The UK government has been criticised by campaigners for creative industries after it proposed letting AI companies train their models on copyrighted works.

The proposal, which suggests that AI firms should freely leverage a new copyright exemption while training their algorithms, is “entirely untested and unevidenced” said crossbench peer Beeban Kidron, who campaigns to protect artist and creative rights.

Singer and songwriter Sir Paul McCartney warned AI could “just take over” if the firms writing LLMs are allowed to ignore copyright, but the government warned “legal uncertainty is undermining investment in and adoption of AI technology.”

Read more

Munich Airport aims to boost data use and cut wait times with AIRHART deployment

Munich Airport has unveiled plans for the next stage of its digital transformation after agreeing on a deal to implement the AIRHART data platform.

AIRHART, which is already in operation at Copenhagen Airport, uses real-time data analytics to improve the flow of passengers as they travel through an airport. It uses AI to optimise landing gates, predict bottlenecks and tie together all the different datasets and systems used in an airport.

AIRHART was created by Danish tech firm Netcompany in partnership with Copenhagen Airport and was deployed last year.

Munich Airport is Europe’s tenth busiest airport with over 50 million passengers a year.

“Munich Airport has a strong commitment to innovation and creating a seamless experience for the millions of passengers who visit and transfer at our hub. The implementation of AIRHART and our partnership with Netcompany is a significant step towards that objective,” says Florian Lesch, Senior Vice President IT at Munich Airport.

Read all about how it transformed the Danish airport’s operations

BlackBerry sells endpoint security arm Cylance to Arctic Wolf in huge loss

BlackBerry has reached a $160 million deal to sell Cylance to Arctic Wolf six years after it bought the endpoint detection and response vendor for $1.4 billion.

Arctic Wolf said the acquisition of the AI-powered cyber firm will bolster its EDR offerings, subject to closure of the deal which is expected to come in BlackBerry’s fourth fiscal quarter.

BlackBerry’s acquisition of Cylance in 2018 marked a significant step for the Canadian firm as it pivoted away from being a device manufacturer to focus on enterprise solutions, including security. It was BlackBerry’s largest ever acquisition at the time.

Arctic Wolf will pay $80 million once the deal closes, $40 million around a year later, and chip in 5.5 million shares too.

“Security has an operations and effectiveness problem and endpoint solutions alone have failed to live up to the outcomes they have promised for years,” said Nick Schneider, president and chief executive officer, Arctic Wolf.

“By incorporating Cylance’s endpoint security capabilities into our open-XDR Aurora platform, we will be addressing a rampant need for a truly unified, effective security operations that delivers better outcomes for customers. We believe we will be able to rapidly eliminate alert fatigue, reduce total risk exposure, and help customers unlock further value with our warranty and insurability programs.”

Read more

ChatGPT search made available for all users

OpenAI is making ChatGPT’s search engine function available for all users, including an optimised version for mobile.

The generative AI platform first launched a search function back in October, but it was initially only available for paid subscribers. However, OpenAI revealed as part of its “12 days of ship-mas” the function will unlock for free tiers of ChatGPT from today.

On mobile, the search function will appear more like a traditional search engine, including answers more relevant based on location data.

Another feature aims to make ChatGPT search faster when you’re looking for certain sites, such as “hotel booking websites.” Now, ChatGPT will surface links to websites before taking the time to provide more information about each option.

Additionally, the AI can also automatically provide up-to-date information from the web when using Advanced Voice Mode, though that remains only available to paid users.

Read more

The post UK mulls copyright exemption for AI and BlackBerry incurs loss on Cylance sale appeared first on TechInformed.

Network security company Cato Networks Cyber Threat Research Lab has unmasked a new tool in the cybercriminal underworld capable of beating two-factor authentication (2FA).

The post Deepfake cybercrime tool threatens crypto exchanges appeared first on TechInformed.

Occurring just a couple of weeks after the global CrowdStrike IT outage, which ground airports to a halt and forced medical facilities to resort to pen and paper, it felt the right time to reflect as firms find themselves under pressure to adopt AI  faster and release products before they are properly evaluated.

Lisa Einstein, senior AI advisor at the US Cybersecurity and Infrastructure Security Agency (CISA), compared what she called “the AI gold rush” to previous generations of software vulnerabilities that were shipped to market without security in mind.

“We see people not being fully clear about how security implications are brought in. With the CrowdStrike incident, no malicious actors were involved, but there was a failure in the design and implementation that impacted people globally.

“We need the developers of these systems to treat safety, security and reliability as a core business priority,” she added.

