Boston and London, U.S. and U.K., 10th October 2024, CyberNewsWire

**Boston and London, U.S. and U.K., October 10th, 2024, CyberNewsWire**

The agreement has marked over 600,000 fraudulent domains for takedown in just two months through automated defense and proactive prevention. Abusix and Red Sift to hold exclusive webinar sharing insights on transforming cyber attack mitigation.

Abusix, an organization specializing in internet abuse prevention, and Red Sift, a leader in misconfiguration and exposure management, have announced a new partnership aiming to transform how organizations can navigate from a reactive to a proactive approach for managing security risk.

Cyber threats such as email phishing, business email compromise (BEC), and brand impersonation remain persistent challenges for organizations globally. Addressing these issues requires both visibility and automation to enable faster detection and mitigation of such attacks.

Addressing these challenges head on, Abusix and Red Sift’s partnership aims to offer security teams visibility and action to neutralize risks preemptively. Since the agreement was enabled in August 2024, over 630,000+ domains have been marked for takedown. This outcome is attributed to Abusix’s real-time reporting capabilities for the swift identification of potential threats, and Red Sift’s ability to transform data into actionable defenses and real-time value for its customers. This is enabled through Red Sift leveraging Abusix’s data in both Red Sift OnDMARC and Red Sift Brand Trust. 

> **Rahul Powar, CEO and Co-Founder of Red Sift said:** “We find ourselves in an ever changing landscape where new attacks and methods for cyber abuse are ever prevalent. Working together with Abusix, we are harnessing new innovation and knowledge sharing to offer increased visibility to a wider remit of large enterprises and small businesses that are vulnerable to cyber threat. This in turn allows us to provide real-time solutions to mitigate against costly reputational damage and shift the industry’s approach from reactive to proactive.” 

> **Tobias Knecht, CEO and Founder of Abusix said:** “It’s not just about sharing data—it’s about sharing it with the right organizations. 95% of all attacks on enterprises originate from service provider and hosting provider networks. Enabling rapid takedowns by sharing actionable intelligence with service providers and hosting providers is a crucial step in reducing overall attack volume at its core. Through our partnership with Red Sift and their unique data solutions, we are taking a significant step forward in safeguarding the internet and improving network security overall.”

The newly formed collaboration is a move to raise the effectiveness and application use of email threat data for cybersecurity across the board and to upgrade the industry’s approach to attack mitigation. Together, the two companies are addressing ongoing critical gaps in the cybersecurity landscape by addressing crucial business needs for increased domain security and prevention of brand abuse. 

Those interested can join an exclusive webinar to learn how Abusix and Red Sift are transforming cyber attack mitigation — readers can reserve a spot today and hear about proactive strategies to protect organizations from email phishing, brand impersonation, and other emerging threats.

Readers can also learn more about the partnership’s Success Story here.

****About Abusix****

Abusix transforms vast amounts of real-time data into actionable insights, helping organizations protect against cyber threats. Its unique data ecosystem enables security teams across all sectors to proactively mitigate attacks by pinpointing the origins of cyber abuse. By enabling collaboration between enterprises, security vendors, and service providers, Abusix works to reduce the overall volume of attacks, driving a more secure internet. 

Abusix serves a global client base, including Cloudflare, Amazon Web Services (AWS), Vodafone, Digital Ocean, and multiple government organizations worldwide. Dedicated to enhancing the global security ecosystem, Abusix continues to make threat intelligence accessible and impactful across industries. Readers can learn more at abusix.com

****About Red Sift****

Red Sift aims to enable organizations to anticipate, respond to, and recover from cyber attacks while continuing to operate effectively. The award-winning Red Sift Pulse Platform is an integrated solution that combines four interoperable applications, internet-scale cybersecurity intelligence, and innovative generative AI that intends to put organizations on a path to cyber resilience. 

Red Sift is a global organization supported by a diverse team across 15 countries. It boasts an international client roster that includes Capgemini, Domino’s, ZoomInfo, Athletic Greens, and several leading law firms. Red Sift is the official DMARC provider for Cisco and a trusted partner for Microsoft and Entrust, among others. Readers can learn more at redsift.com

**Contact**

**Head of Marketing**  
**Serena Li**  
**Abusix**  
**\[email protected\]**

Abusix and Red Sift Form New Partnership, Leveraging Automation to Mitigate Cyber Attacks

OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year.
This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X.
"Threat

Cybercrime / Disinformation

OpenAI on Wednesday said it has disrupted more than 20 operations and deceptive networks across the world that attempted to use its platform for malicious purposes since the start of the year.

