AI compliance has become a pivotal concern for organizations in a rapidly evolving technological landscape. It is inconceivable to overlook the growing importance of AI compliance, particularly for entities deeply entrenched in AI operations. It involves an intricate intersection of legal, ethical, and regulatory dimensions, emphasizing the need for a cohesive approach to ensure comprehensive AI compliance.

When a large data company decided to migrate their systems fully to the cloud, their cybersecurity team knew it would be a challenge. The company’s senior security architect put it succinctly: “Our CTO said, we’re going completely to cloud. Everyone buckle up.” Though the organization had assets in the cloud for many years, the team wasn’t sure they were ready to be 100% in the cloud from a security standpoint.

Not that long ago, AI was generally seen as a futuristic idea that seemed like something out of a sci-fi film. Movies like Her and Ex Machina even warned us that AI could be a Pandora's box that, once opened, could have unexpected outcomes. How things have changed since then, thanks in large part to ChatGPT’s accessibility and adoption!

There is enormous attention on generative AI (GenAI) and its potential to change software development. While the full impact of GenAI is yet to be known, organizations are eagerly vetting the technology and separating the hype from the real, pragmatic benefits. In parallel, software security professionals are closely watching the practical impact of GenAI and how application security testing (AST) must adapt as adoption increases.

Securing AI is a top cybersecurity priority and concern for governments and businesses alike. Developers have easy access to pre-trained AI models through platforms like Hugging Face and to AI-generated functions and programs through large language models (LLMs) like GitHub Co-Pilot. This access has spurred developers to create innovative software at an enormously fast pace.

Azure customers are facing the biggest threat to their privileged accounts. A cybersecurity firm has identified the spread of a new phishing campaign aimed at privileged users like sales directors, account managers, finance managers, vice presidents, presidents, chief financial officers, and CEOs. The campaign’s first set of attacks started around November 2023 and is still a looming threat. The good thing is that you can safeguard against and mitigate this attack.