The Internet Security Alliance’s (ISA) president and CEO, Larry Clinton, put it more bluntly: “Speed kills — today we’re all about getting the product to market quickly — and that’s a recipe for disaster in terms of AI.”

He added: “Fundamentally, we need to reorientate the whole business model of IT, which is ‘Get to market quick and patch’. We need to move to a ‘Secure by Design’ model and to work with government partners so we are competitive and secure.”

Many of the event’s sessions, which featured speakers from WTT, Microsoft, CISA, Nvidia, as well as the CIA’s first chief technology officer, were focussed on how organisations might achieve ‘Secure by Design’ AI, which TechInformed has summarised in eight key takeaways.

1. Do the basics and do them well

“You can’t forget the basics,” stressed veteran CIA agent Bob Flores during one of the event’s panel sessions. “You have to test systems and applications and the connections between the applications, and you have to understand what your environment looks like,” he added.

Flores, who, towards the end of his CIA career, spent three years as the agency’s first enterprise chief technology officer, asked Black Hat’s AI conference delegates: “How many of you out there have machines that are attached to the internet that you don’t know about? Everyone’s got one, right?”

He also warned that, with AI, understanding what’s in your network needs to happen fast “because the bad guys are getting faster. They can overcome everything you put in place.”

And while enterprises might think it’s safer to develop their own LLMs rather than to rely on internet-accessible chatbots such as ChatGPT, Flores is concerned that they might not be building in security from the beginning. “It’s still an afterthought. As you build these LLMs, you must think, every step of the way, like a bad guy and wonder if you can get into this thing and exploit it.”

2. Architect it out

Bartley Richardson, cybersecurity AI lead at GPU giant NVIDIA, advised the Black Hat crowd to look at AI safety from an engineering perspective.

“When you put together an LLM application, don’t just look at every block you’ve architected there; look at the connections between those blocks and ask: ‘Am I doing the best possible security at each of those stages?’ ‘Is my model encrypted at rest?’ Are you putting safeguards in place for your prompt injections?’ This is all Security by Design. When you architect it out, these things become apparent, and you have these feedback loops where you need to put in security,” he explained.

3. Create a safe space to experiment

Matt Martin, founder of US cyber consulting firm Two Candlesticks and an AI Security Council member for Black Hat, advised that creating a controlled sandbox environment within which employees can experiment was important. “A lot of people want to use AI, but they don’t know what they want to do with it just yet – so giving them a safe space to do that can mitigate risk,” he said.

Martin added that it was important to understand the business context and how it was going to be applied. “Ensure someone in the company is in overall control of the projects. Otherwise, you’ll end up with 15 different AI projects that you can’t actually control and don’t have the budget for.”

4. Red team your products  

Brandon Dixon, AI partner strategist at Microsoft, explained how the software giant is balancing advances in AI with security. “We’ve done that through the formation of a deployment safety board that looks at every GenAI feature that we’ve deployed and attaching a red teaming process to it before it reaches our customers,” he says.

Red teaming is an attack technique used in cybersecurity to test how an organisation would respond to a genuine cyber-attack.

Check out our healthcare cybersecurity tabletop coverage here

“We’ve also formed very comprehensive guidance around responsible AI both internally and externally, consulting experts, which has enabled us to balance moving very quickly from the product side in a way that doesn’t surprise customers,” he added.

5. Partnerships are paramount

According to CISA’s Lisa Einstein, ‘Secure by Design’ relies on public and private enterprise partnerships. She added that this is particularly important in terms of sectors that provide critical infrastructure.

To this end, in 2021, CISA established the Joint Cyber Defense Collaborative (JCDC). This public-private partnership aims to reduce cyber risk to the nation by combining the capabilities of the federal government with private sector innovation and insight.

Einstein told conference delegates: “CISA only succeeds through partnerships because more than 80% of critical infrastructure is in the private sector in the US.

“We have a collective and shared responsibility. I’m seeing organisations that didn’t think they were part of this ecosystem, not realising that they have part of the responsibility. Tech providers also need to help these enterprises become more secure and keep everything safe,” she said.

Partnerships with and between vendors were also emphasised at the event. Jim Kavanaugh, longtime CEO and technology guru of $20 billion IT powerhouse World Wide Technology, spoke on the benefits of the firm’s long-term partnership with chipmaker Nvidia, including advances with AI.

In March this year, WWT committed $500 million over the next three years to spur AI development and customer adoption. The investment includes a new AI-proving ground lab environment and a collaboration ecosystem that uses tools from partners, including Nvidia.

While former CIA agent Flores recognised that such partnerships were crucial,  he also stressed the need for firms to conduct robust assessments before onboarding.

