Richard Searle

🎧 Listen Now: Timothy Hollebeek, Industry and Standards Technical Strategist at DigiCert, joins hosts Patrick Hynds and Ciprian Jichici on the Entangled Things podcast to explore the latest concerns surrounding learning with errors, the future security of encryption, and both current and emerging standards. https://lnkd.in/gNZCygEh #quantumcomputing #encryption #quantumcomputers #podcast #techtalk

11

1 Comment

Cyber capability support mechanisms need clear objectives, a value case for those involved, private sector buy-in, sufficient funding, and efficient measurement. Read more from Joseph Jarnecki in Binding Hook: https://lnkd.in/db_traHU

9

ACM SIGCOMM Workshop on Zero Trust Architecture for Next Generation Communications (ZTA-NextGen) **Call for Papers** To address next-generation communications issues, this workshop proposes a comprehensive exploration of Zero Trust Architecture (ZTA). Traditional security models rely on perimeter-based defenses, assuming trust within the network. However, in the dynamic Internet of Things (IoT) landscape, this trust cannot always be guaranteed. ZTA advocates for a model where trust is never assumed, and verification is required from all entities, whether inside or outside the network perimeter. The ZTA-NextGen workshop is calling upon researchers from academics and practitioners from industry, and standardization bodies to contribute to a vibrant exchange of ideas on ZTA for next-generation communications. The workshop will facilitate interdisciplinary discussions and collaborations among IoT research and deployment stakeholders. The workshop aims to (i) explore recent research developments and emerging trends in ZTA for next-generation communications, (ii) address the unique security, privacy, and trust challenges inherent in next-generation communication systems by ZTA, (iii) identify the need for ZTA for systems like IoT, with a focus on machine-to-machine (M2M) communications, RFID technology, and Near Field Communications (NFC), (iv) provide a platform for sharing best practices, case studies, and real-world deployments of ZTA in next-generation communications, and (v) discuss regulatory considerations, compliance frameworks, and policy implications related to secure ZTA deployments. Important Dates Submissions deadline May 25, 2024 Acceptance notification June 9, 2024 Camera-ready deadline June 14, 2024 Workshop Aug 4, 2024 More information: https://lnkd.in/gqSR7tjS

7

Can a digital commons approach reinforce OSS security? Here is an opinion blog post from members of the NGI Commons consortium regarding the recent exposure of the XZ utils backdoor and what it means for the open source and cybersecurity communities. It reflects on how digital commons approaches to rules and governance might help reinforce the security of open source software over time and address issues related to maintenance and burnout in developer communities. Please check the news section of our website and get in touch if you need more information. https://lnkd.in/dr3rQ-Mf OpenForum Europe Open Future Foundation, Martel Innovate, CNRS, and The Linux Foundation European Commission EU Digital & Tech NGI - The Next Generation Internet Nicholas Gates Jan Krewer #digital #digitalcommons #opensource #NGICommons

12

Our founder and CEO Ali Kaafarani spoke with Richard Tyler, editor of The Times, about our story so far, the threat posed by quantum computers, and how we have assembled an industry-leading team of cryptography experts at PQShield. We have the highest density of cryptography PhDs in the private sector, with experts joining us because they know we are always pushing for the highest quality of engineering and their research is already making a difference and being used in quantum-secure products everywhere. Read the full article to catch Ali’s thoughts on how we have grown our expertise at PQShield: https://hubs.li/Q02FlHFb0 #thetimes #cryptography #quantumsecure

35

Don't miss the must-attend session on the "OWASP Top 10 for Large Language Models" at the Planet Cyber Sec AppSec SoCal conference. Led by Steve Wilson, this talk will uncover the emerging risks that generative AI and Large Language Models (LLMs) introduce to modern application ecosystems. Attendees will dive into the OWASP Top 10 for LLMs - the definitive guide to mitigating LLM-related vulnerabilities. They will gain insights on securing generative AI applications and recognizing the nuances of LLM risks. Additionally, the session will provide practical strategies to deploy effective defenses and foster a culture of responsible AI development. As the use of LLMs continues to proliferate, understanding and addressing these new security challenges is crucial. This session is a must-attend for developers, security professionals, and anyone invested in the future of AI-powered applications. Register now to stay ahead of the curve. https://lnkd.in/gbiAaarv #PlanetCyberSec #AppSecSoCal #AppSec #CyberSecurity #infosec #AI #cyberwarfare #CyberAttack #cyberdefense #ciso #cio #OWASPTOP10LLM #AISecurityRisks

6

1 Comment

For our second open-source AI security audit, we reviewed the Ask Astro chatbot, which supports the Astronomer orchestration tool for Apache Airflow. The 4 issues we identified could lead to output poisoning, inaccurate document ingestion, and DoS. https://lnkd.in/dXfMmNdK

