SBOMs’ Role in Open Source Security
When the Cybersecurity and Infrastructure Security Agency (CISA) announced its guidelines to promote better security of the software supply chain, the agency touted the software bill of materials (SBOM) as “a key building block in software security and software supply chain risk management.” One of the key areas in CISA’s ... Read More
Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain
Organizations rely heavily on third-party vendors and contractors. Smart companies will have a service level agreement (SLA) with each vendor which includes information about the vendor’s approach to cybersecurity—in fact, it’s a best practice to add security to the software supply chain. If only it was that simple. In the ... Read More
Senate Committee Passes Securing Open Source Software Act
Cybersecurity is a hot topic in Washington, D.C., right now. The Biden administration has released a number of executive orders around national cybersecurity edicts, and now the Senate has proposed a rare bipartisan bill designed to secure open source software. According to a press release from the Department of Homeland ... Read More
Don’t Trust the Security of the Software Supply Chain
Now more than ever, organizations are relying on the supply chain for basic business operations. According to Charlie Jones, director of product management with ReversingLabs, there are two reasons for this: The global trend of digitalization and the rapid move to remote work during the pandemic. What those trends did ... Read More
White House Moves to Address Software Supply Chain Security
No one wants a repeat of the SUNBURST cyberattack, but without any action to improve cybersecurity within the software supply chain, another SUNBURST—or worse—attack is inevitable. And we still may see a devastating attack that takes down critical infrastructure or cripples major business systems, but at least there are steps ... Read More
The Chip War’s Impact on Cybersecurity and the Supply Chain
Semiconductors had their moment in the spotlight during the worst of the pandemic-induced supply chain disruptions. The shortage of semiconductors wreaked havoc on the industries that rely on them, opening up devices to potential threats. “The semiconductor supply chain remains one of the most complicated and most critical supply chains ... Read More
AI/ML’s Role in Software Supply Chain Security
Almost every company has felt the impact of a cybersecurity incident caused by a security breakdown in the software supply chain. According to a study by BlueVoyant, 98% of businesses were negatively affected by a supply chain-related breach, with 40% of the respondents saying they rely on the vendor to ... Read More
Hybrid Systems: AI and Humans Need Each Other for Effective Cybersecurity
The sudden mainstreaming of chatbots and generative AI like ChatGPT has a lot of people worried. They believe this is the AI technology that will replace them. Fortunately, that’s not actually the case. The more likely scenario is that humans will partner with AI to create a hybrid model of ... Read More
No Programming Skills? Chatbots Will Help Inexperienced Hackers
One thing we’ve learned about ChatGPT and similar AI is that it makes people seem more skilled than they really are. Students are using AI chatbots to do their homework, and would-be comedians and screenwriters are using the technology to create their material. Whether or not any of this material ... Read More
How Chatbots Will Change Phishing Attacks
It was only a matter of time until threat actors turned to chatbots like ChatGPT to create phishing attacks. In fact, while it has only been a couple of months since the world was first captivated by the power of ChatGPT, the bad guys were already using chatbots for phishing ... Read More