Secure AI deployment is complicated: 5 ways to get your ducks in a row
A Cloud Security Alliance report explores new requirements for the tools, processes, and roles that secure AI-driven systems. Here are key takeaways.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
Secure AI deployment is complicated: 5 ways to get your ducks in a row
What developers think about application security might surprise you
Software security is front of mind for organizations. What developers have to say is critical. Here are four key takeaways from a survey of engineers about AppSec.
Secure by Design and Secure by Default: You need both to boost AppSec
When it comes to these two security approaches advanced by CISA for locking down your application security, it's not an either/or proposition. Here's why.
OWASP tackles AI security with new NHI Top 10: What you need to know
Identity management is key for security, but AI is bringing a lot more non-humans into the mix. The OWASP list calls attention to this. Here are the top takeaways.
BSIMM15 shines light on compliance and AI security
The report emphasizes traditional AppSec practices — but those are no match for new threats from AI/ML. Here's what you need to know.
Securing generative AI: 5 action items to protect your organization
AI's integration across enterprise platforms is "rapidly expanding the global attack surface." Here are five action items for your team.
Census III study spotlights ongoing open-source software security challenges
The study, from the Linux Foundation, OpenSSF, and Harvard, highlights key open-source risk areas. Here's what you need to know.
U.K. cybersecurity chief warns of gap between risks and defenses
The new NCSC lead warned that cybersecurity risk is 'widely underestimated.' But experts say AI could close the gap — if the industry comes together.
AI-based fuzzing targets open-source LLM vulnerabilities
Google researchers using OSS-Fuzz have identified 26 vulnerabilities, but experts warn that AI fuzzing is not a panacea for AI/ML security.