“Every one of your vendors is a partner for success, but there are also vulnerabilities. They must be able to secure their systems, and you must be able to secure yours. And together, you must secure whatever links them,” he noted.

6. Appoint an AI officer

The conference noted the rise of the chief AI officer, who oversees the safe implementation of AI in organisations. This appointment is now mandatory for some US government agencies following the Biden Administration’s Executive Order on the Safe, Secure and Trustworthy Development and Use of AI.

These execs are required to evaluate different ways to deploy robust processes for evaluating use cases and AI governance.

While it was not a requirement for CISA to appoint a chief AI officer, Lisa Einstein stepped up to the role last month as the organisation recognised that it was important to its mission beyond having an internal AI use case lead.

“CISA wanted someone responsible for coordinating those efforts to ensure we were all going in the same direction with a technically sound perspective and to make sure that the work we’re doing internally and the advice we are giving externally is aligned so that we can adapt and be nimble, “she explained.

While this doesn’t have to be a board-level appointment, Einstein added that the person needs to be in the room with an ever-expanding roster of C-Suit players: the CIO, the CSO, the legal and privacy teams, and the data officers when decisions and policies on AI are made.

Einstein added that, within ten years, the position should be redundant if she’s done her job well. “By then, what we do should be so ingrained in us that we won’t need the role anymore. It would be like employing a chief electricity officer. Everyone understands the role they must play and their shared responsibility for securing AI systems and using them responsibly.”

7. Weave AI into your business operations

For ISA chief Larry Clinton, Secure by Design starts with theory. For over a decade, his organisation has collaborated with the US National Association of Corporate Directors (NACD), the US Departments of Homeland Security, and the Board of Direct Justice on an annual handbook for corporate boards to analyse cyber risk.

According to Clinton, ISA is currently developing a version of this handbook specifically for working with AI, which will be released this fall.

Clinton claimed that enterprises need to bring three core issues to the board level.

“AI deployment needs to be done strategically. Organisations underestimate risks associated with AI and overestimate the ability of staff to manage those risks. This comes from an idiosyncratic adaptation of AI, which needs to be woven into the full process of business operations, not just added on independently to various projects,” he says.

The second issue, he said, was education and the need to explain AI impacts to board members rather than explaining the nuts and bolts of how various AI deployments work.

The third issue, he added, was communication. “It’s critical that we move AI out of the IT bubble and make it part of the entire organisation. This is exactly the same advice we give with respect to cybersecurity. AI is an enterprise-wide function, not an IT function.”

8. Limiting functionality mitigates risk

According to Microsoft’s Brandon Dixon, limiting the actions that an AI system is capable of is well within a human’s control and should, at times, be acted upon. The computer giant has done this with many of its first-generation copilot tools, he added.

“What we’ve implemented today is a lot of ‘read-only’ operations. There aren’t a lot of AI systems that are automatically acting on behalf of the user to isolate systems. And I think that’s an important distinction to make — because risk comes in when AI automatically does things that a human might do when it may not be fully informed. If it’s just reading and providing summaries and explaining results, these can be very useful and low-risk functions.”

According to Dixon, the next stage will be to examine “how we go from assertive agency to partial autonomy to high autonomy to full autonomy. At each one of those levels, we need to ask what safety systems and security considerations we need to have to ensure that we don’t introduce unnecessary risk.”

The post Black Hat USA 2024: Eight ways to achieve ‘Secure by Design’ AI appeared first on TechInformed.

Perhaps because of its name – black hat is the term used for a computer hacker who violates the law for nefarious purposes – the conference still evokes suspicion from the locals in this burgeoning desert metropolis.

Going through security at Harry Reid, a passport official asked whether I was a hacker. I later watched a payment dispute play out between a taxi driver and a passenger. The car’s electronic payment system kept rejecting the passenger’s credit card: “Well what do you expect? The hackers are in town!” decried the passenger, by way of explanation.

And then there are the claims that Black Hat is one of the most hostile networks in the world. That, unless you switch your phone on airplane mode and use pen and paper, there’s a high chance you may get spammed by phishing emails – or worse.  This may or may not be an exaggeration, but people may well test out exploits at an event like this, and security experts always advise on exercising caution.

But in truth the event – founded by ethical hacker and US Homeland Security advisor Jeff Moss over 25 years ago – is really all about keeping the bad guys out. While it grew out of Def Con  (which takes place at the end of the same week and focuses more on the technical side of hacking) Black Hat aims to give enterprise engineers and software developers, CISOs and IT folk privileged insight into the minds and motivations of their hacker adversaries.

Keynote

This year, Jen Easterly, director of Cybersecurity and Infrastructure Security Agency (CISA) set the tone during Black Hat’s opening keynote, which focussed on security around the US elections as well as the recent CrowdStrike outage.