This activity encompassed debugging malware, writing articles for websites, generating biographies for social media accounts, and creating AI-generated profile pictures for fake accounts on X.

"Threat actors continue to evolve and experiment with our models, but we have not seen evidence of this leading to meaningful breakthroughs in their ability to create substantially new malware or build viral audiences," the artificial intelligence (AI) company said.

It also said it disrupted activity that generated social media content related to elections in the U.S., Rwanda, and to a lesser extent India and the European Union, and that none of these networks attracted viral engagement or sustained audiences.

This included efforts undertaken by an Israeli commercial company named STOIC (also dubbed Zero Zeno) that generated social media comments about Indian elections, as previously disclosed by Meta and OpenAI earlier this May.

Some of the cyber operations highlighted by OpenAI are as follows -

*   SweetSpecter, a suspected China-based adversary that leveraged OpenAI's services for LLM-informed reconnaissance, vulnerability research, scripting support, anomaly detection evasion, and development. It has also been observed conducting unsuccessful spear-phishing attempts against OpenAI employees to deliver the SugarGh0st RAT.

*   Cyber Av3ngers, a group affiliated with the Iranian Islamic Revolutionary Guard Corps (IRGC) used its models to conduct research into programmable logic controllers.

*   Storm-0817, an Iranian threat actor used its models to debug Android malware capable of harvesting sensitive information, tooling to scrape Instagram profiles via Selenium, and translating LinkedIn profiles into Persian.

Elsewhere, the company said it took steps to block several clusters, including an influence operation codenamed A2Z and Stop News, of accounts that generated English- and French-language content for subsequent posting on a number of websites and social media accounts across various platforms.

"\[Stop News\] was unusually prolific in its use of imagery," researchers Ben Nimmo and Michael Flossman said. "Many of its web articles and tweets were accompanied by images generated using DALL·E. These images were often in cartoon style, and used bright color palettes or dramatic tones to attract attention."

Two other networks identified by OpenAI Bet Bot and Corrupt Comment have been found to use their API to generate conversations with users on X and send them links to gambling sites, as well as manufacture comments that were then posted on X, respectively.

The disclosure comes nearly two months after OpenAI banned a set of accounts linked to an Iranian covert influence operation called Storm-2035 that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election.

"Threat actors most often used our models to perform tasks in a specific, intermediate phase of activity — after they had acquired basic tools such as internet access, email addresses and social media accounts, but before they deployed 'finished' products such as social media posts or malware across the internet via a range of distribution channels," Nimmo and Flossman wrote.

Cybersecurity company Sophos, in a report published last week, said generative AI could be abused to disseminate tailored misinformation by means of microtargeted emails.

This entails abusing AI models to concoct political campaign websites, AI-generated personas across the political spectrum, and email messages that specifically target them based on the campaign points, thereby allowing for a new level of automation that makes it possible to spread misinformation at scale.

"This means a user could generate anything from benign campaign material to intentional misinformation and malicious threats with minor reconfiguration," researchers Ben Gelman and Adarsh Kyadige said.

"It is possible to associate any real political movement or candidate with supporting any policy, even if they don't agree. Intentional misinformation like this can make people align with a candidate they don't support or disagree with one they thought they liked."

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

OpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and Disinformation

Austin, TX, USA, 10th October 2024, CyberNewsWire

**Austin, TX, USA, October 10th, 2024, CyberNewsWire –** IDLink, SpyCloud’s new automated digital identity correlation capability, is now core to its industry-leading Investigations solution used by CTI teams, security operations, fraud and risk prevention analysts, and law enforcement globally

**SpyCloud**, the leader in Identity Threat Protection, announced that its SaaS Investigations solution has been enhanced with identity analytics that illuminates the scope of digital identities and accelerates successful outcomes of complex investigations from days or hours to minutes.

