< ciso
brief />
Tag Banner

All news with #ai security tag

759 articles · page 25 of 38

Traditional Security Frameworks Fail Against AI Threats

🔒 Traditional security frameworks like NIST CSF, ISO 27001, and CIS Controls were designed for legacy IT assets and do not map cleanly to AI-specific risks. Recent incidents — including the December 2024 Ultralytics compromise, ChatGPT memory-extraction flaws across 2024, and August 2025 malicious Nx packages — show organizations can meet compliance yet remain exposed. The article argues security teams must adopt AI-tailored controls such as prompt validation, model integrity verification, semantic DLP, and AI-focused red teaming.
read more →

NIST Funds MITRE to Establish Two AI Security Centers

🔒 NIST is investing $20m to fund two new AI security research centers run by nonprofit MITRE: the AI Economic Security Center for US Manufacturing Productivity and the AI Economic Security Center to Secure US Critical Infrastructure from Cyber Threats. The centers will develop technology evaluations and advancements to protect US AI leadership, counter adversarial AI uses, and reduce risks from insecure systems. NIST says the effort will drive applied science breakthroughs and support commercialization of new technologies.
read more →

Fighting AI With AI: Cybersecurity's Inevitable Battle

🤖 Trend Micro's Rachel Jin warns that the rapid evolution of AI is outpacing static security controls and forcing defenders to embrace automation and context-aware defenses. She notes LLMs update frequently and attackers leverage that pace to craft tailored phishing, automate tasks and scale operations. Jin stresses that visibility into AI usage, agents and infrastructure is essential and recommends an AI security blueprint to map risk, consolidate tooling and prioritize scarce budgets.
read more →

IT's 2025 Verdict: AI Gains, Layoffs and Mixed Security

🤖 The editorial teams of Computerwoche, CIO and CSO reflect on a turbulent 2025 shaped by the rapid rise of AI, economic uncertainty and geopolitical friction. They call out major flops such as widespread AI‑justified layoffs (Surfshark estimates 200,000+ jobs lost) and the growing use of AI by cybercriminals, while noting positive trends: pragmatic CIOs focusing on data quality, innovative change management like Mobilezone, and sizable sovereignty investments such as Schwarz IT.
read more →

Eight Cybersecurity Resolutions for 2026 Readiness

🔒 Kaspersky outlines eight practical cybersecurity resolutions to take into 2026 after a transformative 2025 marked by sweeping internet laws and widespread AI adoption. The guidance covers legal awareness, safer access methods, and mitigation against document-leak risks. It also warns about new scam tactics, urges cautious AI use, subscription audits, longevity practices for devices, and strengthened smart‑home security.
read more →

CISOs’ Bucket List: Human-Led, AI-Powered Security

🔐 CISOs are rethinking how they spend reclaimed time, prioritizing innovation and transformation over constant firefighting. Leaders want to eliminate tactical debt—closing out lingering POAMs, patching unpatched systems and remediating misconfigurations—to free resources for strategic foresight. They plan to break down silos between AppSec, CloudSec and GRC with automation and AI, creating a unified view of risk and on-demand compliance evidence. Above all, CISOs aim to make security a human-led business enabler that empowers teams, reduces burnout and embeds privacy-by-design into engineering.
read more →

AI and Security in Financial Services: Secure Design

🔒 The post argues that financial institutions must treat cybersecurity as the foundation for safe AI adoption, centering on three imperatives: understand the AI–cybersecurity nexus, harness AI to accelerate detection and response, and adopt Secure AI by Design. It highlights AI-driven SOCs that distill billions of events into actionable incidents and cites customer outcomes such as dramatic reductions in MTTR and large-scale threat prevention. The author also describes new AI-specific risks to data, models and agents, and calls for enterprise governance, risk-tiered inventories, strict access controls and coordinated policy to enable innovation while managing systemic risk.
read more →

Check Point Launches AI Security Training Courses Globally

🔐 Infinity Global Services (IGS) has launched its first dedicated AI security training courses, the initial release in a growing AI services portfolio. The programs offer expert-led instruction and hands-on labs to help security teams, developers, and leaders defend against AI-driven threats and implement AI securely across operations and product development. IGS also plans upcoming offerings in AI red teaming, governance, and implementation consulting to extend defensive and advisory capabilities.
read more →

AI Is Reshaping Modern Cybercrime: Practitioner Findings

🔍 Fortinet and academic partners, including UC Berkeley’s CLTC and the Berkeley Risk and Security Lab, collaborated on global tabletop exercises and analysis to assess how AI is reshaping cybercrime. The Singapore TTX demonstrated that AI amplifies existing attack vectors—speeding reconnaissance, phishing, and malware development—while lowering barriers to entry and fostering criminal specialization. Defenders reported that governance, decision rights, and human judgment often mattered more than specific tools, underscoring the need for strong public-private collaboration and human oversight of AI-assisted detection.
read more →

AI Is Reshaping Modern Cybercrime: Key TTX Findings

🔎 Fortinet and UC Berkeley partners analyzed a Singapore tabletop exercise to assess how AI is reshaping cybercrime and defense. The practitioner perspective complements CLTC’s academic work and shows AI is amplifying existing attack vectors—speeding phishing, reconnaissance, code generation, and malware iteration—while lowering barriers to entry. The exercise highlighted that governance, human judgment, and cross-sector collaboration frequently determine response effectiveness more than specific tools.
read more →