In March this year CISA called out China’s attempts to interfere with its electoral system, although Easterly assured that election infrastructure “has never been more secure” and that the community of election stakeholders has “never been stronger.”

What makes the US election system arguably resilient to attacks is partly its siloed structure: Each city, county and state administers an election differently and, following Russian interference in the 2016 elections, work has been done to secure the electoral system (now designated as ‘critical infrastructure’) and support local state officials.

Nonetheless, Easterly recognised that it was vital not to get complacent and that threat actors continued to be “entrepreneurial”. One recent tactic she highlighted was Russian adversaries hiding behind unwitting US public relations firms to spread disinformation about the US presidential race. You can read about others here

Hostile states such as China, Russia and Iran,  Easterly added, are all focussed on the same goal: spreading disinformation (false and incendiary claims) about US democracy to undermine faith in the election.

On US election day this year – due to take place on 5 November – Easterly appears to hold a strong faith in the system, not least because election officials are well-versed in dealing with crises.

“A poll worker will forget their key. There will be a storm,  there will be DDoS attack, but the good news is that they are natural born crisis managers and know how to deal with disruption and know how to respond,” she said.

CrowdStrike outage learnings

The beauty of an election is that you can plan for it, and for things to go wrong, even if, in the case of the UK election, you are only given six weeks’ notice.

However, last month’s  CrowdStrike IT outage  – which caused global disruption – caught most by surprise and highlighted the ubiquitousness of software in everything from payment systems to medical records.

Easterly – who woke up at 2am on the morning of the outage “to help get mitigation advice out there” said that one of her first thoughts was: “This is exactly what China wants to do but without rolling back the updates to get services back online.”

Earlier this year, the US government exposed Chinese hackers, Volt Typhoon, for infiltrating American critical infrastructure to embed dormant malware, ready to activate in case of conflict, such as a Taiwan attack.

“Volt Typhoon is aimed at exposing our pipelines, derailing our systems to incite panic. And that’s the lesson I took away from the CrowdStrike outage. We need to build that resilience now, so we are prepared for mass disruption – and that includes working with private sector,” she said.

Easterly added that it also reinforced a message that her organisation has been hammering home to tech vendors lately:  deploy software that is ‘secure by design’. She added that cyber security vendors should not be immune to this message either.

Most vendors I spoke with at the show were broadly sympathetic to CrowdStrike’s role in the outage. Several admitted that this could have happened to them and the majority were using it as an opportunity to ensure they had the right software update and testing processes in place.

The widespread global meltdown – caused by a faulty update in the manufacturer’s endpoint security product Falcon running in Windows – also didn’t stop delegates from flocking to CrowdStrike’s Black Hat booth. The snaking crowd appeared to be lining up for collectable giveaways that celebrated Falcon’s successful attempt to foil ransomware gangs such as Scattered Spider and Fancy Bear.

Security agency heads, however, might not be as easily convinced. For every company saved by Falcon there were arguably many more whose networks went down for days following Blue Screen of Death Friday.

Easterly told attendees at another session that day that delivering major improvements in computer security will require a sea change in how companies – especially big tech companies – approach building software.

“We have a multi-billion-dollar cybersecurity industry because for decades, technology vendors have been allowed to create defective, insecure, flawed software,” she said.

To force companies to devote greater resources to the security of their products, the Biden administration is considering how to carry out software liability reform, which in theory would allow those affected by software flaws to sue the makers of that product.

As it stands, restrictive liability waivers ensure that when technology companies make mistakes, they generally can’t be sued for them. And when they do, damages are capped. Everyone is watching to see what happens with the lawsuit Delta airlines and others are bringing against CrowdStrike for losses caused.

Easterly added: “Congress can have a transformative impact by establishing a software liability regime with an articulable standard of care and safe harbour provisions for those vendors that innovate responsibly, prioritising secure development processes.”

Complex web

What such legislation doesn’t consider, perhaps,  is the increasingly complex, interdependent nature of cloud-based environments. This isn’t a get-out-of-jail card for those more focussed on efficiency than resiliency, but the reality of working in agile environments.

As Black Hat’s considered founder Moss noted during the Black Hat Locknote wrapup session, it’s not only getting harder for security leaders to keep an inventory of all the software in their enterprises, but for vendors too who might not realise what libraries they are dependent on “under the hood”.

Moss’s remarks followed Thursday’s keynote from Moxie Marlinspike,  co-founder of encrypted messaging service Signal. According to Marlinspike, agile is not helping innovation but hindering it.

Agile ways of working, he argued, meant that teams end up siloed, working separately from each other, and without much visibility into what other teams are doing.

