Intrusion Tolerant Systems (ITSs) have become increasingly critical due to the rise of multi-domain adversaries exploiting diverse attack surfaces. ITS architectures aim to tolerate intrusions, ensuring system compromise is prevented or mitigated even with adversary presence. Existing ITS solutions often employ Risk Managers leveraging public security intelligence to adjust system defenses dynamically against emerging threats. However, these approaches rely heavily on databases like NVD and ExploitDB, which require manual analysis for newly discovered vulnerabilities. This dependency limits the system's responsiveness to rapidly evolving threats. HAL 9000, an ITS Risk Manager introduced in our prior work, addressed these challenges through machine learning. By analyzing descriptions of known vulnerabilities, HAL 9000 predicts and assesses new vulnerabilities automatically. To calculate the risk of a system, it also incorporates the Exploitability Probability Scoring system to estimate the likelihood of exploitation within 30 days, enhancing proactive defense capabilities. Despite its success, HAL 9000's reliance on NVD and ExploitDB knowledge is a limitation, considering the availability of other sources of information. This extended work introduces a custom-built scraper that continuously mines diverse threat sources, including security advisories, research forums, and real-time exploit proofs-of-concept. This significantly expands HAL 9000's intelligence base, enabling earlier detection and assessment of unverified vulnerabilities. Our evaluation demonstrates that integrating scraper-derived intelligence with HAL 9000's risk management framework substantially improves its ability to address emerging threats. This paper details the scraper's integration into the architecture, its role in providing additional information on new threats, and the effects on HAL 9000's management.

Intrusion Tolerant Systems (ITSs) are a necessary component for cyber-services/infrastructures. Additionally, as cyberattacks follow a multi-domain attack surface, a similar defensive approach should be applied, namely, the use of an evolving multi-disciplinary solution that combines ITS, cybersecurity and Artificial Intelligence (AI). With the increased popularity of AI solutions, due to Big Data use-case scenarios and decision support and automation scenarios, new opportunities to apply Machine Learning (ML) algorithms have emerged, namely ITS empowerment. Using ML algorithms, an ITS can augment its intrusion tolerance capability, by learning from previous attacks and from known vulnerabilities. As such, this work's contribution is twofold: (1) an ITS architecture (Skynet) based on the state-of-the-art and incorporates new components to increase its intrusion tolerance capability and its adaptability to new adversaries; (2) an improved Risk Manager design that leverages AI to improve ITSs by automatically assessing OS risks to intrusions, and advise with safer configurations. One of the reasons that intrusions are successful is due to bad configurations or slow adaptability to new threats. This can be caused by the dependency that systems have for human intervention. One of the characteristics in Skynet and HAL 9000 design is the removal of human intervention. Being fully automatized lowers the chance of successful intrusions caused by human error. Our experiments using Skynet, shows that HAL is able to choose 15% safer configurations than the state-of-the-art risk manager.

Explainability has taken on more urgency at many banks as a result of increasingly complex AI algorithms, many of which have become critical to the deployment of advanced AI applications in banking, such as facial or voice recognition, securities trading, and cybersecurity. The complexity is due to greater computing power, the explosion of big data, and advances in modeling techniques such as neural networks and deep learning. Several banks are establishing special task forces to spearhead explainability initiatives in coordination with their AI teams and business units. They are also stepping up their oversight of vendor solutions as the use of automated machine learning capabilities continues to grow considerably. Explainability is also becoming a more pressing concern for banking regulators who want to be assured that AI processes and outcomes can be reasonably understood by bank employees.

As algorithms and AIs become ever more embedded in people’s lives, there’s also a growing demand for transparency around when an AI is used and what it’s being used for. That means communicating why an AI solution was chosen, how it was designed and developed, on what grounds it was deployed, how it’s monitored and updated, and the conditions under which it may be retired. There are four specific effects of building in transparency: 1) it decreases the risk of error and misuse, 2) it distributes responsibility, 3) it enables internal and external oversight, and 4) it expresses respect for people. Transparency is not an all-or-nothing proposition, however. Companies need to find the right balance with regards to how transparent to be with which stakeholders.

It's impossible to ignore the profound ways in which technological innovation has permeated nearly every facet of our economy, especially as the pandemic forced businesses across every sector to adopt new tech as a means to stay operational. And yet there are vital aspects of business that have virtually stagnated despite the high-tech breakthroughs all around them. In insurance, it's easy to spot: the process for managing risk transfer still relies on technology better suited for the 20th Century. Every person involved in risk management, from brokers to carriers to in-house risk managers and insureds, is functioning in an environment that suggests the last two decades never happened. Their best technological options for managing insurance documents include spreadsheets, PDF files, and email--or worse, a fax machine.

Megan serves as Publishing Operations Manager at Emerj, and is currently attending The American University in Paris, where she is pursuing degrees in global communications and international business administration. Square is a financial services company that aims to "build common business tools in unconventional ways so more people can start, run and grow their businesses." Founded in 2009 in San Francisco by Twitter Co-Founder Jack Dorsey and Jim McKelvey, Square reports total net revenue of $9.5 billion for 2020. Originally known for its card-reader dongles, Square has expanded to create a business toolkit for small business owners, including various hardware and software products and services such as Square Capital, Square Terminal, and most recently, Square Banking. We will begin by taking a closer look at how Square uses machine learning to enable its various software solutions that aim to increase fraud protection for sellers.

Artificial Intelligence (AI) has become a trend that is here to stay at least in the foreseeable future. Many countries have started embracing this technology; notable among them is China. This article explores how China has harnessed AI in the fields of e-commerce, finance and health from a layman's perspective. AI has improved our lives in many ways, but there are still some controversial issues concerning its use. The first thing that comes to mind in the way China has been transformed by AI technology can be traced back to the year 2013.

Last year I wrote about how AI regulations will lead to the emergence of professional AI risk managers. This has already happened in the financial sector where regulations patterned after Basel rules have created a financial risk management profession to assess financial risks. Last week, the EU published a 108-page proposal to regulate AI systems. This will lead to the emergence of professional AI risk managers. The proposal doesn't cover all AI systems, just those deemed high-risk, and the regulation would vary depending on how risky the specific AI systems are: Since systems with unacceptable risks would be banned outright, most of the regulation is about high-risk AI systems.

In one 2020 complaint to the Consumer Financial Protection Bureau, a consumer echoed the words of George Floyd to describe an experience with a financial company, saying "you all will not let me breathe." The consumer wanted to know why the firm would "not take their knee off ... my neck?" Another criticized a company for its approach to sexual identity issues. "The employees refused to be sensitive to my pronouns' and name change," the consumer said. "As a result, my account was closed after years of torture from this credit card company."

In recent years, the banking industry has been at the forefront of AI and ML adoption. According to an Economist Intelligence Unit adoption study, 54% of banks and financial institutions with more than 5,000 employees have adopted AI. But AI and ML adoption has not been easy. Difficulty in deployment has been exacerbated by the growing number of new AI platforms, languages, frameworks, and hybrid compute infrastructure. Add to this the fact that models are being developed by staff in multiple business units and AI teams, making it difficult to ensure that the proper risk and regulatory controls and processes are enforced.