Zero-Touch Networks (ZTNs) represent a transformative paradigm toward fully automated and intelligent network management, providing the scalability and adaptability required for the complexity of sixth-generation (6G) networks. However, the distributed architecture, high openness, and deep heterogeneity of 6G networks expand the attack surface and pose unprecedented security challenges. To address this, security automation aims to enable intelligent security management across dynamic and complex environments, serving as a key capability for securing 6G ZTNs. Despite its promise, implementing security automation in 6G ZTNs presents two primary challenges: 1) automating the lifecycle from security strategy generation to validation and update under real-world, parallel, and adversarial conditions, and 2) adapting security strategies to evolving threats and dynamic environments. This motivates us to propose SecLoop and SA-GRPO. SecLoop constitutes the first fully automated framework that integrates large language models (LLMs) across the entire lifecycle of security strategy generation, orchestration, response, and feedback, enabling intelligent and adaptive defenses in dynamic network environments, thus tackling the first challenge. Furthermore, we propose SA-GRPO, a novel security-aware group relative policy optimization algorithm that iteratively refines security strategies by contrasting group feedback collected from parallel SecLoop executions, thereby addressing the second challenge. Extensive real-world experiments on five benchmarks, including 11 MITRE ATT&CK processes and over 20 types of attacks, demonstrate the superiority of the proposed SecLoop and SA-GRPO. We will release our platform to the community, facilitating the advancement of security automation towards next generation communications.

The rapid advancement of Generative Artificial Intelligence (GenAI) has introduced new opportunities for transforming higher education, particularly in fields that require analytical reasoning and regulatory compliance, such as cybersecurity management. This study presents a structured framework for integrating GenAI tools into cybersecurity education, demonstrating their role in fostering critical thinking, real-world problem-solving, and regulatory awareness. The implementation strategy followed a two-stage approach, embedding GenAI within tutorial exercises and assessment tasks. Tutorials enabled students to generate, critique, and refine AI-assisted cybersecurity policies, while assessments required them to apply AI-generated outputs to real-world scenarios, ensuring alignment with industry standards and regulatory requirements. Findings indicate that AI-assisted learning significantly enhanced students' ability to evaluate security policies, refine risk assessments, and bridge theoretical knowledge with practical application. Student reflections and instructor observations revealed improvements in analytical engagement, yet challenges emerged regarding AI over-reliance, variability in AI literacy, and the contextual limitations of AI-generated content. Through structured intervention and research-driven refinement, students were able to recognize AI strengths as a generative tool while acknowledging its need for human oversight. This study further highlights the broader implications of AI adoption in cybersecurity education, emphasizing the necessity of balancing automation with expert judgment to cultivate industry-ready professionals. Future research should explore the long-term impact of AI-driven learning on cybersecurity competency, as well as the potential for adaptive AI-assisted assessments to further personalize and enhance educational outcomes.

We study automated security response for an IT infrastructure and formulate the interaction between an attacker and a defender as a partially observed, non-stationary game. We relax the standard assumption that the game model is correctly specified and consider that each player has a probabilistic conjecture about the model, which may be misspecified in the sense that the true model has probability 0. This formulation allows us to capture uncertainty about the infrastructure and the intents of the players. To learn effective game strategies online, we design a novel method where a player iteratively adapts its conjecture using Bayesian learning and updates its strategy through rollout. We prove that the conjectures converge to best fits, and we provide a bound on the performance improvement that rollout enables with a conjectured model. To characterize the steady state of the game, we propose a variant of the Berk-Nash equilibrium. We present our method through an advanced persistent threat use case. Simulation studies based on testbed measurements show that our method produces effective security strategies that adapt to a changing environment. We also find that our method enables faster convergence than current reinforcement learning techniques.

Many real-world games suffer from information asymmetry: one player is only aware of their own payoffs while the other player has the full game information. Examples include the critical domain of security games and adversarial multi-agent reinforcement learning. Information asymmetry renders traditional solution concepts such as Strong Stackelberg Equilibrium (SSE) and Robust-Optimization Equilibrium (ROE) inoperative. We propose a novel solution concept called VISER (Victim Is Secure, Exploiter best-Responds). VISER enables an external observer to predict the outcome of such games. In particular, for security applications, VISER allows the victim to better defend itself while characterizing the most damaging attacks available to the attacker. We show that each player's VISER strategy can be computed independently in polynomial time using linear programming (LP). We also extend VISER to its Markov-perfect counterpart for Markov games, which can be solved efficiently using a series of LPs.