These teams also tend to lack visibility into some of the fundamentals of what makes their own products work, Thistle Technologies founder and CEO Window Snyder added during the wrap up session.

Moss added:  “I worry that at some point you reach a world where we have these completely unknowable systems …you’re building this infrastructure on the cloud on top of a cloud on top of the cloud…and at some point, you completely lose the connection.

He added that such complex systems can fail in completely unpredictable ways, and he wondered whether security leaders may have to come to terms with these failures and be ok with never being able to fully describe to management why it failed.

Another panel member pointed out that if this failure was relatively low it might be ok, but for mission-critical use cases with a low tolerance for failure, it might be dangerous.

The post Black Hat USA: What lies beneath? appeared first on TechInformed.

The outage – first reported as Australia woke up – has affected dozens of banks, supermarkets, broadcasters, stock exchanges, airports and trainlines around the world. It has also meant that Sky News in the UK  could not broadcast live this morning.

Speaking on BBC Radio 4’s Today programme this morning, Martin said that information was emerging that attributed the outage to a misconfiguration in cyber company CrowdStrike’s Falcon sensor software update.

“This is heavily caveated because it’s all happened so quickly. In cyber security terms there’s a very well-known company called CrowdStrike which a lot of companies use for all sorts of corporate network protection, they provide updates.

“They were carrying out a sensor update on one called Falcon which seems to have been misconfigured in such a way that it wrecks Windows.

“So, if a company is using both CrowdStrike and Windows for its OS it seems they get, what people in the trade call a ‘blue screen of death’ [BSOD] and Windows doesn’t work. And that’s why, for time zone reasons, it seems to have emerged first in Australia.”

The expert continued :  “These complex systems operate inter dependently so the cyber security tools must be able to interact with Windows. Companies spend a lot of time, money and effort on both sides of that equation making sure that they are compatible when you are deploying things and making sure you don’t destabilise other parts of the network.

“Most of the time that works, occasionally it doesn’t. It’s very rare for it to be as serious this.”

According to Martin, while these mistakes were rare, it happened to Facebook a couple of years ago when the social media app accidently deleted itself from the internet by misconfiguring its domain name routing that the internet depends on.

“These things do happen. So, it’s very plausible that this isn’t an attack until we see evidence to the contrary.”

For its part CrowdStrike has acknowledged “reports of crashes on Windows hosts related to the Falcon Sensor” and is working on a fix to the Falcon sensor update bug.

US airlines United, Delta and American Airlines have issued a global ground stop while Irish carrier Ryanair warned of delays. Dozens of firms and organisations in Australia – where the bug first hit – are reporting ongoing issues.

The glitch has also meant that departure boards have frozen at Edinburgh Airport, and Berlin Airport has reported delays. A series of train companies Thameslink, Southern , Gatwick Express and Great Northern also reported “widespread issues” this morning across the entire network.

The post Windows IT outage blamed on software update; CrowdStrike works on fix appeared first on TechInformed.

According to the Wall Street Journal, a source familiar with the acquisition said it would be funded mostly in cash and would be the biggest acquisition the technology giant has ever made.

Founded in 2020, Wiz is led by former Microsoft exec Assaf Rappaport and has raised roughly $2 billion in funding. It was recently valued at $12 billion and is headquartered in New York.

The startup provides cloud-based cyber security solutions with real-time AI-powered threat detection.

It ingests data from Amazon Web Services, Microsoft Azure, Google Cloud, alongside other cloud platforms and then scans for security risk factors.

There has been speculation that Alphabet views the deal as a means by which to strengthen its Google Cloud business, which grew almost 30% in the first quarter of this year to just over $9.5 bn.

Customers of Wiz include technology firms such as Siemens, Slack, and DocuSign, retailer ASOS and car manufacturer BMW.

According to its website, it generated about $250 million in revenue last year, and works with 40% of Fortune 100 companies.

Alphabet and Wiz did not immediately respond to requests for comment.

Recently, TI spoke with fintech firm Soldo on how observability is fortifying its cloud, and why this is so crucial in protecting customer data.

To read more about the cloud, click here.

The post Google eyes cyber sec startup with $23bn price tag appeared first on TechInformed.

Customers affected include those on mobile virtual network operators that use the AT&T network such as Cricket, Boost Mobile, and Consumer Cellular.

Data from between May 1^st, 2022, and October 31^st, 2022, may have been exposed, as well as records from a “very small number” of customers on January 2^nd, 2023.

The attackers obtained the information through the firm’s cloud provider, Snowflake, AT&T’s spokesperson Alex Byers told The Verge.

