat all internet traffic to …