Partnering with Precision: Palo Alto Networks' 2026 Vision

🔒 Palo Alto Networks sets a partner-first agenda for 2026 focused on integration, embedded AI and ecosystem-driven growth. The company encourages partners to consolidate point tools onto a unified platform, embed AI into core workflows and build repeatable services across consulting, resale and managed security. Program updates will simplify engagement, expand API and alliance integrations, and aim to increase partner profitability while accelerating customer time‑to‑value.
read more →

ESET Threat Report H2 2025: AI, Ransomware Trends Outlook

🔍 ESET's H2 2025 threat report documents rapid attacker innovation, including the first known AI-driven ransomware, PromptLock, which can generate malicious scripts on demand. The report also highlights a near-collapse of Lumma Stealer, a roughly thirtyfold surge in the CloudEyE downloader, and a sharp rise in ransomware victims and NFC-based Android fraud. It underscores evolving distribution and evasion techniques across platforms.
read more →

AI-Enhanced Phishing and Social Scams Surge Before Christmas

⚠️ Check Point reports a surge in Christmas-themed phishing and social scams, detecting 33,500 unique phishing emails and over 10,000 seasonal social ads in a recent two-week period. Threat actors are using AI to produce flawless local-language messages, build fake e-commerce sites with working checkouts, and generate deepfake audio and smishing that mimic delivery alerts. Consumers should watch for spoofed URLs, unusual payment requests, new or inactive accounts and emotional triggers, and avoid clicking unsolicited links or sharing credentials.
read more →

Three Decades of Threat Data Powering AI in Security

🔐 Check Point argues that modern AI's effectiveness hinges on the volume, variety, and freshness of data, and that its three decades of aggregated threat intelligence provide a practical advantage in applying AI to cybersecurity. The post highlights data density — the combination of scale, diversity, and timeliness of telemetry — as the primary driver of model accuracy and detection efficacy. It contrasts five years of explosive AI data growth with Check Point's 30-year corpus and explains how rich telemetry enables better prediction, prevention, and operationalization of AI-driven defenses.
read more →

Cybersecurity leaders' top seven takeaways from 2025

🛡️ In 2025 CISOs reported that AI moved from experiment to dominant force, giving defenders major productivity gains while simultaneously enabling faster, more precise attacks. Leaders from Smartsheet, Calendly, Elastic and HCLTech say AI reshaped priorities, forced strategy changes, and amplified non-human identities and third-party risk. Heightened regulation and stricter enforcement of standards like NIST and ISO pushed security accountability up to boards.
read more →

CrowdStrike Falcon AIDR Secures the AI Interaction Layer

🛡️ CrowdStrike announced general availability of Falcon AI Detection and Response (AIDR), an extension of the Falcon platform designed to protect the prompt and agent interaction layer where people, models and autonomous agents exchange instructions. AIDR offers unified visibility across endpoints, applications, MCP servers and API gateways, real-time detection of prompt injection and jailbreaks, automated data protection and attribute-based access controls. It supports browser extensions, application SDKs, gateway integrations and cloud log analysis for runtime enforcement and investigations.
read more →

2026 Cybersecurity Forecast: AI, Agentic Defense, IAM

🔒 The Cybersecurity Forecast for 2026 highlights how agentic security automation and widespread AI will reshape defenses, shifting SOCs from monitoring to automated action. It calls for building workforce AI fluency, evolving IAM to treat agents as managed identities, and deploying model-protection measures alongside tamper-proof backups. Boards will increasingly demand operational resilience, quantified exposure, and mature AI governance.
read more →

OpenAI strengthens defensive models as cyber risks rise

🔐 OpenAI says rapid model gains have reshaped its planning and prompted expanded defensive measures. Internal CTF assessments rose from 27% on GPT-5 in August 2025 to 76% on GPT-5.1-Codex-Max in November 2025, leading the company to warn some systems may reach 'High' levels on its Preparedness Framework. OpenAI outlined a layered defense-in-depth strategy — including access controls, infrastructure hardening, egress monitoring, model steering, detection tools and end-to-end red teaming — and is preparing a trusted access program alongside private-beta tools such as Aardvark to steer capabilities toward defensive outcomes.
read more →

AI Is Accelerating Cyberattacks — Is Your Network Ready?

🤖 Offensive AI is accelerating cyberattacks, automating reconnaissance, malware orchestration, and large-scale credential harvesting. Security teams and observers such as Google Threat Intelligence and Anthropic warn these techniques can bypass legacy defenses and overwhelm manual SOC processes. Network Detection and Response (NDR) solutions provide continuous network visibility, real‑time analytics, and automated triage to detect polymorphic threats, reduce false positives, and speed incident response.
read more →

Cyber 'Tax' Drives SMBs to Raise Prices After Breaches

🔔 The Identity Theft Resource Center's 2025 Business Impact Report found that 81% of US small businesses experienced a data or security breach in the past year, and 38% raised prices as a result. Respondents attributed 41% of incidents to AI-enabled attacks, while external actors and malicious insiders were cited by 43% and 42% respectively. The ITRC warns that adoption of protections such as MFA is falling and advises SMBs to focus on people, process and technology defenses including out-of-band verification and AI-driven detection tools.
read more →