SpyCloud Investigations is a powerful cybercrime and identity threat investigation solution used by analysts and investigators to discover and act on threats by navigating the world’s largest repository of recaptured breach, malware, and phishing data. It powers rapid analysis of identity exposures across organizations, VIPs and supply chains, pattern of life analysis, threat actor attribution, insider risk analysis, financial crimes research, and more.

SpyCloud Investigations now includes IDLink, the company’s advanced analytics technology that automatically delivers expanded digital identity results from a simple search query. Where a traditional threat intelligence or investigations tool may provide a small number of records directly correlated to the search input, IDLink expands the pool of results to include identity data correlated across shared usernames, emails, passwords, and PII – with flexible options around pivoting depth, confidence levels, and visualization.

Based on more than a decade’s worth of techniques and expertise developed by renowned investigators at SpyCloud, including former intelligence agency personnel, IDLink uniquely provides a more comprehensive picture of identity compromise to give analysts more avenues for investigation while reducing errors and missed data points. Organizations with fewer in-house CTI, security operations, or fraud/e-crime prevention resources now have an easy-to-use solution to expand their investigative capabilities without adding additional expertise or headcount.

> “SpyCloud Investigations is the ultimate force multiplier for security teams,” said Jason Lancaster, SpyCloud’s senior vice president of investigations. “SpyCloud’s team of investigators have decades of experience investigating cybercrimes day and night, across all manner of use cases, with public and private sector partners. We’ve spent the last year infusing this knowledge into our solution so analysts at all skill levels can reap the benefits.”

With IDLink advanced analytics now foundational to its industry-leading solution, SpyCloud Investigations offers users the ability to visualize holistic identities of exposed employees, consumers, vendors, and cybercriminal actors themselves to more quickly and comprehensively identify and act on risks – helping them achieve:

*   **Up-leveled Analyst Output**: Investigative workflows automate the process of identifying hidden identity exposures, up-levelling analysts and investigators of all skill levels, increasing team productivity, discovery, and resolution.
*   **Hidden Connections:** IDLink automatically connects the dots and rapidly pieces together a holistic view of a digital identity, in minutes instead of hours of advanced analysis previously.
*   **Attribution:** Automated analytics deliver linked exposed identity assets and records, reducing dead ends in investigations and delivering critical details about criminal actors and threats.

This announcement comes at a time when adversaries are increasingly using stolen identity data to bypass security measures and exploit exposed access. This is evidenced by large-scale infostealer malware campaigns and headline-grabbing breaches, such as the National Public Data breach, which leaked 2.7 billion identity records – including hundreds of millions of Americans’ Social Security numbers.

> “There is a vast amount of personal information in criminals’ hands,” said Jason. “SpyCloud Investigations gets that same data into the right hands, faster, to protect businesses and their users. By illuminating connections, opening up new threads to investigate, and offering unlimited queries to SpyCloud’s enriched database of breached, phished, and malware-exfiltrated data, analysts can visualize threats and act decisively, enhancing organizational resilience against cybercrime and identity threats.”

For more information about SpyCloud Investigations or to schedule a complimentary demo to explore your data, users can contact us here.

****About SpyCloud****

SpyCloud transforms recaptured darknet data to disrupt cybercrime. Its automated identity threat protection solutions leverage advanced analytics to proactively prevent ransomware and account takeover, safeguard employee and consumer accounts, and accelerate cybercrime investigations.

SpyCloud’s data from breaches, malware-infected devices, and successful phishes also powers many popular dark web monitoring and identity theft protection offerings. Customers include more than half of the Fortune 10, along with hundreds of global enterprises, mid-sized companies, and government agencies worldwide. Headquartered in Austin, TX, SpyCloud is home to more than 200 cybersecurity experts whose mission is to protect businesses and consumers from the stolen identity data criminals are using to target them now.

****Contact****

**Emily Brown**  
**REQ on behalf of SpyCloud**  
**\[email protected\]**

SpyCloud Adds Identity Analytics to Cybercrime Investigation Solution for Insider Risk

All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.

Source: dpa picture alliance via Alamy Stock Photo

Artificial intelligence-powered cyberattacks are rising exponentially in the Asia-Pacific region, particularly those involving deepfakes.