Robotics, automation, and related Artificial Intelligence (AI) systems have become pervasive bringing in concerns related to security, safety, accuracy, and trust. With growing dependency on physical robots that work in close proximity to humans, the security of these systems is becoming increasingly important to prevent cyber-attacks that could lead to privacy invasion, critical operations sabotage, and bodily harm. The current shortfall of professionals who can defend such systems demands development and integration of such a curriculum. This course description includes details about seven self-contained and adaptive modules on "AI security threats against pervasive robotic systems". Topics include: 1) Introduction, examples of attacks, and motivation; 2) - Robotic AI attack surfaces and penetration testing; 3) - Attack patterns and security strategies for input sensors; 4) - Training attacks and associated security strategies; 5) - Inference attacks and associated security strategies; 6) - Actuator attacks and associated security strategies; and 7) - Ethics of AI, robotics, and cybersecurity.

Bill Fenick, VP Enterprise, Interxion argues that emerging technologies will reach a new level of maturity. He claims, "with the IT industry booming over the past few years, it's hard to imagine that there will be any huge surprises in enterprise IT next year. However, I do expect that the new decade will bring new levels of maturity to leveraging technologies including the cloud, artificial intelligence and the Internet of Things. These technologies have transitioned from emerging trends that organisations were trying to figure out, to established staples of businesses' IT strategies." He continues, "with the advancements of these technologies, most organisations are realising that their existing enterprise data centres can no longer support these technologies. As a result, we can expect to see a follow-on shift toward IT infrastructures that can provide high performant, secure and cost effective interconnections to the cloud and connectivity providers that will help them meet their unique needs."

Security cameras are a great way to keep an eye on commercial spaces without being on-site, especially after-hours. While security is a 24/7 business, most organizations can't afford to monitor their systems at all hours of the day and night. Hiring a third-party provider to monitor is expensive, and even with eyes on screens, human error still results in missed reports, slow response, and increased insurance and liability costs. However, new strides in cloud-based and AI technology are leveling the playing field for small and mid-sized organizations, and are making commercial video surveillance systems smarter than ever before. Recent advancements in AI-based video security have made this technology more powerful and accurate.

The tragic school shootings of recent years have led to a great deal of discussion around "hardening" K-12 schools to gun violence. And, the concept of "hardening" usually conjures visions of metal detectors, armed guards, active shooter drills and any number of bullet-proof products, from windows to white boards. Truly hardening a K-12 school system from gun violence, however, requires a more nuanced approach. First of all, disrupting the normal flow of education with pat-downs and other intrusive activity can have a detrimental effect on students by instilling the notion that they are constantly in danger, or that the school perceives them as a threat. The tradeoffs between security and the student experience need to be considered, particularly when it involves introducing more stress on kids who already have to spend too much of their childhood participating in active shooter drills.

With the threat landscape constantly evolving and increasing in complexity, continued digital innovation, technological developments, and the introduction of 5G, coupled with the challenges of accelerated remote working practices and a growing cybersecurity skills gap, have collectively exacerbated the challenges that CISOs face in terms of protecting their companies' digital assets. However, enhancing AI solutions with machine learning, augmented intelligence, and analytics capabilities, among others, lets CISOs create a much stronger cybersecurity ecosystem for their organisation. "To reinforce a robust cybersecurity ecosystem, CISOs must develop strategic, proactive cybersecurity approaches that leverage AI-driven solutions to act on threat intelligence. In addition to leveraging solutions like augmented intelligence, analytics, and machine learning combined with AI, CISOs should consider resourcing their IT and security teams with the right people to strengthen their security strategy. "However, CISOs can improve efficiencies and strengthen their security operations by leveraging AI solutions and tools, particularly those with built-in automation and integration, to alleviate the pressure on IT teams without reducing the effectiveness of the security strategy." With the threat landscape constantly evolving and increasing in complexity, continued digital innovation, technological developments, and the introduction of 5G, coupled with the challenges of accelerated remote working practices and a growing cybersecurity skills gap, have collectively exacerbated the challenges that CISOs face in terms of protecting their companies' digital assets. However, enhancing AI solutions with machine learning, augmented intelligence, and analytics capabilities, among others, lets CISOs create a much stronger cybersecurity ecosystem for their organisation. "To reinforce a robust cybersecurity ecosystem, CISOs must develop strategic, proactive cybersecurity approaches that leverage AI-driven solutions to act on threat intelligence.

Artificial intelligence must be the future for network security, according to Fortinet. With the threat landscape constantly evolving and increasing in complexity, continued digital innovation, technological developments, and the introduction of 5G, coupled with the challenges of accelerated remote working practices and a growing cybersecurity skills gap, have collectively exacerbated the challenges that CISOs face in terms of protecting their companies' digital assets. As CISOs assess their cybersecurity posture, it's essential that they consider how to leverage new and emerging technologies to best protect their infrastructure, the company says. There have been significant developments in the artificial intelligence (AI) space that make it an increasingly strategic investment. However, Fortinet says it can be challenging for CISOs to cut through the hype and understand which AI-based solution is best suited to their organisation.