The NIST/NVD situation and vulnerability management programs
In the infosec world we continually preach about “defense in depth,” or layered security. The idea is that if a defensive measure at one layer fails, there are additional layers behind it that serve as a safety net. An interesting application of these concepts comes in examining the data feeds that provide information to our security tools. If one of the feeds goes down, will our security tooling continue to work as expected?
This recently came to light when the National Institute of Standards and Technology (NIST) announced that it cannot keep up with the number of software bugs being submitted to the National Vulnerability Database (NVD). According to NIST itself, it has only analyzed roughly one-third of the Common Vulnerabilities and Exposures (CVEs) submitted this year. Since many organizations rely on NVD information in their vulnerability management programs, this is distressing news. For organizations in this situation, the question then becomes: How do we minimize the impact of the NIST backlog?
How AI will shape the future of the legal industry
The Department for Science, Innovation and Technology (DSIT) announced a £6.4 million grant for small and medium-sized enterprises (SMEs) to invest in AI-technology skills-based training. This development is the latest in a string of AI funding initiatives across the UK corporate sector, indicating that 2024 is the year emerging technologies will revolutionize the workplace in all aspects.
AI technology is transforming business functions across industries. However, the legal sector, in particular, has demonstrated tremendous progress. Often portrayed as laggards when it comes to embracing innovation, legal’s cautious, conservative approach to tech adoption has become a thing of the past in the age of AI. A recent survey from the Legal Services Board (LSB) discusses how over 95 percent of legal businesses found that implementing new technologies has made them more responsive to clients’ needs. Moreover, 60 percent of surveyed legal businesses found their clients expect them to power their legal services through tech innovation.
Start menu ads are rolling out to all Windows 11 users -- here's how to turn them off
Windows 11's Start menu will soon advertise applications in the recommended section.
Microsoft released a new optional preview update for Windows 11 this week that introduces the feature. The changes it includes will roll out to all Windows 11 devices as part of the May 2024 cumulative security update.
Qualcomm introduces Snapdragon X Plus for Windows PCs
Today, Qualcomm introduces the Snapdragon X Plus platform, which features the all-new 10-core Qualcomm Oryon CPU and a 45 TOPS (Tera Operations Per Second) NPU, touted as the fastest NPU for laptops globally. This combination aims to set a new benchmark for mobile computing by providing up to 37% faster CPU performance while consuming up to 54% less power compared to its competitors.
Kedar Kondap, Senior Vice President and General Manager of Compute and Gaming at Qualcomm Technologies, highlighted the transformative potential of the new chipset. "Snapdragon X Series platforms deliver leading experiences and are positioned to revolutionize the PC industry," said Kondap. He emphasized that the Snapdragon X Plus would power "AI-Supercharged PCs," enabling radical new AI experiences amid rapid technological advancements.
Free test lets you check how websites measure up to privacy rules
Governments around the world have been busily introducing privacy rules over the last few years and only this month the US Congress introduced a draft of a new federal law, the American Privacy Rights Act (APRA).
But how do you know if the websites you use are following the rules? ImmuniWeb is launching a new free website privacy test with checks and verifications that cover specific requirements of the majority of modern privacy, data protection and consumer protection laws in the US, UK, Europe and other regions.
Audacity 3.5 adds cloud project saving for collaboration, backup and file versioning
Muse Group has released a major new version of its free, open-source audio editor for Windows, macOS and Linux. Audacity 3.5 adds cloud project saving support, plus adds automatic tempo detection, pitch shifting and more.
The headline new feature in Audacity 3.5 is a new cloud-saving feature, which works in tandem with Muse Group’s free audio hosting platform at audio.com. Users simply select 'File > Save to Cloud…' to save the current project. On first use, they will be prompted to link Audacity to a free audio.com account -- which can be created during the linking process.
Get 'Principles of Data Science -- Third Edition' (worth $39.99) for FREE
Principles of Data Science bridges mathematics, programming, and business analysis, empowering you to confidently pose and address complex data questions and construct effective machine learning pipelines.
This book will equip you with the tools to transform abstract concepts and raw statistics into actionable insights. Starting with cleaning and preparation, you’ll explore effective data mining strategies and techniques before moving on to building a holistic picture of how every piece of the data science puzzle fits together.
CISOs worry about gen AI leading to security breaches
A new survey of more than 400 CISOs in the US and UK reveals that 72 percent are concerned about security breaches related to generative AI.
The study from Metomic finds that CISOs from both the US and UK rank data breaches as their top security concern. Data breaches are continuing to surge across industries, but particularly for healthcare, finance, and manufacturing organizations. According to industry reports, US companies experienced 3,205 data breaches last year (up from 1,802 in 2022), with the average cost of a data breach in the US climbing to $9.48 million in 2023.
