< ciso
brief />
Tag Banner

All news with #ai security tag

759 articles · page 21 of 38

Army Signal Officer to Insurance CSO: Hensley’s Cyberplan

🔐 Barry Hensley, a retired U.S. Army Colonel and former Signal Officer, now serves as CSO of Brown & Brown, leading efforts to protect client networks and sensitive data. He notes that organizational awareness of cyber risk has grown, but effective investment and calibrated risk tolerance often lag, especially under budget constraints. Hensley highlights threats such as ransomware and ideologically motivated attacks, the rising role of AI in both offense and defense, and the critical need to manage third- and fourth-party risk while retaining motivated security talent.
read more →

AI Meets Quantum Computing: The Next Security Battlefield

⚛️ Quantum computing paired with AI promises transformative gains in processing speed and machine learning capacity, enabling tasks—such as real-time climate modelling and instant financial simulations—that classical infrastructure struggles to deliver. At the same time, the article warns that quantum-enabled attacks could undermine widely used cryptosystems like RSA, ECC and AES, creating a disruptive Q-Day when encrypted confidentiality is at risk. Governments and enterprises are already staging migrations to post-quantum cryptography and updating governance and observability, but the piece stresses that building trust, ethical AI oversight and resilient frameworks will be essential to preserve digital privacy and integrity.
read more →

Manufacturing Reimagined: Tech Trends and Impact in 2026

🏭 This Enterprise Spotlight outlines how emerging technologies — from AI and extended reality to edge computing and digital twins — are reshaping manufacturing operations, workforce interactions, and product lifecycles. The February 2026 issue brings together editorial insight, case studies, and practical frameworks to guide CIOs and plant leaders through adoption and scaling. It emphasizes data governance, interoperability, and measurable ROI as critical enablers for responsible transformation.
read more →

Emerging Technologies Reshaping Modern Manufacturing

🛠️ Emerging technologies — from AI and quantum computing to extended reality (XR), edge computing and digital twins — are driving profound change in manufacturing, improving efficiency, safety and innovation. This special report examines how these advances will fundamentally alter operations, competitiveness and value creation across industrial sectors. It highlights practical use cases, adoption challenges and strategic considerations for responsible integration.
read more →

Kaspersky SIEM 4.2: AI UEBA, New Correlator and Roles

🔒 Kaspersky's Unified Monitoring and Analysis Platform SIEM v4.2 integrates AI-driven UEBA to model normal authentication behavior and surface deviations such as atypical login times, unusual event chains, and anomalous access attempts. The release also introduces a new, more efficient correlator that processes events faster with lower resource use, a flexible role model for granular access control, and secure event backup and export capabilities. Together these changes aim to reduce false positives, ease SOC operational load, and improve stability under high event volumes.
read more →

Top CISO Priorities for 2026: AI, Identity, Resilience

🔐 Taylor Lehmann outlines five CISO priorities for 2026, urging leaders to align compliance work with broader operational resilience rather than treating regulation as the only objective. He emphasizes securing the AI supply chain with end-to-end provenance and tools such as SLSA and SBOM, and strengthening identity management for humans and agents. Lehmann also calls for defenses that operate at machine speed and for improved AI governance through context, advanced testing, and red teaming.
read more →

January 2026 security roundup with Tony Anscombe — Lessons

🛡️ January brought several high-impact incidents that underline persistent enterprise risks. ServiceNow patched a critical AI-driven vulnerability (CVE-2025-12420) that could let unauthenticated actors impersonate admins on its AI platform. Unsecured Zendesk systems were abused for a large spam campaign, while the World Economic Forum reports cyber-fraud has overtaken ransomware as CEOs' top worry. Nike is also probing an alleged theft of 1.4 TB of data.
read more →

Agentic Tool Chain Attacks and Enterprise AI Risk Overview

🔒 AI agents dynamically select and invoke tools using natural-language descriptions, creating a new attack surface in the agent's reasoning layer. Agentic tool chain attacks manipulate tool metadata and context — via tool poisoning, tool shadowing, or rugpull attacks — to exfiltrate data or trigger unauthorized actions without altering tool code. Defenses should center on tool governance, trusted MCP identity, strict parameter validation, and reasoning-layer observability. Organizations must adopt signed manifests, version pinning, mutual TLS, and telemetry to detect and contain these threats.
read more →

Russian Cyber Threats to the 2026 Winter Olympics Overview

🔐 This Unit 42 analysis outlines the evolving Russian cyber threat to the Milano Cortina 2026 Winter Olympics, framing Russia’s IOC exclusion as a geopolitical grievance that raises the risk of disruptive operations. It reviews historical GRU-linked campaigns against prior Games and projects plausible scenarios ranging from destructive OT malware to AI-driven deepfakes and V2X manipulation. The report recommends zero‑trust visibility, IoT anomaly detection, telemetry verification, and micro‑segmentation to reduce operational impact.
read more →

Researchers Find 175,000 Publicly Accessible Ollama Hosts

🔍 A joint investigation by SentinelOne SentinelLABS and Censys identified 175,000 publicly reachable Ollama hosts across 130 countries, spanning cloud and residential networks. Nearly half of observed instances advertise tool-calling capabilities that can execute code, access APIs, and interact with external systems, significantly raising the threat profile. Researchers warn these unmanaged LLM deployments lack standard authentication and monitoring, enabling active LLMjacking campaigns and resale of illicit access.
read more →