The United Nations Office on Drugs and Crime (UNODC) tracked a panoply of AI threats in its new report covering cybercrime in Southeast Asia. Cybercrime gangs have been using generative AI (GenAI) to create phishing messages in multiple languages, chatbots that manipulate victims, social media disinformation en masse, and fake documents for bypassing know-your-customer (KYC) checks. They've been using it to power polymorphic malware capable of evading security software, and to identify ideal targets, among other nefarious activities.

The standout threat, though, is deepfakes. From February to June 2024, UNODC tracked a 600% increase in mentions of deepfakes in cybercriminal Telegram channels and underground forums. And that's above and beyond the heavy activity from 2023, when deepfake crimes rose more than 1,500% compared with the year prior, and face swap injections rose 704% in the second half of the year compared with the first.

**Deepfake Attacks Proliferate**

Cybersecurity leaders in the Asia-Pacific are, like those around the world, anticipating a wave of AI-driven cyber troubles. In an Asia-focused Cloudflare survey published on Oct. 9, 50% of respondents said they expect AI will be used to crack passwords and encryption, 47% expect it will boost phishing and social engineering, 44% think it will boost distributed denial-of-service (DDoS) attacks too, and 40% see it being used to create deepfakes and support privacy breaches.

Most, if not all, of those concerns, though, are no longer theoretical, as some organizations can attest.

In January, for example, an employee at the Hong Kong office of Arup, a British engineering firm, received an email purporting to come from the company's chief financial officer (CFO) in London. The CFO instructed the employee to conduct a secret financial transaction. The employee later joined a videoconference with the CFO and other participants purporting to be from senior management, all of whom were, in fact, deepfakes. The result: In May, Arup reported losing 200 million Hong Kong dollars ($25.6 million).

Deepfakes of major political figures have spread widely, like the fake video and audio recordings of Singapore's prime minister and deputy prime minister in December 2023, and the fake video this past July showing a Southeast Asian head of state with illicit drugs. In Thailand, a female police officer was deepfaked in a campaign tricking victims into thinking they were speaking with actual law enforcement.

According to UNODC, half of all deepfake crimes reported in Asia in 2023 came from Vietnam (25.3%) and Japan (23.4%), but the most rapid rise in cases came from the Philippines, which experienced 4,500% more in 2023 than 2022.

It's all underpinned by a large ecosystem of malicious developers and buyers, on Telegram and in even shadier corners of the Deep Web. UNODC identified more than 10 deepfake software vendors that specifically serve cybercriminal groups in Southeast Asia. Their offerings sport the latest and greatest in deepfake tech, like Google's MediaPipe Face Landmarker — which captures detailed facial expressions in real time — the You Only Look Once v5 (YOLOv5) object detection model, and much more.

**Why Asia Suffers**

Though AI-driven cybercrime threatens organizations in every part of the world, it enjoys some particular advantages in Asia.

"Southeast Asia is very densely populated, and a large portion of the population doesn't know English, or English is not their first language," notes Shashank Shekhar, managing editor at India-based CloudSEK. The typical signs that might indicate a scam to a native English speaker might not translate to a non-native speaker. Besides that, he notes, "A lot of people are unemployed, looking for jobs, looking for opportunity."

Desperation has the effect of lowering victims' defenses. "There are some kinds of scams which only work well in this part of the world," says CloudSEK threat researcher Anirudh Batra. "Simpler scams are particularly prevalent because of the poverty that this region of the world has seen."

In the face of intractable socioeconomic forces, those old, tired lines about cyber education and hygiene may not feel like enough. Instead, cybercriminals will need to be stymied at the source: in those underground forums and channels where they trade their deepfake tools and cryptocurrency winnings. It's been done before.

"It's possible by collaborating: different countries coming together, sharing intelligence," Batra says. Though he warns, "Unless these guys are caught, another forum will come up tomorrow. It becomes really difficult to stop them, because the threat actors know that all three letter agencies are looking at the forums — everybody's crawling everything. So they keep a lot of backups. At any point of time, if \[their assets are\] seized, they'll start again with the mirror."

**About the Author**

Nate Nelson is a freelance writer based in New York City. Formerly a reporter at Threatpost, he contributes to a number of cybersecurity blogs and podcasts. He writes "Malicious Life" -- an award-winning Top 20 tech podcast on Apple and Spotify -- and hosts every other episode, featuring interviews with leading voices in security. He also co-hosts "The Industrial Security Podcast," the most popular show in its field.