6

We just wanted to share this free report from The Linux Foundation on #opensource license compliance challenges. A great reference guide for any #OSPO. What's inside? 🔵Impact of #OSS license conflicts 🔵Addressing speed, scale, and accuracy 🔵Impact of #AI-generated source code 🔵Considerations for SCA tooling

3

Nation states are moving to protect their borders in the digital economy. https://lnkd.in/e9CsYwS9 #insightandanalysis #digitalsovereignty #cybersecurity Gopul Shah Golden Agri-Resources (GAR)

3

Great interview from Application Security Weekly that explores: How can open source projects find a funding model that works for them? Simon Bennetts talks about his stewardship of Zed Attack Proxy and its journey from #OWASP to #OpenSSF to an Open Source Fellowship with Crash Override. Watch it here: https://hubs.la/Q02zTnC50 #Developers #DevOps #CyberSecurity #OpenSource

1

This week on #Caveat, we are joined by Dr. Peter Garraghan, CEO of Mindgard, as he is discussing UK's recently published #AI security guidelines and the recommendations he made for addressing #cybersecurity risks in AI. Dave is examining the troubling challenges of regulating #deepfake porn. Ben looks at a brand new Appeals Court decision on #geofencing. Check it out and let us know what you think! https://lnkd.in/dymJupAT

1

New Blog Alert: Untangle the Data Maze! Data privacy and security are more important than ever. Our latest blog, "Untangle the Data Maze: A Guide to Data Controllers and Processors." Dives deep into the critical roles of data controllers and processors. What's Inside? Definitions & Responsibilities: Understand the key differences between controllers and processors. Compliance Best Practices: Learn how to navigate complex data protection regulations. Practical Insights: Get real-world examples of how businesses manage data securely and compliantly. Click the link below to read the full blog and gain valuable insights into managing your data effectively. Link- https://lnkd.in/d_dD_SZ8 Don't forget to like, share, and leave your thoughts in the comments! #PrivacyWithPrivacient #DataPrivacy #DataSecurity #Compliance #DataProtection #Privacient

9

Review of the datAshur PRO+C from Tech Trends 📰 Read here: https://lnkd.in/eZ6xKwZM #review #istorage #datasecurity

8

Future-Proof Your Data: Quantum vs. Post-Quantum Cryptography Unveiled On July 4, 2024, Decent Cybersecurity published a pivotal analysis exploring the transformative roles of quantum cryptography and post-quantum cryptography in fortifying global cybersecurity. As quantum computing evolves, understanding these technologies becomes indispensable for cybersecurity professionals and industry leaders. Quantum Cryptography Unmatched Security Through Quantum Mechanics Utilizing the principles of quantum mechanics, quantum cryptography introduces a new era of security. Its hallmark application, Quantum Key Distribution (QKD), enables two parties to generate a shared, random secret key that is almost impervious to interception. Any eavesdropping attempt inherently alters the quantum state, ensuring immediate detection and maintaining the integrity of communications. Challenges of Implementing Quantum Cryptography While offering unparalleled security, quantum cryptography requires specialized infrastructure and currently faces limitations in the distribution range, which may delay its widespread adoption. Post-Quantum Cryptography Readying for Quantum Threats Contrasting with quantum cryptography, post-quantum cryptography (PQC) is designed to withstand potential attacks from both classical and quantum computers. It is engineered using traditional computational methods to fit seamlessly into existing systems, providing a practical and scalable security solution without the need for quantum hardware. Strategic Decision-Making Quantum vs. Post-Quantum Businesses contemplating their cybersecurity futures must weigh their options between quantum and post-quantum cryptography. Quantum cryptography is ideal for securing highly sensitive communications, while PQC offers a broader protective scope for current digital systems against emerging quantum threats. Proactive Measures for the Quantum Computing Era Decent Cybersecurity advises organizations to conduct thorough audits of their current cybersecurity protocols to identify and mitigate quantum vulnerabilities. Investing in PQC now can enhance security immediately, while exploring quantum cryptography may be critical for protecting high-stakes communications in the future. In the quantum computing era, proactive adaptation is key. Understanding and implementing advanced cryptographic technologies will ensure robust protection against future cybersecurity challenges. #QuantumComputing #Cybersecurity #DecentCybersecurity #QuantumCryptography #PostQuantumCryptography https://lnkd.in/dyQDh-9Y

1

With Quantum on the horizon, there are steps companies should take NOW to move towards Post-Quantum Cryptography. Start with discovery and know how, where and why you're using crypto to prioritise the migration. Tom Millar and Venari Security have some capability in this space to discover, catalogue and plan PQC migration for large complex organisations. At #cyberuk24, the panel discussed considering the shelf life of encrypted data and keys, the practical migration time and the associated threats. The process might require significant investment and the business cases will need to go to boards quickly, suppliers will need to be engaged and projects planned.

11