Six out of 10 businesses struggle to manage cyber risk
A new study from Barracuda Networks finds just 43 percent of organizations surveyed have confidence in their ability to address cyber risk, vulnerabilities, and attacks.
The findings also show that many organizations find it hard to implement company-wide security policies such as authentication measures and access controls. 49 percent of the smaller to mid-sized companies surveyed listed this as one of their top two governance challenges.
Ransomware rampage -- how to fight back against attacks [Q&A]
Amid a tumultuous 2023 marked by economic anxieties and rising geopolitical tensions, threat actors seized the opportunity to weaponize fear and uncertainty. While ransomware trends had previously ebbed and flowed, experiencing a 23 percent decrease in just the first half of 2022, they took a shocking turn in 2023, skyrocketing by a staggering 95 percent.
We spoke with Andrew Costis, chapter leader of the Adversary Research Team at AttackIQ, to discuss why ransomware has taken headlines by storm and how the industry can empower security teams with the tools to fight back.
Why the financial services industry has to start future-proofing their operations
The digital revolution continues at pace. Yet, whilst many industries are looking to harness the transformative impact of AI and other innovative tech, there are many firms in financial services that are simply unprepared and unable to capitalize on the latest advancements.
A reliance on legacy systems and the use of paper-based forms of communication and record-keeping is holding the sector back. Now is the time for the industry to fully embrace digital transformation strategies or risk being left behind. The benefits of going digital for businesses in the financial services industry are huge, encompassing benefits from streamlining operations and cutting costs, to improving customer experience and overall functionality. Whilst adopting new technologies undoubtedly comes with risks, the sector can ill-afford to stand still in the face of such a rapidly changing world.
We're not going to deal with today's IT admin issues with yesterday's technology
If I were to put you in a time machine and transport you five years into the future, do you know what you’d find in IT administration? Even more complexity, heterogeneity, and increased use of novel new platforms and technologies. And yet IT admins would still be worried and stressed about their security gaps, whilst still managing all user authentication, device management, and access to resources via a piece of legacy, on-premise, software first launched in the year 2000: Active Directory.
You read that right. That’s 24 years ago. Don’t get me wrong; just because something wasn’t created yesterday doesn’t mean it’s not useful. But what is concerning is that, for all the incredible digital transformation initiatives that SMEs (small to medium enterprises) have initiated in the last few years -- we somehow think that the default option is best.
AI-powered data management: Navigating data complexity in clinical trials
The data flood gates have opened wide for clinical trial research. In fact, the amount of data gathered may be more akin to a tsunami or a monsoon. For decades, researchers struggled with a lack of data available in clinical trials; however, they may have received more than they asked for. Research shows that the biopharmaceutical industry generates up to a trillion gigabytes of data annually and clinical trials, one of the principal contributors to these data points, generate an average of up to 3 million data points per trial. This influx of sources can make it challenging to discern relevant from superfluous information, complicating analysis and delaying critical decision-making.
An increase in decentralization paired with expanded collection methods in clinical trials have increased access to and accumulation of data. Information gathered from remote monitoring devices, electronic health records (EHRs), laboratory tests, surveys and questionnaires and third-party databases, all contribute to the data challenge in clinical trials. In reality, the number of touchpoints across clinical trials, from sponsors to clinical research organizations (CROs) to site staff, combined with the complexity and disparity of data sources leads to challenges in ensuring data quality.
Workforces need the skills to defend against AI-enabled threats
It’s no secret that artificial intelligence (AI) is transforming software development. From automating routine tasks to enhancing code efficiency and optimizing testing processes, AI is helping developers save time, money, and resources. It can also analyze code to detect bugs, security vulnerabilities, and quality issues more effectively than traditional models. If you’re thinking there’s a "but" coming, you’re right.
The downside to the benefits of leveraging AI technologies in software development is that it can also enhance the capabilities of malware developers. As such, the proliferation of AI is not necessarily fueling new cyberattacks, it is simply creating an even distribution of enhanced proficiency for both legitimate and malicious actors.
Overcoming real-time data integration challenges to optimize for surgical capacity and better care
In the healthcare industry, surgical capacity management is one of the biggest issues organizations face. Hospitals and surgery centers must be efficient in handling their resources. The margins are too small for waste, and there are too many patients in need of care. Data, particularly real-time data, is an essential asset. But it is only useful if the pieces fit together, solving a puzzle of coordinating schedules, operating room availability, and resource allocation, while ensuring immediate access to patient data for perioperative teams.
Data management demands are significant, complex, and dynamic. Because each patient is unique, anything can happen in an operating room (OR) at any moment. As such, real-time data capture is crucial for surgical workflows. When surgical teams have all the information they need in real time, they can make rapid decisions that not only maximize OR utilization and minimize delays but also enhance overall patient care and safety.
Recent Headlines
Most Commented Stories
© 1998-2024 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.