AI-Powered Cybercrime Cartels on the Rise in Asia

Global Signal Exchange will act as a global clearing house for online scams and fraud signals.

Source: Photo by Photo Boy via Adobe Stock Photo

Google has announced Global Signal Exchange (GSE), a new project to facilitate the collection and sharing of data related to online scams and fraud. While the company is already blocking millions of attempted scams daily across all its products and services, this project will provide organizations with the necessary information they need to identify and block scams.

"We know from experience that fighting scams and the criminal organizations behind them requires strong collaboration among industry, businesses, civil society and governments to combat bad actors and protect users," wrote Amanda Storey, senior director of trust and safety at Google, and Nafis Zebarjadi, product manager of account security at Google, in a post announcing the project. 

Google is partnering with the Global Anti-Scam Alliance (GASA) and DNS Research Federation to launch GSE. The project will benefit from GASA's extensive network of stakeholders and expand on the DNS Research Federation's robust data platform, which already has over 40 million fraud signals. The company is providing the funding to launch GSE and will hold the centralized data engine on Google Cloud, the company said.

Participants will be able to share and ingest signals, while leveraging artificial intelligence to find patterns and match signals. GASA and the DNS Research Federation will manage access for qualifying organizations.

As part of a pilot program, GSE was able to share over 100,000 URLs of bad merchants and receive roughly 1 million signals. The company plans to start by sharing Google Shopping URLs that have already been flagged as scams and then eventually add data from other product areas.

"By joining forces and establishing a centralized platform, GSE aims to improve the exchange of abuse signals, enabling faster identification and disruption of fraudulent activities across various sectors, platforms and services," the company said.

Google Launches Data-Sharing Initiative to Fight Fraud

PRESS RELEASE

PITTSBURGH, PA – October 1, 2024 – ForAllSecure, the world's most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning Mayhem Application Security platform.

Founded by a team of researchers from Carnegie Mellon, the company’s focus has evolved from research, development, and education to a product company centered around its Mayhem platform that quickly went from a Defense Advanced Research Project Agency (DARPA) Cyber Grand Challenge prototype to an in-demand commercialized AI-driven application security platform. Today, the Mayhem platform has been integrated into thousands of open-source projects, building a library of behavioral tests, identifying new zero-days, and helping defend against software supply chain threats. The name change follows record product achievements, with platform ARR rising 275% year over year and 78% of customers expanding their Mayhem footprint at or before their first subscription renewal.

“ForAllSecure has a long, successful history, from winning the DARPA Grand Challenge to dedicating ourselves to research and innovation in the cybersecurity industry through Mayhem Heroes, hackathons, and consulting,” said David Brumley, CEO of Mayhem. “Our new name and focus mark an important evolution for us as the Mayhem brand becomes synonymous with the platform that is transforming API security testing and has powered our growth. In fact, for several years, it was the majority of our revenue. Our new positioning is a natural next step as we continue the hard work of our dedicated researchers and hackers who will continue to push out innovative research and prototype new ways to defend software.” 

The past year has been a banner year, with the company achieving key innovation milestones. Most notably, Mayhem released Mayhem Dynamic software bill of materials (SBOM), which brings Mayhem’s runtime intelligence to the world of software composition analysis (SCA) and SBOM by looking at an application’s actual behavior to find only real, exploitable vulnerabilities, eliminating triage and investigations, and reducing false positives to increase developer velocity and minimize application risks. Mayhem re-architected its symbolic executor to test and triage 60% faster, released support for Windows-based applications, and launched a beta of automated harnessing for embedded systems. 

Under the name Mayhem Security, the company will continue to collaborate with the government and the industry to advance cybersecurity and revolutionize how organizations approach cybersecurity by automating the process of finding and fixing software vulnerabilities.

For more information, visit https://www.mayhem.security/.

You May Also Like

Introducing Mayhem: ForAllSecure Unveils New Name and Company Focus

PRESS RELEASE

NEW YORK, Oct. 9, 2024 /PRNewswire/ -- OpenGradient, a leading decentralized AI infrastructure company, has raised $8.5M in seed funding. With a mission to accelerate open-source AI, OpenGradient democratizes model ownership, streamlines AI deployment, and enables universal access to AI.

