We are pleased to announce that the Unpacking OSTP’s Blueprint for an AI Bill of Rights White Paper has been published on the ATARC website linked here
and view the View the AI Bill of Rights Framework: Algorithmic Discrimination Webinar:
Any questions or follow up: please address them to Amy Karpowicz Advanced Technology Academic Research Center (ATARC)
Secure By Design is proud to be a member of CSA-DC and a contributor to the development of this white paper.
Although ZT is in its infancy, we hope this informative white paper provides a snapshot of the complexity and infancy of ZT adoption. We believe it helps IT stakeholders with a deeper understanding of:
This white paper concludes with Recommendations on how ecosystem stakeholders can improve collaboration to accelerate the adoption of ZT in their environments and meet government mandates. We trust you will find this white paper a valuable resource and ask you to please join us and become involved with the CSA-DC chapter.
Detecting Synthetic Multimedia: Imagery vs. Video
from State Department
A CISO/ CIO reference: From our FED friends at https://www.state.gov/programs-technology-engagement-division/
Traditional multimedia forensics involves examining imagery, video, or other media to assess origin and likelihood of manipulation. It relies on identifying subtle visual indicators that may or may not be noticeable to the human eye. GenAI synthetic content adds an element of novelty to the field of multimedia forensics. GenAI-derived synthetic media can create incredibly sophisticated depictions of false situations that resemble authentic photos and videos. Fortunately, synthetic content often contains subtle visual clues of its own that can be uncovered with careful human analysis or with the assistance of tools that reveal artifacts imperceptible to the human eye.
We are pleased to announce our partnership with the https://compliancy-group.com.
Our team has crafted a tailored services offering around our partners' offering. Compliancy Group provides a comprehensive document management platform (SaaS- with no API's or agents) for healthcare compliance management, focusing on simplifying and automating the compliance process across various standards and regulations. Their services are designed to help healthcare entities efficiently manage HIPAA, OSHA, and SOC 2 compliance, while also providing the necessary tools and guidance for training and incident management.
Today's industry leaders such as OWASP® Foundation continue to provide incredible resources for the community to learn, and help their organizations securely adopt AI.
This newest LLM/AI Security and Governance Checklist from OWASP Top 10 For Large Language Model Applications and folks like Sandy Dunn and Steve Wilson is a great example.
It covers:
This is an excellent resource for the community and folks such as CISO's and Security Leaders looking to keep pace with business peers on AI, and facilitate secure AI adoption for their organizations while mitigating risk and implementing governance.
Learn more: https://microsoft.com/mddr
Dive deeper: https://blogs.microsoft.com/on-the-issues/
Stay connected: @msftissues and @msftsecurity
In this fourth annual edition of the MS Digital Defense Report, MS shares insights on how the threat landscape has evolved and discuss the shared opportunities and challenges we all face in securing a resilient online ecosystem which the world can depend on.
SBD is honored to sponsor the 'On First Principles' podcast, where Christian Keil (https://twitter.com/pronounced_kyle), Host and Chief of Staff at Astranis, dives into the complex world of deep tech startups. Christians' mission is to make these deep tech startups approachable and PhD-optional.
Look for our SBD ad (at the 8 min, 40 second mark), where founder Ian Brooke (YC W24) gives his first public interview to talk about Astro Mechanica, a new startup building
electric-adaptive jet engines. And, possibly, the world’s fastest plane. And the cheapest way to orbit. SBD proudly supports deep thinkers and tech innovation and we hope you enjoy this interview.
https://youtu.be/Detvd2EqWWU?si=FkZ2WCk47Cga6gih
https://www.linkedin.com/in/ian-brooke-b7496325/
Extend data protection beyond your organization’s IT perimeter In today’s business environment, Computer Aided Designs (CAD) data are shared beyond a company’s IT boundary. That means an organization’s critical intellectual property (IP) based on CAD files, such as blueprints, drawings, illustrations, and simulations, can easily get into the wrong hands. Consequently, loss or breach of proprietary information can result in loss of reputation, sales, and profit, causing irreversible damage.
HALOCAD enhances Microsoft 365 E5 compliance to protect CAD files across the production chain, including uncontrolled partner and supplier IT environments.
Enhance your security tools. Extend the security provided by Microsoft Purview Information Protection to the complete lifecycle of CAD files.
Case Studies included.
Although a wide range of US Government (USG) guidance on health, EMDs, and compliance of the American Disability Act exists, navigating the guidance to properly care for employees while respecting security is often a challenge for Chief Information Officers (CIOs), Security Approving Officials and supervisors alike.
This document will help Approving Officials and supervisors understand the risks and find the way to a “Yes” approval for the workforce’s wireless medical personal devices in secure areas and SCIFs. The approach, guidance and example references should provide a path for identifying risk and approving acceptable use for employees across agencies and organizations.
So what really is Threat Reconnaissance? This term basically means to gain visibility far beyond your perimeter to trace threats to their origin and map out the extended infrastructures. This allows you to watch threat actors at work, monitor their infrastructures as they evolve, and trace clear paths between them and their victims.
The objective is to give you the best chance of, not just surviving, but defeating cyber-attacks even before they commence nefarious activity. Adding a threat recon program to your overall security practice allows you to manage risks and/or deal with active threats more effectively. This allows more freedom as you move the needle of cyber resilience from reactive to proactive.
So what do elite threat hunters see, that others can’t? This data sheet will show you quickly.
Zero-trust projects come with cost, complexity, flaws and accuracy challenges. Whether you’re looking to address flaws in your zero-trust cloud environments; or you lack the budget and resources to begin, we can help. By adding service-level enforcement and required services and expertise, Team Cymru should be a definite consideration for any security enterprise.
For example, can you currently see activity across Every AS on the internet, observing and scoring both IPv4 and IPv6 addresses? So really what is “Pure Signal,” and why should I care?
This data sheet will help you answer these items quickly.
Schedule a Consultation