Tag: technology
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
Inventors of Quantum Cryptography Win Turing Award
Charles Bennett and Gilles Brassard have won the 2026 Turing Award for inventing quantum cryptography. I am incredibly pleased to see them get this recognition. I have always thought the technology to be fantastic, even though I think it’s largely unnecessary. I wrote up my thoughts back in 2008, in an <a href+https://www.schneier.com/essays/archives/2008/10/quantum_cryptography.html”>essay titled “Quantum…
-
8 ways to bolster your security posture on the cheap
Tags: access, attack, authentication, awareness, breach, ciso, control, credentials, cyber, cyberattack, cybersecurity, data, data-breach, ddos, dkim, dmarc, dns, email, endpoint, exploit, finance, google, identity, Internet, metric, mfa, microsoft, mitigation, okta, passkey, password, phishing, risk, risk-management, service, strategy, technology, tool, training, update, waf, zero-day2. Take full advantage of your existing tools: A practical way to strengthen enterprise security without incurring additional significant spend is to ensure you’re fully leveraging the capabilities of solutions already present within your organization, says Gary Brickhouse, CISO at security services firm GuidePoint Security.”Most organizations have invested heavily in security solutions, yet most are…
-
The external pressures redefining cybersecurity risk
Tags: access, ai, attack, breach, business, ciso, control, cyber, cyberattack, cybersecurity, data, deep-fake, defense, email, governance, guide, incident response, injection, network, nist, resilience, risk, risk-management, supply-chain, technology, threat, toolAI is accelerating both the attackers and your defenses, but governance is often missing : What I see generative AI doing in cybersecurity is accelerating what attackers can do and lowering the cost of entry for new criminal gangs. Cyberattacks are more potent because the technology makes it easier to target victims, create deepfake videos or…
-
6 key takeaways from RSA Conference 2026
Tags: ai, api, attack, ceo, cio, ciso, compliance, conference, control, cyber, cybersecurity, data, framework, google, governance, government, identity, infrastructure, injection, intelligence, jobs, LLM, office, RedTeam, regulation, risk, saas, service, technology, threat, tool, trainingSecuring the AI stack: Yes, but the threat surface has grown: The first technical priority I offered for CISOs in my conference preview was securing the AI stack, RAG workflows, LLM data pipelines, vector databases, and model APIs, on the basis that prompt injection, training data poisoning, and model inversion attacks were no longer theoretical.The…
-
From Visibility to Action: Modernizing Security Operations with Cisco, Optiv, and Splunk
On Demand video from Cisco. As cyber threats grow more complex, organizations need security programs that work smarter, not harder. Hear how Optiv, Cisco, and Splunk combine strategy and technology to help security teams gain clarity, respond faster, and stay ahead of attackers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/from-visibility-to-action-modernizing-security-operations-cisco-optiv-splunk-a-31298
-
CISO Spotlight: Dimitris Georgiou on Building Security that Serves People First
Dimitris Georgiou has been a self-professed computer geek since the early 80s. At university, he studied the convergence of educational technology with computer science as part of his psychology MA finding, to his disbelief, that systems were perilously insecure. Since then, he’s always worked in and around cybersecurity. He’s had roles as a computer […]…
-
RSAC 2026: No easy fixes for expanding AI attack surface, but a coordinated response is emerging
SAN FRANCISCO, Forty-four thousand cybersecurity practitioners converged on Moscone Center this week with an urgent question: how do you secure a network when everything, the technology, the threats, the tools, is changing faster than anyone can govern… (more”¦) First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/rsac-2026-no-easy-fixes-for-expanding-ai-attack-surface-but-a-coordinated-response-is-emerging/
-
RSAC Focuses Cybersecurity Insights, Tech, and Community in One Place
The RSAC conference has once again descended upon San Francisco and delivered an event that brings together the largest collection of industry leaders, technologies, and cybersecurity community events! Over the course of several days, attendees accessed exceptional keynotes, thought-leading expert sessions, and an unmatched technology expo. During the evenings, there were countless private events, get-togethers,…
-
What Is CIAM? A Complete Guide to Customer Identity and Access Management in 2026
CIAM is the technology layer that decides how your customers log in, what they can access, and how their data is protected. Here’s a complete breakdown of what it is, how it works, and why it’s become a $14 billion market. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/what-is-ciam-a-complete-guide-to-customer-identity-and-access-management-in-2026/
-
8 steps CISOs can take to empower their teams
Once when we were rolling out a well-known EDR tool, I knew the settings weren’t tight enough, nor were the received updates applied fast enough. So I asked two people to own this, come up with suggestions for tightening the screws, and guarantee a successful rollout on multiple OSes in parallel. The phased approach took…
-
Court Blocks Trump’s Anthropic Ban as AI Dispute Continues