OpenGradient's end-to-end decentralized platform offers scalable AI compute on-chain, ensuring verifiability and attribution while enhancing security for AI deployment and hosting. Its multi-layer technology stack includes an EVM-compatible blockchain with its innovative heterogeneous AI compute architecture (HACA) and a proprietary library of feature-rich tools to support and scale secure AI workflows on-chain.

OpenGradient empowers developers to build and deploy optimized decentralized applications (dApps) with ease. OpenGradient's web portal and SDK allow Web2 developers to leverage its AI stack without the complexities of blockchain while enjoying the security and composability benefits of a decentralized infrastructure.

CEO and Co-Founder, Matthew Wang, said,

"Developers today face significant hurdles when developing secure software for custom AI models, often grappling with developing a variety of complex cryptographic or hardware solutions into their stack. OpenGradient revolutionizes this approach, offering near-instantaneous model deployment and secure inference of AI models in mere seconds."

The $8.5 million seed round included participation from a16z Crypto Startup Accelerator (a16z CSX), SV Angel, Coinbase Ventures, SALT Fund, Symbolic Capital, Foresight Ventures, and angel investors, including Balaji Srinivasan (ex-Coinbase CTO), Illia Polosukhin(NEAR Founder), Sandeep Nailwal (Polygon Founder), and more. OpenGradient is also currently participating in the Fall 2024 a16z CSX program in New York City.

Principal at SV Angel, Mike Liu, said,

"OpenGradient is ushering in a new era for decentralized AI by developing infrastructure to support the next generation of intelligent applications. They've built a truly disruptive tech stack at the intersection of AI and blockchain, and we're excited to support such an innovative and talented team."

The funding will be used to continue building out the decentralized infrastructure, deploying solutions and tools for AI and Web3 developers, and advancing applied ML research to grow the open-source AI ecosystem on blockchain. OpenGradient's testnet is expected to be available to developers in Q4 2024.

About OpenGradient

OpenGradient is a leading decentralized platform unlocking scalable AI compute on-chain, empowering developers to build secure, intelligent, and optimized decentralized applications. We provide on-chain AI model hosting, permissionless composability, secure inference execution, and seamless access to accelerate open-source AI and foster next-gen applications. Headquartered in New York City, the team comprises global talent with deep expertise in AI/ML, blockchain, crypto, and Web3 ecosystem. Learn more at https://opengradient.ai and follow us on X and LinkedIn.

OpenGradient Raises $8.5M to Decentralize AI Infrastructure and Accelerate Secure, Open-Source AI

The EU AI Act provides a governance, risk, and compliance (GRC) framework that helps organizations take a risk-based approach to using AI.

Source: Vitor Miranda via Alamy Stock Photo

COMMENTARY

As artificial intelligence (AI) becomes increasingly prevalent in business operations, organizations must adapt their governance, risk, and compliance (GRC) strategies to address the privacy and security risks this technology poses. The European Union's AI Act provides a valuable framework for assessing and managing AI risk, offering insights that can benefit companies worldwide.

The EU AI Act applies to providers and users of AI systems in the EU, as well as those putting AI systems on the EU market or using them within the EU. Its primary goal is to ensure that AI systems are safe and respect fundamental rights and values, including privacy, nondiscrimination, and human dignity.

The EU AI Act categorizes AI systems into four risk levels. On one end of the spectrum, AI systems that pose clear threats to safety, livelihoods, and rights are deemed an Unacceptable Risk. On the other end, AI systems classified as Minimal Risk are largely unregulated, though subject to general safety and privacy rules.

The classifications to study for GRC management are High Risk and Limited Risk. High Risk denotes AI systems where there is a significant risk of harm to individuals' health, safety, or fundamental rights. Limited Risk AI systems pose minimal threat to safety, privacy, or rights but remain subject to transparency obligations.

The EU AI Act allows organizations to take a risk-based approach when assessing AI. The framework helps establish a logical approach for AI risk assessments, particularly for High and Limited Risk activities.

