Goto

Collaborating Authors

Results


Six things CCOs need to know about ICO's AI guidance

#artificialintelligence

The 122-page publication, called "Explaining decisions made with AI" and written in conjunction with The Alan Turing Institute, the U.K.'s national center for AI, hopes to ensure organizations can be transparent about how AI-generated decisions are made, as well as ensure clear accountability about who can be held responsible for them so that affected individuals can ask for an explanation. It does not directly reference AI or any associated technologies such as machine learning. However, the General Data Protection Regulation (and the U.K.'s 2018 Data Protection Act) does have a significant focus on large-scale automated processing of personal data, and several provisions specifically refer to the use of profiling and automated decision-making. This means data protection law applies to the use of AI to provide a prediction or recommendation about someone. The ICO suggests compliance teams (including the DPO) and senior management should expect assurances from the product manager that the system the organization is using provides the appropriate level of explanation to decision recipients.


Security with AI and Machine Learning - Communal News

#artificialintelligence

Why has there been such a sudden explosion of Machine Learning and Artificial Intelligence in security? The truth is that these technologies have been underpinning many security tools for years. Frankly, both tools are necessary precisely because there has been such a rapid increase in the number and complexity of attacks. These attacks carry a high cost for business. Recent studies predict that global annual cybercrime costs will grow from $3 trillion in 2015 to $6 trillion annually by 2021.


Street Lamps as a Platform

Communications of the ACM

Street lamps constitute the densest electrically operated public infrastructure in urban areas. Their changeover to energy-friendly LED light quickly amortizes and is increasingly leveraged for smart city projects, where LED street lamps double, for example, as wireless networking or sensor infrastructure. We make the case for a new paradigm called SLaaP--street lamps as a platform. SLaaP is proposed as an open, enabling platform, fostering innovative citywide services for the full range of stakeholders and end users--seamlessly extending from everyday use to emergency response. In this article, we first describe the role and potential of street lamps and introduce one novel base service as a running example. We then discuss citywide infrastructure design and operation, followed by addressing the major layers of a SLaaP infrastructure: hardware, distributed software platform, base services, value-added services and applications for users and'things.' Finally, we discuss the crucial roles and participation of major stakeholders: citizens, city, government, and economy. Recent years have seen the emergence of smart street lamps, with very different meanings of'smart'--sometimes related to the original purpose as with usage-dependent lighting, but mostly as add-on capabilities like urban sensing, monitoring, digital signage, WiFi access, or e-vehicle charging.a The future holds even more use cases: for example, after a first wave of 5G mobile network rollouts from 2020 onward, a second wave shall apply mm-wave frequencies for which densely deployed light poles can be appropriate'cell towers.'


Meltdown

Communications of the ACM

Moritz Lipp is a Ph.D. candidate at Graz University of Technology, Flanders, Austria. Michael Schwarz is a postdoctoral researcher at Graz University of Technology, Flanders, Austria. Daniel Gruss is an assistant professor at Graz University of Technology, Flanders, Austria. Thomas Prescher is a chief architect at Cyberus Technology GmbH, Dresden, Germany. Werner Haas is the Chief Technology Officer at Cyberus Technology GmbH, Dresden, Germany.


How to Curtail Oversensing in the Home

Communications of the ACM

Future homes will employ potentially hundreds of Internet of Things (IoT) devices whose sensors may inadvertently leak sensitive information. A previous Communications Inside Risks column ("The Future of the Internet of Things," Feb. 2017) discusses how the expected scale of the IoT introduces threats that require considerations and mitigations.2 Future homes are an IoT hotspot that will be particularly at risk. Sensitive information such as passwords, identification, and financial transactions are abundant in the home--as are sensor systems such as digital assistants, smartphones, and interactive home appliances that may unintentionally capture this sensitive information. IoT device manufacturers should employ sensor sensor permissioning systems to limit applications access to only sensor data required for operation, reducing the risk that malicious applications may gain sensitive information. For example, a simple notepad application should not have microphone access.