Temporary Ruling Preserves Pentagon’s AI Access as Courts Weigh AI Guardrail Limits. A federal judge’s decision to temporarily block the Trump administration from blacklisting the artificial intelligence firm Anthropic allows federal agencies and the Pentagon to continue using and evaluating its technology in the near term. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/court-blocks-trumps-anthropic-ban-as-ai-dispute-continues-a-31243
-
Court Blocks Trump’s Anthropic Ban as AI Dispute Continues
Temporary Ruling Preserves Pentagon’s AI Access as Courts Weigh AI Guardrail Limits. A federal judge’s decision to temporarily block the Trump administration from blacklisting the artificial intelligence firm Anthropic allows federal agencies and the Pentagon to continue using and evaluating its technology in the near term. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/court-blocks-trumps-anthropic-ban-as-ai-dispute-continues-a-31243
-
Infrastructure Attacks With Physical Consequences Down 25%
Operational technology (OT) at industrial and critical infrastructure sites seem to have been benefitting from a lull in ransomware, and hackers’ relative ignorance of OT systems. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/infrastructure-attacks-physical-consequences-down
-
We Are At War
Rising geopolitical tensions are reflected (or in some cases preceded) by cyber operations, while technology itself has become politicized. Let’s admit it: we are in the middle of it. Introduction: One tech power to rule them all is a thing of the past The relative safety, peace and prosperity that much of the world has…
-
What is PUE? A Guide to Data Center Efficiency
In the world of data centers, energy efficiency isn’t just a buzzword”, it’s a vital part of running a cost-effective and sustainable operation. As technology demands grow, so does the need to monitor exactly how much energy is being used and where it’s going. This is where metrics like Power Usage Effectiveness (PUE) become essential…
-
The CISO’s guide to responding to shadow AI
Tags: ai, breach, business, ciso, cybersecurity, data, governance, guide, mitigation, privacy, risk, strategy, technology, tool, training, updateUnderstand why AI is being used: If CISOs want to manage shadow AI effectively, they need to understand why it keeps popping up. The immediate reaction may be to shut down the use of shadow AI, but there must be more to the response than that.”Our focus is understanding why they’re using it, educating them…
-
Google warns quantum computers could hack encrypted systems by 2029
Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, <a href=”https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/”>Google has warned.The tech company said in a <a href=”https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/”>blogpost that quantum computers will pose a…
-
Google warns quantum computers could hack encrypted systems by 2029
Banks, governments and tech providers urged to upgrade security because current systems will soon be obsolete Banks, governments and technology providers need to be prepared for quantum computer hackers capable of breaking most existing encryption systems by 2029, <a href=”https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/”>Google has warned.The tech company said in a <a href=”https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/”>blogpost that quantum computers will pose a…
-
How Modern Classroom Management Tools Help Teachers Reclaim Instructional Time
Technology has transformed modern classrooms, opening the door to more interactive and collaborative learning experiences. However, it has also introduced new challenges for teachers. Student devices are essential for digital learning, but can quickly become sources of distraction during instruction, pulling attention away from lessons and disrupting classroom flow. Without the right support, teachers often…
-
Critical NVIDIA Vulnerabilities Risk Remote Code Execution and DenialService Attacks
Tags: attack, cyber, Hardware, nvidia, remote-code-execution, risk, service, software, technology, threat, vulnerabilityNVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosystems. The technology giant has urged organizations to immediately evaluate their environments and apply the necessary corrective actions to prevent potential exploitation. These vulnerabilities pose significant risks, notably enabling threat actors to potentially execute…
-
State Department Launches New Bureau to Combat High-Tech Threats
The State Department has officially operationalized the Bureau of Emerging Threats (ET), a high-stakes unit designed to shield American interests from the weaponization of advanced technology by foreign adversaries. The bureau’s launch marks the culmination of a sweeping reorganization plan introduced nearly a year ago by Secretary of State Marco Rubio. While its existence was..…
-
Die fünf gefährlichsten Angriffstechniken in 2026 basieren allesamt auf künstlicher Intelligenz
Seit mehr als einem Jahrzehnt gilt die Keynote des SANS Institutes auf der RSA Conference als das zuverlässigste Frühwarnsystem der Sicherheitsbranche. Sie deckt Angriffstechniken auf, die die Bedrohungslandschaft prägen, noch bevor die meisten Unternehmen damit konfrontiert werden. Die diesjährige Veranstaltung, moderiert von Ed Skoudis, Präsident des SANS Technology Institute, sendet ein wichtiges Signal aus: Zum ersten…
-
Why AI Is Increasing Demand for Software Engineers (Not Replacing Them)
AI Is Not Replacing Engineers. It’s Raising the Stakes Every few years, a new technology triggers the same question in boardrooms and leadership discussions: will…Read More First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2026/03/why-ai-is-increasing-demand-for-software-engineers-not-replacing-them/
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…