**Requirements for High-Risk AI Activities**

High-Risk AI activities can include credit scoring, AI-driven recruitment, healthcare diagnostics, biometric identification, and safety-critical systems in transportation. For these and similar activities, the EU AI Act mandates the following stringent requirements:

1.  Risk management system: Implement a comprehensive risk management system throughout the AI system's life cycle.
    
2.  Data governance: Ensure proper data governance with high-quality datasets to prevent bias.
    
3.  Technical documentation: Maintain detailed documentation of the AI system's operations.
    
4.  Transparency: Provide clear communication about the AI system's capabilities and limitations.
    
5.  Human oversight: Enable meaningful human oversight for monitoring and intervention.
    
6.  Accuracy and robustness: Ensure the AI system maintains appropriate accuracy and robustness.
    
7.  Cybersecurity: Implement state-of-the-art security mechanisms to protect the AI system and its data.
    

**Requirements for Limited and Minimal Risk AI Activities**

While Limited and Minimal Risk activities don't require the same level of scrutiny as High-Risk systems, they still warrant careful consideration.

1.  Data assessment: Identify the types of data involved, its sensitivity, and how it will be used, stored, and secured.
    
2.  Data minimization: Ensure that only essential data is collected and processed.
    
3.  System integration: Evaluate how the AI system will interact with other internal or external systems.
    
4.  Privacy and security: Apply traditional data privacy and security measures.
    
5.  Transparency: Implement clear notices that inform users of AI interaction or AI-generated content.
    

**Requirements for All AI Systems: Assessing Training Data**

The assessment of AI training data is crucial for risk management. Key considerations for the EU AI Act include ensuring that you have the necessary rights to use the data for AI training purposes, as well as implementing strict access controls and data segregation measures for sensitive data.

In addition, AI systems must protect authors' rights and prevent unauthorized reproduction of protected IP. They also have to maintain high-quality, representative datasets and mitigate potential biases. Finally, they must maintain clear records of data sources and transformations for traceability and compliance purposes.

**How to Integrate AI Act Guidelines Into Existing GRC Strategies**

While AI presents new challenges, many aspects of the AI risk assessment process build on existing GRC practices. Organizations can start by applying traditional due-diligence processes for systems that handle confidential, sensitive, or personal data. Then, focus on these AI-specific considerations:

1.  AI capabilities assessment: Evaluate the AI system's actual capabilities, limitations, and potential impacts.
    
2.  Training and management: Assess how the AI system's capabilities are trained, updated, and managed over time.
    
3.  Explainability and interpretability: Ensure that the AI's decision-making process can be explained and interpreted, especially for High-Risk systems.
    
4.  Ongoing monitoring: Implement continuous monitoring to detect issues, such as model drift or unexpected behaviors.
    
5.  Incident response: Develop AI-specific incident response plans to address potential failures or unintended consequences.
    

By adapting existing GRC strategies and incorporating insights from frameworks like the EU AI Act, organizations can navigate the complexities of AI risk management and compliance effectively. This approach not only helps mitigate potential risks but also positions companies to leverage AI technologies responsibly and ethically, thus building trust with customers, employees, and regulators alike.

As AI continues to evolve, so, too, will the regulatory landscape. The EU AI Act serves as a pioneering framework, but organizations should stay informed about emerging regulations and best practices in AI governance. By proactively addressing AI risks and embracing responsible AI principles, companies can harness the power of AI while maintaining ethical standards and regulatory compliance.

**About the Author**

General Counsel, Secureframe

Kyle McLaughlin serves as General Counsel at Secureframe, an all-in-one platform for continuous security compliance. With a proven track record counseling prominent tech companies including Cisco and Duo Security, he specializes in IP issues, security, compliance, and privacy (holding CIPP/E certification). McLaughlin earned his JD from Wayne State University Law School and completed his bachelor's degree in Political Science and English at the University of Michigan.

Risk Strategies Drawn From the EU AI Act

Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.

A major skills gap exists for security teams when it comes to artificial intelligence (AI) and cloud implementations, which happen to be two of the fastest-growing areas when it comes to enterprises' ongoing digital transformations.

According to O'Reilly's "2024 State of Security" report, nearly 39% of respondents on security teams reported that cloud computing is a space where more skills are needed but are difficult to find.

"Cloud security requires taking concepts like access control and least privilege, and applying them to servers and services that you'll never see and may only control through an API provided by your cloud vendor," wrote Mike Loukides, author of the report. "An error in any service can compromise all your infrastructure — that's why infrastructure as code is so important. In many respects, the game doesn't change, but the stakes become much higher."