Measuring the Effectiveness of AI in the SOC

#artificialintelligence

In a previous blog post, I covered some of the challenges encountered by security operations centers (SOCs) and how leveraging artificial intelligence (AI) can help alleviate these challenges, including the cybersecurity skills shortage, unaddressed security risks and long dwell times. According to ISACA's State of Cybersecurity Report, 78 percent of respondents expect the demand for technical cybersecurity roles to increase in the future. The report also mentions that the effects of the skills shortage are going to get worse. This is where AI can step in and help lighten the load considerably. During a time of tight budgets and IT spend, there is no doubt that any new expenditures must have solid business justifications.


EasyJet admits it was aware of 'highly sophisticated cyber attack' that affected 9 million customers as early as January

The Independent - Tech

Budget airline easyJet was aware of the data breach, which revealed personal information of nine million customers and the credit card information of over 2,200 customers, in January. News of the cyber attack broke yesterday, revealing that the attacker or attackers had access to the data of customers who booked flights from 17 October 2019 to 4 March 2020. In a statement, the airline said: "We're sorry that this has happened, and we would like to reassure customers that we take the safety and security of their information very seriously. "There is no evidence that any personal information of any nature has been misused." However, while there is no evidence the data was misused, that does not mean that it cannot be misused. Experts suggest that personal information "drives a higher price on the dark web" – the area of the internet inaccessible by mainstream search engines – and could be used for organised crime or ransomed. What does the easyJet data hack mean for you? What does the easyJet data hack mean for you? Two people with knowledge of the investigation have said that Chinese hackers are supposedly responsible for the hack based on similarities in hacking tools and techniques used in previous campaigns, but that has yet to be officially confirmed. In a statement, the Information Commissioners' Office (ICO) said: "We have a live investigation into the cyber attack involving easyJet.


The Use of Artificial Intelligence (AI) in Cyber Defense

#artificialintelligence

Artificial intelligence is a scientific field that is responsible for finding solutions to complex problems that humans do not have. Machine learning could be used to bypass and dismantle cyber-security systems faster than most prevention and detection tools can keep up. AI will exacerbate existing threats and create new ones, but its speed could prove a great boon for cybercriminals, as it is much more effective at fighting them than human experts. The algorithm is attempted to model a decision mechanism that resembles real human decision mechanisms but is modeled by algorithms. In the context of cybersecurity, artificial intelligence (AI) tries to defend the system by weighing patterns of behavior that indicate a threat against predictive logic.


How Chatbots Can Help Bridge Business Continuity and Cybersecurity

#artificialintelligence

A quick web search for "chatbots and security" brings up results warning you about the security risks of using these virtual agents. Dig a little deeper, however, and you'll find that this artificial intelligence (AI) technology could actually help address many work-from-home cybersecurity challenges -- such as secure end-to-end encryption and user authentication -- and ensure that your organization continues to prove its data privacy compliance with less direct oversight. While many companies rely on chatbots to answer customer questions or step through a process, that same service can be used to help employees connect with security professionals as they work remotely, allowing many security problems to be resolved as efficiently as they would be if the security team were able to come directly to their colleagues' desks. Between 2005 and 2018, the number of remote workers grew by 173 percent, 11 percent faster than the rest of the workforce, according to Global Workplace Analytics. And as more employees and management experience the benefits of working from home, more people will demand the opportunity.


Huge, mysterious list appears online of where people met, personal information and more of tens of millions

The Independent - Tech

A huge data dump includes the personal information of tens of millions of people and where they have met – and its origin is a mystery. The breach includes almost 90GB of people's personal data, including details of where they have been and met people. But there is no clue where the information has actually come from in the first place. Though the information has been hosted publicly, and available to anyone, there is no hint about where it was first collected from. The dump includes listings of individual people, including information on their social media sites, phone numbers and addresses.