At Bitsight, part of the Vulnerability Research team's core work involves analyzing vulnerabilities in order to create detection capabilities that can be implemented on an Internet-wide scale.

The use of artificial intelligence (AI) for defense allows for the better scanning of networks for vulnerabilities, automation, and attack detection based on existing datasets. However this is all in defense against an unknown attacker, who can have varying offensive tools all designed to overcome the most sophisticated defense. Is the biggest challenge for defensive AI that there is an offensive AI operator with unknown capabilities? And has offensive AI lowered the barrier of entry for bot attackers?

In this episode of Trust Issues, we dive into the complex and rapidly evolving world of cyber insurance. We discuss the challenges and opportunities facing companies seeking to protect themselves from the ever-present threat of cyberattacks.

You know your latest web application is inherently vulnerable to all kinds of attacks. You also know app security can never be perfect, but you can make it better tomorrow than it was yesterday. The problem is that whether you’re using enterprise-grade (aka, expensive and complex) security tools, or have cobbled together a handful of open-source projects into a CI/CD pipeline or Git commit hooks and are hoping for the best, your toolkit can’t help you see.

The China-aligned threat actor “Sharp Dragon” is launching spear phishing attacks against government entities in African and Caribbean countries, according to researchers at Check Point. “In recent months, we have observed a significant shift in Sharp Dragon’s activities and lures, now targeting governmental organizations in Africa and the Caribbean,” the researchers write.

We are big fans of the U.S. Cybersecurity Infrastructure Security Agency (CISA), whose informal slogan of “An organization so committed to security that it’s in our name twice” is a source of pride. CISA is a non-regulatory government agency dedicated to protecting U.S. and global infrastructure and organizations against malicious hackers and their malware (and other types of threats).

‍Since the SEC's latest cybersecurity regulations went into effect, thousands of companies have already been compelled to submit their annual Form 10-K with the novel Item 1C. Similarly, dozens of organizations have filed updated Form 8-Ks to disclose cybersecurity incidents. Slowly but surely, these public reports are helping investors become more aware of the intrinsic relationship between cyber risk and market value.

The allure of the digital nomad lifestyle has attracted over 40 million people worldwide looking to escape the office and work from the beach, inner city, or remote islands. Obviously, a decent laptop and a stable internet connection are required for this lifestyle. Outside of these, there are more tools for digital nomads they should bring with them as they travel the globe. These tools relate to: However, security and privacy are important concerns for digital nomads working in unfamiliar places.

Thanks to digital innovations, we can easily connect online, but they also leave us increasingly vulnerable and exposed.68% of consumers are concerned about the volume of data businesses collect about them, with 40% expressing a lack of trust in companies’ ethical handling of data. Therefore, it’s no surprise that data privacy regulations are constantly improving.