Potential talent should prioritize skills like being able think in terms of securing hundreds or thousands of virtual instances, as well as being able to use or develop tools that can reach across multiple servers, services, and cloud providers.

AI, on the other hand, represents a whole new category of threats. Roughly 34% of respondents in the survey pointed to a lack of talent when it comes to AI skills, especially regarding attack avenues such as prompt injection. However, this space is so new that researchers are only beginning to understand the threats and vulnerabilities that AI poses — and even less is known about any possible solutions. 

"The security community is only beginning to catch up with the use and misuse of AI. In the coming years, we expect a surge in AI-specific research, training, and certification," Loukides wrote.

According to Mary Treseler, chief content officer of O'Reilly Media, those hiring in the cyber industry favor those who have a traditional computer science education in addition to experience in IT work such as system admin, help desk, and software development.

"It's possible to get a cybersecurity job without a degree, provided you have relevant work experience," Treseler says. "Certifications and experiences such as bug bounty hunting or capture-the-flag participation can supplement."

Also, some organizations, such as MITRE, are already providing tools to share data on real world AI incidents, such as the AI Incident Sharing initiative under MITRE ATLAS, to combat rising threats. The tool is anonymous in order to serve as a safe space to openly share the details of cyberattacks occurring across industries and government. It's modeled after traditional intelligence-sharing, so organizations can submit incident data through the site, after which they will be considered for membership. And in Europe, an effort is underway to promote AI literacy and awareness for staff dealing with the deployment of AI systems, via the EU Artificial Intelligence Pact.

**Security Up-Skilling: A Marathon, Not a Sprint**

Upskilling to eradicate gaps in cybersecurity talent is the easiest way forward for now, experts say.

"Our global survey underscores a security landscape in flux," Laura Baldwin, president of O'Reilly, said in a press release. "As cyber threats become increasingly sophisticated, it's clear that continuous, high-quality training is no longer optional; it's essential for safeguarding our digital future. Organizations must prioritize ongoing upskilling to stay ahead of evolving risks and build robust defenses."

Certifications, books, videos, and conferences can all be valuable resources to stay up-to-date with the latest need-to-know skills.

Some of the most popular certifications, according to Treseler are CISSP, which she notes is the most versatile and requires five years of work experience, CompTIA Security+, CEH, and CISM. These are all viable options that she says potential talent can trust will give them valuable expertise in the field, but also resources that higher-ups may be looking for when scouring for new candidates.

"Security is a challenge that will never go away," Loukides wrote. "Chances are, we'll invent new risks as quickly as we retire old ones. But we can do better at meeting the challenge."

Cloud, AI Talent Gaps Plague Cybersecurity Teams

Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams.
The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create

Cybercrime / Threat Detection

Google on Wednesday announced a new partnership with the Global Anti-Scam Alliance (GASA) and DNS Research Federation (DNS RF) to combat online scams.

The initiative, which has been codenamed the Global Signal Exchange (GSE), is designed to create real-time insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create more visibility into the facilitators of cybercrime.

"By joining forces and establishing a centralized platform, GSE aims to improve the exchange of abuse signals, enabling faster identification and disruption of fraudulent activities across various sectors, platforms and services," Google said in a blog post shared with The Hacker News.

"The goal is to create a user-friendly, efficient solution that operates at an internet-scale, and is accessible to qualifying organizations, with GASA and the DNS Research Federation managing access."

The tech giant said it has shared over 100,000 URLs of bad merchants and more than 1 million scam signals to be fed into the data platform, and that it intends to provide data from other products.

"We know from experience that fighting scams and the criminal organizations behind them requires strong collaboration among industry, businesses, civil society and governments to combat bad actors and protect users," it added.

Google further took the opportunity to note that Cross-Account Protection has been used to protect 3.2 billion users across sites and apps where they sign in with their Google Account. As a next step, the company said it's partnering with Canva, Electronic Arts, Indeed, and Microsoft-owned LinkedIn.

The development comes a week after Meta said that it's teaming up with U.K. banks to combat scams on its platforms as part of an information-sharing partnership program dubbed Fraud Intelligence Reciprocal Exchange (FIRE).

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#intel