The telecoms firm knew of the breach in April, but an FBI spokesperson reported to TechCrunch that itself, AT&T, and the Department of Justice “agreed to delay notifying the public and customers on two occasions, citing ‘potential risks to national security and/or public safety.’”

According to Byers, the stolen data includes phone numbers customers interacted with, counts of those calls/texts and total call durations for specific days or months.

It does not include the content of the calls or texts, time stamps, or Social Security numbers, dates of birth, or other identifiable information – however, a name can be matched to a phone number by simple actions taken with online tools.

AT&T said in a blog post that it does not “believe that the data is publicly available” and it has “taken steps to close off the illegal access point.”

“We will provide notice to current and former customers whose information was involved along with resources to help protect their information,” AT&T added.

“We sincerely regret this incident occurred and remain committed to protecting the information in our care.”

Recently, TI spoke to fintech platform Soldo on how it uses observability to make its cloud more secure: read here.

The post AT&T admits customer call and text data breached in cloud hack appeared first on TechInformed.

The self-proclaimed ‘gay furry’ hackers claimed to have infiltrated The Heritage Foundation – a US conservative think tank responsible for formulating the Republican Party’s so-called ‘policy wish list’, Project 25.

Chronologising the hack via Telegram and a stream of tech media interviews, the politically motivated hacker collective said that it had infiltrated the Washington DC-based think tank to oppose Project 25’s stance on transgender rights and had subsequently leaked two gigabytes of the foundation’s data.

The data is thought to have contained 72k unique email addresses, primarily used for commenting on articles (along with usernames, IP addresses, comments and stored passwords).

Additionally, the hacking group threatened to leak passwords, email addresses, and full names of every user, including US government employees and the Heritage president, Kevin Roberts.

The hacktivists later told media outlets that it had gained access to the data on July 2 and released it to provide “transparency to the public regarding who exactly is supporting Heritage”.

For its part, Heritage played down the hack – claiming that the two-year-old archive the group snagged had contained incomplete password information, and data that was limited to usernames, names, email addresses of both Heritage and non-Heritage contributors.

The attack was carried out as part of SiegedSec’s “OpTransRights,” campaign, which has previously included the defacement of government websites and data theft from states either considering or implementing anti-abortion or anti-trans legislation.

However, today on Telegram the group announced its intention to quit cybercrime, largely for the wellbeing of members. It said: “We planned to disband later today or tomorrow but given the circumstances I believe it’s best we do so now. for our own mental health, the stress of mass publicity, and to avoid the eye of the FBI.”

Random or targeted?

Keen to weigh in cyber security experts have advised that – regardless of ideological stance – organisations operating in this sector must swiftly determine whether such attacks are random or, in the case of Heritage, targeted.

Cybereason VO and global field CISO Greg Day, said: “With numerous political elections happening worldwide, it’s no surprise that cyber attacks are increasingly targeting this sector.

“Understanding the motive behind the breach and the actions taken during it is crucial. The ability to respond appropriately and promptly determines the commercial impact of the incident.

“In the past, only a few highly skilled incident responders had this knowledge. However, as breaches have become more common, the industry has adapted to enable businesses to manage these situations themselves.

Day claimed that this shift required a new perspective and more technology.  ”Instead of focusing on individual attack events, businesses need to consider the entire malicious operation.

“Historically, we’ve relied heavily on human analysis to piece together evidence, but today we should embrace data normalisation techniques to empower AI to detect adversaries amidst the overwhelming noise that most security teams face.”

The post Hacktivists involved in Project 25 think tank breach disband appeared first on TechInformed.

The Labour Party’s manifesto mentioned ‘technology’ and ‘innovation’ more frequently than any other party, suggesting that these will be central to the government’s efforts to enhance public services, boost productivity, and revitalise the UK economy.

We’ve previously discussed the promises made in the Labour manifesto as they pertain to technology in various sectors. But what are the perspectives of industry leaders on the future of UK tech policy and its potential impact on businesses?

TechInformed has gathered insights from Cybersecurity, AI, and Open-Source leaders to provide a comprehensive view of the industry’s positions.

Cybersecurity & Online Safety

The election has been criticised for neglecting cybersecurity, with the industry urging the new government to prioritise cybersecurity through strong legislation, proactive strategies, and securing critical infrastructure. There are also calls to swiftly implement and enforce the Online Safety Act to protect individuals and balance digital protections with free expression and privacy rights. 

“With recent high-profile attacks on the NHS and MoD highlighting critical gaps in national security, the new leaders must play their part in ensuring that cybersecurity is a boardroom priority in all organisations with accountable outcomes, given that the UK is at high risk of a “catastrophic ransomware attack.

