• Project Overwatch
  • Posts
  • #023 - Cyber AI Chronicle - Rethinking Cybersecurity Communication

#023 - Cyber AI Chronicle - Rethinking Cybersecurity Communication

PRESENTED BY

Cyber AI Chronicle

By Simon Ganiere · 9th June 2024

Welcome back!

Project Overwatch is a cutting-edge newsletter at the intersection of cybersecurity, AI, technology, and resilience, designed to navigate the complexities of our rapidly evolving digital landscape. It delivers insightful analysis and actionable intelligence, empowering you to stay ahead in a world where staying informed is not just an option, but a necessity.

Note: There will be no newsletter next week-end as i’m traveling and taking a break!

Table of Contents

What I learned this week

TL;DR

  • I know some of the read might think i’m bashing after Microsoft but honestly what’s going on there is really important for the industry. It really looks like whoever is in charge of Recall did not get the memo named “Prioritizing security above all else” from Satya. However, thanks to the pressure from the security industry and its leader, Microsoft finally decided to make some changes! Recall will not be enabled by default, required authentication and encryption of the data. I can’t comprehend how all of those controls were missed from the start for the sake of marketing and announcement. I just hope that the rest of the Microsoft product team read that memo and we won’t see something this bad any time soon!

  • The war on data continues. Data was already a hot commodity and the whole AI movement is making this even more important. On a personal note, I would strongly recommend to cross-check some of the terms of use of the services you use. Adobe is now in hot water about it and it’s not the first company to struggle with recent terms changes.

  • A great research paper from Google on Security The AI Software Supply Chain. This paper is well written and highlight some interesting point like the fact that AI application still have to deal with the basic of security. Most interestingly, as building model is expensive, it’s literally just pushing the necessity to rely on the software supply chain » MORE

  • Also a lot of positive news from law enforcement. It seems there is a shift here as well as we have seen quite a few successful law enforcement operations since the start of the year. The latest one, named Operation Endgame, targeted droppers such as IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee and Trickbot. This highlight the great collaboration between private section and law enforcement and the importance of those operations. Time will tell how successful this one was but let’s hope it has a lasting effect.

  • No time to work on coding project this week but whilst reading a non-security books I came to learn about habituation and semantic satiation. Two concepts that are actually very relevant in cyber security and in particular on how we communicate cyber threats and risks. I really like how non-security concept can be applied to cyber and how much we can learn from other disciplines » MORE

Subscribe to keep reading

This content is free, but you must be subscribed to Project Overwatch to continue reading.

Already a subscriber?Sign In.Not now