• Major Update to NIST’s Widely Used Cybersecurity Framework

    The world’s leading cybersecurity guidance is getting its first complete makeover since its release nearly a decade ago. NIST has revised the framework to help benefit all sectors, not just critical infrastructure.

  • DHS: Additional $374.9 Million in Funding to Boost State, Local Cybersecurity

    State and local governments face increasingly sophisticated cyber threats to their critical infrastructure and public safety. On Monday, DHS announced the availability of $374.9 million in grant funding for the Fiscal Year (FY) 2023 State and Local Cybersecurity Grant Program (SLCGP).

  • Reached: Milestone in Power Grid Optimization on World’s First Exascale Supercomputer

    Ensuring the nation’s electrical power grid can function with limited disruptions in the event of a natural disaster, catastrophic weather or a manmade attack is a key national security challenge. Compounding the challenge of grid management is the increasing amount of renewable energy sources such as solar and wind that are continually added to the grid, and the fact that solar panels and other means of distributed power generation are hidden to grid operators.

  • “Hacking” People, Not Systems: False Claims Attacks on Infrastructure

    False claims and disinformation, especially in a social media-driven society, have become major problems with potentially severe consequences. Disinformation can be weaponized to disrupt underlying cyber-physical systems, human lives and economic productivity. Recent examples include tweets that trigger spikes in gasoline prices and false social media posts reporting impending water pumping station shutdowns. In these scenarios, chaos is caused because people, not systems or devices, are “hacked.”

  • Denying Denial-of-Service: Strengthening Defenses Against Common Cyberattack

    A Denial-of-Service attack is a cyberattack that makes a computer or other device unavailable to its intended users. This is usually accomplished by overwhelming the targeted machine with requests until normal traffic can no longer be processed. Scientists have developed a better way to recognize a common internet attack, improving detection by 90 percent compared to current methods.

  • Fighting Fake “Facts” with Two Little Words: Grounding a Large Language Model's Answers in Reality

    Asking ChatGPT for answers comes with a risk—it may offer you entirely made-up “facts” that sound legitimate. Despite having been trained on vast amounts of factual data, large language models, or LLMs, are prone to generating false information called hallucinations. Inspired by a phrase commonly used in journalism, the researchers conducted a study on the impact of incorporating the words “according to” in LLM queries.

  • Fact-Checking Found to Influence Recommender Algorithms

    Researchers have shown that urging individuals to actively participate in the news they consume can reduce the spread of these kinds of falsehoods. “We don’t have to think of ourselves as captive to tech platforms and algorithms,” said a researcher.

  • Cyber Insurance Not Fueling the Ransomware Epidemic

    Contrary to perceived wisdom, there is no compelling evidence that victims of ransomware with cyber insurance are much more likely to pay ransoms than those without.

  • Fighting Fake News: Using Machine Learning, Blockchain to Counter Misinformation

    False information can lead to harmful consequences. How can content creators focus their efforts on areas where the misinformation is likely to do the most public harm? Research offers possible solutions through a proposed machine learning framework, as well as expanded use of blockchain technology.

  • New Cipher System Protects Computers Against Spy Programs

    Researchers have achieved a breakthrough in computer security with the development of a new and highly efficient cipher for cache randomization. The innovative cipher addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.

  • NSF Renews Cybersecurity Workforce Development Projects

    The U.S. National Science Foundation CyberCorps Scholarship for Service program is renewing funding for seven academic institutions, providing more than $24 million over the next four years. For over 20 years, the CyberCorps SFS program has played an important critical role in developing the U.S. cybersecurity workforce.

  • New National Cyber Workforce and Education Strategy

    Hundreds of thousands of cyber jobs in government and the private sector are vacant, and the administration says that filling them is a national security imperative. Today, the administration unveiled its ambitious National Cyber Workforce and Education  Strategy (NCWES) which aims at addressing both short-term needs and long-terms requirements.

  • De-Risking Authoritarian AI

    You may not be interested in artificial intelligence, but it is interested in you. AI-enabled systems make many invisible decisions affecting our health, safety and wealth. They shape what we see, think, feel and choose, they calculate our access to financial benefits as well as our transgressions. In a technology-enabled world, opportunities for remote, large-scale foreign interference, espionage and sabotage —via internet and software updates—exist at a ‘scale and reach that is unprecedented’.

  • The U.K. Government Is Very Close to Eroding Encryption Worldwide

    The Online Safety Bill, now at the final stage before passage in the House of Lords, gives the British government the ability to force backdoors into messaging services, which will destroy end-to-end encryption. If it passes, the Online Safety Bill will be a huge step backwards for global privacy, and democracy itself.

  • If Cyber Is Uninsurable, the United States Has a Major Strategy Problem

    The opinions of leaders in the insurance industry are opinions not to be taken lightly, as experienced leaders and among the most respected minds in the global market. And they’re concerned. Or downright terrified. The debate within the insurance industry over cyber risks reveals an important potential weakness, but the reality is far more nuanced.