Category: risks

Auto Added by WPeMatico

New SEC Rules around Cybersecurity Incident Disclosures

Posted on By infossl
cyberattack, cybersecurity, disclosure, national security policy, risk assessment, risks, Security technology, Uncategorized

The US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules: Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays if there is a national security risk. Public companies must “describe their processes, if any, for assessing, … Read More “New SEC Rules around Cybersecurity Incident Disclosures” »

On the Catastrophic Risk of AI

Posted on By infossl
artificial intelligence, risk assessment, risks, Security technology, Uncategorized

Earlier this week, I signed on to a short group statement, coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. The press coverage has been extensive, and surprising to me. The New York Times headline … Read More “On the Catastrophic Risk of AI” »

Ted Chiang on the Risks of AI

Posted on By infossl
artificial intelligence, essays, risks, Security technology, Uncategorized

Ted Chiang has an excellent essay in the New Yorker: “Will A.I. Become the New McKinsey?” The question we should be asking is: as A.I. becomes more powerful and flexible, is there any way to keep it from being another version of McKinsey? The question is worth considering across different meanings of the term “A.I.” … Read More “Ted Chiang on the Risks of AI” »

Building Trustworthy AI

Posted on By infossl
artificial intelligence, essays, risks, Security technology, trust, Uncategorized

We will all soon get into the habit of using AI tools for help with everyday problems and tasks. We should get in the habit of questioning the motives, incentives, and capabilities behind them, too. Imagine you’re using an AI chatbot to plan a vacation. Did it suggest a particular resort because it knows your … Read More “Building Trustworthy AI” »

Security Risks of AI

Posted on By infossl
artificial intelligence, cybersecurity, machine learning, reports, risks, Security technology, Uncategorized

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Jim Dempsey, one of the workshop organizers, wrote a blog post on the report: As a first step, our report recommends the inclusion of AI security concerns within the cybersecurity programs … Read More “Security Risks of AI” »

Existential Risk and the Fermi Paradox

Posted on By infossl
complexity, risks, security analysis, Security technology, Uncategorized

We know that complexity is the worst enemy of security, because it makes attack easier and defense harder. This becomes catastrophic as the effects of that attack become greater. In A Hacker’s Mind (coming in February 2023), I write: Our societal systems, in general, may have grown fairer and more just over the centuries, but … Read More “Existential Risk and the Fermi Paradox” »

Adversarial ML Attack that Secretly Gives a Language Model a Point of View

Posted on By infossl
academic papers, artificial intelligence, machine learning, propaganda, risks, Security technology, Uncategorized

Machine learning security is extraordinarily difficult because the attacks are so varied—and it seems that each new one is weirder than the next. Here’s the latest: a training-time attack that forces the model to exhibit a point of view: Spinning Language Models: Risks of Propaganda-As-A-Service and Countermeasures.” Abstract: We investigate a new threat to neural … Read More “Adversarial ML Attack that Secretly Gives a Language Model a Point of View” »

Security and Human Behavior (SHB) 2021

Posted on By infossl
conferences, fear, privacy, risks, security conferences, Security technology, Uncategorized

Today is the second day of the fourteenth Workshop on Security and Human Behavior. The University of Cambridge is the host, but we’re all on Zoom. SHB is a small, annual, invitational workshop of people studying various aspects of the human side of security, organized each year by Alessandro Acquisti, Ross Anderson, and myself. The … Read More “Security and Human Behavior (SHB) 2021” »

The NSA on the Risks of Exposing Location Data

Posted on By infossl
cybersecurity, geolocation, military, nsa, riskassessment, risks, Security technology, smartphones, tracking

The NSA has issued an advisory on the risks of location data. Mitigations reduce, but do not eliminate, location tracking risks in mobile devices. Most users rely on features disabled by such mitigations, making such safeguards impractical. Users should be aware of these risks and take action based on their specific situation and risk tolerance. … Read More “The NSA on the Risks of Exposing Location Data” »

The Unintended Harms of Cybersecurity

Posted on By infossl
academicpapers, cyberattack, cybercrime, cybersecurity, riskassessment, risks, Security technology

Interesting research: “Identifying Unintended Harms of Cybersecurity Countermeasures“: Abstract: Well-meaning cybersecurity risk owners will deploy countermeasures (technologies or procedures) to manage risks to their services or systems. In some cases, those countermeasures will produce unintended consequences, which must then be addressed. Unintended consequences can potentially induce harm, adversely affecting user behaviour, user inclusion, or the … Read More “The Unintended Harms of Cybersecurity” »