“Cyber security efforts have remained stagnant even as threats rise, with 43 legacy systems at critical risk levels this year alone. The new government must take decisive action and hold all businesses accountable for improving the UK’s level of cyber preparedness through more robust and comprehensive legislation that ensures cyber security is taken more seriously.

“Government must advocate for building cyber resilience through proactive strategies, secure-by-design principles, and visibility into everything that is coming in and out of an organisation, including encrypted data. They must also lead by example, taking steps to secure the public sector itself, especially critical national infrastructure, as the traditional IT and security strategies underpinning these organisations are no longer sufficient for the extent of today’s sophisticated threats.”

Mark Coates, VP EMEA, Gigamon

“Details from the Labour Party have been minimal. However, what we do know from their manifesto is that they recognise the threat to our safety and security. They specifically call out the growing emergence of hybrid warfare, including cyberattacks and misinformation campaigns which seek to subvert our democracy.

“Labour proposes to tackle this by conducting a Strategic Defence Review. This will happen within Labour’s first year in government, and their manifesto states that it will set out the path to spending 2.5% of GDP on defence.

“I urge Sir Keir and the Labour Party to speak with a broad spectrum of people across the cyber security industry, including those at the front line of law enforcement activities. The reality of the problems and the needs of the UK must be seen and addressed in this review.”

Adam Pilton, Cybersecurity  consultant, CyberSmart

“For all the election noise, cyber security was absent. In a way, this is understandable; there are many other social and economic issues to focus on when trying to woo voters. But as the dust settles on this election, continuing to overlook cyber security would be a grave mistake.

“The electoral commission: hacked. NHS hospitals: hacked. Countless UK businesses: hacked. How many attacks are too many? With Labour coming into power for the first time in 14 years, a comprehensive strategy to strengthen the UK’s cyber defences is urgently needed.

“The EU is implementing the NIS2 directive. Why does the UK lag in securing its digital infrastructure? It’s time for the government to wake up, smell the coffee and develop a plan to change this.”

 Al Lakhani, CEO, IDEE

“With the appointment of Peter Kyle as Secretary of State for Science, Innovation and Technology, it’s a vital time for Labour to reaffirm its commitment to online safety. The Online Safety Act, which Labour supported, has enabled the UK to lead the world in this space and set the direction for online platforms to make concrete changes that keep people safe.

“The new government must ensure that the Act is not only implemented swiftly but also enforced robustly to hold tech companies accountable. Keeping up the pace here will be crucial to tackling some of our biggest societal problems, such as protecting children and other vulnerable people from age-inappropriate, harmful, and illegal content. Child Sexual Abuse Material (CSAM) and fast-developing AI-generated harms like deepfakes and nonconsensual explicit content also demand urgent attention.

“While the focus is often on ‘Big Social’ regarding online safety in the media, we hope to see more focus on other user-to-user platforms, including video games, chat apps, and streaming services. Platforms must be held responsible for the content posted by their users to create safer online communities.”

Andy Lulham, COO, VerifyMy

Open Source

According to leaders in the field, the critical role of open-source technology in driving economic growth, enhancing public sector efficiency, and maintaining technological leadership calls for strategic government support and investment.

“Change must not only start now but must be digital. Only a fundamental shift in our digital policies and practices can impact the lives of every individual across the UK.

“This can be made possible by leading with digital funding the development of the right skills in open-source software. Leveraging a globally visible living CV created by open-source contribution will offer individuals who can currently code but have no employment experience the opportunity to be employed by global tech companies and hired as home workers with a proven track record of contribution.

“We should remember that these are employers who recruit based on skills, not location. In this way rurally based individuals can have international jobs, stemming talent flight, injecting international salaries into the UK economy whilst building our future tech sector.

“With 96% of software codebases having open-source software dependencies today, the public sector must learn how to manage open-source properly. Only this change allows interoperability that can open data flows between systems, unlock efficiency, and break patient and practitioner frustration in the NHS. Our new government owes the NHS this change.”

Amanda Brock, CEO, OpenUK

AI & Regulation

Leaders in the AI space stress the need for AI openness to prevent centralised control, urging the new government to learn from past technological developments. They emphasise tech investment, calling for the appointment of  Chief AI Officers in government departments and creating an AI fund to foster public-private innovation while ensuring privacy through synthetic data.

Industry-specific regulations, especially for healthcare and pharmaceuticals, are highlighted, alongside the need for a dedicated office to ensure diverse policy input. There’s also a strong call for robust AI processes to mitigate risks, ethical AI use, transparent policies, and continuous compliance to protect data and maintain public trust.

