• AIHow Can Congress Regulate AI? Erect Guardrails, Ensure Accountability and Address Monopolistic Power

    By Anjana Susarla

    A new federal agency to regulate AI sounds helpful but could become unduly influenced by the tech industry — instead, Congress can legislate accountability.Instead of licensing companies to release advanced AI technologies, the government could license auditors and push for companies to set up institutional review boards. The government hasn’t had great success in curbing technology monopolies, but disclosure requirements and data privacy laws could help check corporate power.

  • AI & CYBERSECURITYCan Quantum Computing Protect AI from Cyberattacks?

    AI algorithms are everywhere. They underpin nearly all autonomous and robotic systems deployed in security applications. This includes facial recognition, biometrics, drones and autonomous vehicles used in combat surveillance and military targeting applications. Can we prevent malicious attacks and improve the cybersecurity of algorithms powered by artificial intelligence (AI)? Quantum machine learning may hold the key.

  • AI & CYBERSECURITYAI Model Aims to Plug Key Gap in Cybersecurity Readiness

    By Tom Rickey

    There are more than 213,800 available known “keys”—unofficial entry points into computer systems, better known as vulnerabilities or bugs—and they’re already in the hands of criminals. There are likely many more that are not known. How can all the threats and attacks be tracked, prioritized and prevented? Scientists link resources to improve prioritization, spot attacks more quickly.

  • CHINA WATCHState-Sponsored Chinese Hackers Targeting U.S., Western Critical Infrastructure: Microsoft

    Microsoft says that Chinese government-sponsored hacking group Volt Typhoon has been attacking critical infrastructure targets in the US, Australia, Canada, New Zealand, and UK, and possibly many more countries. The affected targets span various sectors, including communications, manufacturing, utilities, transportation, construction, maritime, government, information technology, and education. The attacks began in mid-2021 and appear to be aimed at undermining the US in the event of a regional conflict.

  • CYBERSECURITYBolstering Cybersecurity in Navigation Systems

    Interference such as jamming and spoofing that targets critical infrastructure has the potential to cause widespread delays and cascading failures across multiple modes of transportation including ships, trains, trucks, and cars—and the problem is only getting worse. New project aims to enhance resilience of transportation infrastructure against cyber threats, developing advanced countermeasures for GPS spoofing and jamming.

  • CYBERSECURITYBringing Better IT Security on Board

    Cyberattacks on industry and critical infrastructure are on the rise across the globe. Targets also include ships, which, by transporting billions of tons of goods around the world each year, form part of international supply chains — yet their on-board IT systems often lack secure protection.

  • INFORMATION PROTERCTIONNIST Updates Guidelines for Protecting Sensitive Information

    NIST has updated its draft guidelines for protecting sensitive unclassified information, in an effort to help federal agencies and government contractors more consistently to implement cybersecurity requirements. Draft Revision 3 aligns the publication’s language with NIST’s 800-53 catalog of cybersecurity safeguards.

  • POWERGRID RESILIENCEMaking the Power Grid More Reliable and Resilient

    By Jake Malooley

    The U.S. power grid comprises nearly 12,000 power plants, 200,000 miles of high-voltage transmission lines, 60,000 substations and 3 million miles of power lines. It may well be the most massive and complex machine ever assembled. Argonne National Labs’ researchers help keep this machine working in the face of daunting challenges.

  • CYBERSECURITYLessons from ‘Star Trek: Picard’ – a Cybersecurity Expert Explains How a Sci-Fi Series Illuminates Today’s Threats

    By Richard Forno

    Sometimes Hollywood gets it right by depicting reality in ways that both entertain and educate. And that’s important, because whether it’s a large company, government or your personal information, we all share many of the same cybersecurity threats and vulnerabilities. As a former cybersecurity industry practitioner and current cybersecurity researcher, I believe the final season of “Star Trek: Picard” is the latest example of entertainment media providing useful lessons about cybersecurity and the nature of the modern world.

  • EV CYBERSECURITYMaking Electric Vehicle Charging Stations Cybersecure

    As more electric vehicles (EVs) hit the road, charging stations are popping up across the United States. The benefits go beyond curbing carbon emissions from road travel. These systems can also link to the electric grid through smart charging, drawing power when overall demand is low and feeding it back to the grid when needed.

  • POWER-GRID CYBERSECURITYCybersecurity Goes Undercover to Protect Electric-Grid Data

    Researchers, inspired by one of the mysteries of human perception, invented a new way to hide sensitive electric grid information from cyberattack: Within a constantly changing color palette.

  • COMPUTER SECURITYThe Key to Securing Legacy Computing Systems

    For a cyber-attack to be successful, one must conduct a sequence of exploits to move from the initial system access, through privilege escalation and lateral motion steps, until reaching the ultimate target. DARPA is pursuing an approach to cyber resilience that would subdivide software systems into smaller, secure compartments that prevent an initial attempt at penetration from becoming a successful attack.

  • CYBERSECURITYDetecting Manipulations in Microchips

    Attackers have the ability not only to manipulate software, but also to tamper with the hardware. A team from Bochum is devising methods to detect such tampering.

  • CYBERSECURITYIs Your Cybersecurity Strategy Undermined by These Six Common Pitfalls?

    Many security specialists harbor misconceptions about lay users of information technology, and these misconceptions can increase an organization’s risk of cybersecurity breaches. These issues include ineffective communications to lay users and inadequately incorporating user feedback on security system usability.

  • CYBERSECURITYExpanding the AI Toolbox of Cybersecurity Defenders

    By Tom Rickey

    Scientists have taken a key step toward harnessing a form of artificial intelligence known as deep reinforcement learning, or DRL, to protect computer networks. DRL shows the promise of an autonomous AI in proactive cyber defense.