3 Interesting Articles
E.U. Takes a Step Closer to Passing the World’s Most Comprehensive AI Regulation
Time: The EU’s AI Act, aimed at regulating artificial intelligence use, is advancing towards becoming law after approval by lawmakers. The Act includes a ban on real-time facial recognition and imposes transparency measures on generative AI tools like ChatGPT. High-risk AI applications must comply with safety requirements, and powerful AI systems, or “foundation models,” are subject to transparency and risk assessment rules. Attempts to remove the facial recognition ban were rejected. Critics, however, point out the Act currently lacks restrictions on AI systems’ computing power usage.
Researchers Report First Instance of Automated SaaS Ransomware Extortion
Dark Reading: The 0mega ransomware group has carried out a novel attack on a company’s SharePoint Online platform, bypassing typical endpoint methods and exploiting a weakly secured administrator account to steal sensitive data. The group accessed a vulnerable Microsoft Global administrator account, created a new user with broad permissions, and removed existing administrators. Afterward, they downloaded hundreds of files, exfiltrating the data to a Russian web hosting company. The discovery highlights a rising trend in SaaS attacks and the necessity for robust security beyond endpoint protection.
Why Data Security is the Unsung Hero Driving Business Performance
Security Intelligence: Data security is key in the digital economy, with advanced security capabilities leading to higher revenue growth, according to research from the IBM Institute for Business Value. Chief Data Officers (CDOs) build trust and accelerate opportunities by ensuring data security. High-performing CDOs prioritize data security, align it with operational strategies, and effectively manage data compliance, which allows organizations to confidently take calculated risks and maximize data value in a constantly evolving technological landscape.
2 Stats You Should Know
69% of organizations acknowledge that they will not be able to respond to critical threats without AI. (source)
In a recent survey, 79% of consumers can’t figure out what companies are doing with their data. (source)
1 More Thing
Funny tweet to end the week:
Our large and diverse network of experts is here to help...
Charles M.
Principal
Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.
Ellen K.
GRC Expert
Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.
Zachary C.
Founder and CRO
Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.