“AI will have an impact in the coming months and years like the internet in the last 20. But this time, everyone knows how the game plays out. We know the risk today is that AI ends up controlled by the hands of a few.

“This time, our new leaders must learn from the recent past. History will not be forgiving if they do not. To protect the UK’s AI leadership, Labour must look to open AI wherever possible. But it must do this with a considered understanding of what that means to open each component that makes up, from models to data, and what it means to be partially or fully open.

“It’s complex, yes, but we expect our leaders to be able to understand complex tasks and to cut through the distraction of the noise created by those who can shout loudest. The biggest risk the UK faces from AI today is that our leaders fail to learn the lessons of the last 20 years of tech and do not enable AI openness. Only Labour can bring this change.”

Amanda Brock, CEO, OpenUK

“It is crucial the new government places an emphasis on tech investment, particularly around AI, which will be paramount to streamlining services and enhancing citizens’ lives.

“We expect to see Chief AI Officers hired across government departments to ensure AI underlines the priorities in all the parties’ manifestos, while a foundational data strategy with governance at its core will help meet AI goals.

“An AI fund can also help promote public-private innovations and enable the commercialisation of data and assets globally through synthetic data. This approach would offer a unique opportunity to unlock value from data whilst maintaining robust privacy protections, as synthetic data can mimic real-world information without exposing sensitive personal details.

“Regarding AI regulation, it would be beneficial to establish industry-specific rules, with particular attention paid to sectors like healthcare and pharmaceuticals and their unique needs. For the pharmaceutical industry, in particular, there needs to be more robust agreements established on the use of medical data, with internal investment to manage and protect this data. This could include shared profits or IP rights provisions when companies benefit from UK resources.

“A dedicated office to oversee these initiatives would help to ensure that diverse voices are heard in shaping data and AI policies. These steps will be crucial for the new government to support data-driven industries and ensure they can capitalise on AI, thus positioning the UK as a global innovation powerhouse whilst ensuring sustainable growth and protecting national interests.”

James Hall, VP & country manager UK&I, Snowflake

“Labour’s promise to introduce “binding regulation” for AI safety will create ripple effects across the UK private and public sectors. And while stricter regulation for major AI firms is planned, organisations leaning on these emerging technologies will have to scrutinise their AI strategy here and now.

“With Labour’s wider review on the misuse of AI for harmful purposes, companies need to telegraph they are mitigating risk with AI. Both ‘good AI’ and ‘bad AI’ exist, and combatting threats from bad AI is critical in an increasing risk environment, as over half (59%) of IT leaders say that customer-impacting incidents have increased, growing by an average of 43% in the last 12 months.

“In light of regulation pressures and mounting risk factors, companies need to establish watertight AI processes and mechanisms to ensure the ethical use of AI; how are external AI threats being tackled? How are internal hygiene processes with AI protecting customers? CIOs and DPOs face a big set of tasks involving sticking close to regulators, sharing rigorous policy documentation publicly, and implementing clear and transparent network policies on data collection and information security.

“Compliance is a 24/7 job, and dropping the ball on this, with regards to areas like data protection, could result in hefty fines and loss of trust.”

Eduardo Crespo, VP EMEA, PagerDuty

For more tech-oriented coverage of elections around the world, check out our dedicated hub to the Year of Elections.

The post Labour’s next steps: Cyber security, AI, & Open-Source industry leaders weigh in appeared first on TechInformed.

Howden’s annual report found that insurance premiums have been dropping in the past year, presenting positive signs that the companies are becoming more adept in curbing their losses from cybercrime.

The easing in cost comes after a rocket in cyber insurance premiums over the Covid-19 pandemic (2021-2022), due to increased cyber incidents.

However, as firms have bolstered their security further, such as adding multifactor authentication, insurance claims have become less common, the report claims.

“MFA is the most basic thing you can do, it’s like locking the door when you leave the house,” said Sarah Neild, head of UK cyber retail at Howden,

A mix of: increased attacks, heightened geopolitical instability, and the proliferation of GenAI, alongside easing cyber security costs is something that the market has never experienced, added Neild.

“The foundations for a mature cyber market, with innovation and exposure-led growth at its core, are now in place,” she said.

According to the report, price decreases are also due to a greater appetite by insurers to offer cyber insurance.

“Cyber insurance is key to strengthening resilience around the world and insurers are now in a strong position to bring about real change,” said Jean Bayon de La Tour, head of cyber, international, at Howden.

“This involves providing more capacity to meet pent-up demand in currently underpenetrated groins, including Europe, Latin America and Asia,” Bayon de La Tour continued.

The post Cyber insurance rates fall although attacks are increasing appeared first on TechInformed.