Google Cloud Brings Conversational Analytics to BigQuery

🔍 Conversational Analytics in BigQuery (preview) brings an AI-powered reasoning agent into BigQuery Studio, enabling users to query, visualize, and forecast directly with natural language. The agent generates and executes SQL grounded in your schema, metadata, and verified queries, and it exposes the SQL and reasoning behind each answer to build trust. Security, governance, and audit logging are enforced by BigQuery’s compliance controls, and the feature also supports unstructured data and API integration for custom agents.
read more →

2026 Data Security Index: Securing AI and Sensitive Data

🔒 The 2026 Microsoft Data Security Index explores how organizations can harness generative AI while protecting sensitive information and maintaining productivity. Based on responses from more than 1,700 security leaders, the report highlights three priorities: consolidating fragmented tools into unified platforms, managing AI-driven workflows securely, and leveraging generative AI to strengthen security operations. It recommends practical approaches using Microsoft Purview for continuous discovery and governance and Microsoft Security Copilot for automated investigation with human oversight.
read more →

Accelerate 2026: Future Directions in Secure Networking

🔒 Fortinet's Accelerate 2026 returns to Las Vegas March 9–13, bringing customers, partners, and industry leaders together at the Mandalay Bay Convention Center for keynotes, technical sessions, and an expansive Tech Expo. The event emphasizes an integrated platform approach to secure networking, unified SASE, cloud and OT protection, and AI-enhanced detection and automation. Customer-led sessions from organizations such as Lowe’s, TJX, and ExxonMobil will share practical implementations, while attendees can pursue certifications, hands-on workshops, and the Fortinet Ultimate Fabric Challenge to translate strategy into operational outcomes.
read more →

Public Sector Cyber Outlook 2026: Identity and AI Trust

🔒 AI integration has shifted public-sector cybersecurity in 2026, forcing agencies to adopt AI-native detection and autonomous response, continuous identity verification, and secure-by-design AI deployments. Nation-state actors now automate intrusion, deception, and tailored malware, expanding risk to IT, OT and research environments. Agencies must consolidate platforms, accelerate post-quantum planning, and govern AI at mission scale.
read more →

AI-Generated Code and Emojis Found in PureRAT Malware

🤖 Researchers report that the PureRAT remote access trojan is being produced with the assistance of AI, with leftover AI-authored comments and even emojis appearing in the malware’s code. Analysis by Symantec and the Carbon Black Threat Hunter Team ties these artifacts to scripts distributed via phishing emails posing as job opportunities. The presence of explicit AI instructions, debug messages and Vietnamese-language strings — including references to Hanoi — suggests a likely Vietnam-based operator. Despite the sloppy leftovers, PureRAT remains a capable infostealer enabling persistent remote access and data exfiltration.
read more →

Key Cybersecurity Trends Defining 2026 Risk Landscape

🛡️ The Cyber Security Report 2026 analyzes global attack activity and shows how adversaries are evolving into faster, more automated, and more coordinated operators. It documents AI-driven attacks, expanded ransomware operations, identity abuse, and multi-channel social engineering across hybrid and edge environments. The report highlights the deliberate combination of techniques at scale and outlines defensive priorities to address these integrated threats.
read more →

Zscaler Warns of Rising AI Security Threats as Usage Soars

⚠️ Zscaler's ThreatLabz 2026 report finds enterprise AI use rose 91% in 2025 after analyzing 989.3 billion AI/ML transactions on the Zscaler Zero Trust Exchange. Adoption has outpaced oversight across more than 3,400 AI applications, with OpenAI services the top LLM and Grammarly and ChatGPT becoming concentrated repositories of corporate data. Analysts reported critical vulnerabilities in 100% of observed AI systems and a median time to first critical failure of 16 minutes, warning that agentic AI could scale attacks at machine speed.
read more →

Data Protection Day 2026: From Compliance to Resilience

🛡️ On Data Protection Day 2026, CrowdStrike urges organizations to move beyond checkbox compliance toward operational resilience against modern data risks. The post details how adversaries exploit stolen credentials, identity abuse, SaaS sprawl and AI-driven workflows to access and exfiltrate data, often without crossing conventional boundaries. It calls for controls across identity, endpoints, browsers and the AI interaction layer, and highlights Falcon AIDR as a runtime capability to detect prompt injection, model manipulation and unauthorized tool execution while preserving legitimate workflows.
read more →

Future Mode: The Agentic, Secure Browser for Enterprises

🤖 Chrome Enterprise presents the browser as an intelligent, agentic workspace that automates multi‑step tasks and integrates Google’s Gemini models directly into the user experience. It emphasizes enterprise controls—such as enhanced DLP (real‑time copy/paste restrictions, data masking, dynamic watermarking) and per‑group AI feature management—to prevent data leakage and limit access to unapproved generative tools. Chrome also adds a double‑check review system and strict site scoping for agent actions, aiming to balance productivity gains with robust security protections.
read more →

Essential CISO Skills for 2026: Business, AI, Culture

🛡️ In 2026, CISOs must combine business acumen, AI literacy, and culture-building to enable growth and resilience rather than acting as technical gatekeepers. They need to translate complex AI and model risks into clear financial, operational, and reputational terms for boards while prioritizing cloud-native security and secure use of LLMs. Recommended credentials include (ISC)² CISSP, CCSP, and leadership programs, but practical experience, cross-functional influence, and low-cost learning tactics like peer communities and internal learning loops are often decisive.
read more →