Tag Archive for: Mitigate

How To Mitigate The Enterprise Security Risks Of LLMs

/in


Christopher Savoie, PhD, is the CEO & founder of Zapata AI. He is a published scholar in medicine, biochemistry and computer science.

Since ChatGPT came out last year, Large Language Models (LLMs) have been on the tip of every enterprise leader’s tongue. These AI-powered tools have promised to dramatically increase productivity by automating or assisting with the creation of marketing content, sales materials, regulatory documents, legal contracts and more—while transforming customer service with more responsive, human-like chatbots.

However, as these LLMs become increasingly integrated into business operations, enterprises should be aware of several potential security risks.

There are three layers to the security issues of LLMs.

1. Sharing sensitive data with an external LLM provider.

2. The security of the model itself.

3. Unauthorized access to sensitive data that LLMs are trained on.

Sharing Sensitive Data With External LLM Services

Back in May, Samsung was in the news for banning the use of ChatGPT and other AI chatbots after sensitive internal source code was shared with the service. Samsung feared the code could be stored on the servers of OpenAI, Microsoft, Google or other LLM service providers and potentially be used to train their models.

By default, ChatGPT saves users’ chat history and repurposes it to further train their models. It’s possible this data could then be exposed to other tool users. If you use an external model provider, be sure to find out how prompts and replies can be used, if they are used for training and how and where they are stored.

Many enterprises, particularly in regulated industries like healthcare or finance, have strict policies about sharing their sensitive data with external services. Sharing data with an externally hosted LLM provider is no exception. Even if data isn’t inadvertently shared with other users of these tools, customers have no recourse if the data they share with external LLM providers is hacked.

To avoid these risks entirely, enterprises should consider training and running their AI chatbot tools within their own secure environment: private cloud, on-premises—whatever the enterprise considers…

Source…

How IBM and Cloudflare are Collaborating to Mitigate Bot-Based Security Threats

/in


How IBM and Cloudflare are Collaborating to Mitigate Bot-Based Security Threats


By Nataraj Nagaratnam | CTO, IBM Cloud Security, IBM

August 08, 2023

Across the globe, organizations are expanding their hybrid cloud environments to meet their transformation goals. These modernization efforts can support partnership ecosystems, supply chain demands, and other objectives, but they also have the potential to increase security and compliance concerns. According to IBM’s 2023 Cost of a Data Breach Report[1], 95 percent of the surveyed organizations studied have had more than one data breach.

To continue addressing the ever-changing threat landscape, IBM’s expanded offering in collaboration with Cloudflare, the Internet security, performance, and reliability company running one of the world’s largest and most interconnected networks today, is now available to Enterprise Premier Plan users. In 2018, IBM first introduced IBM Cloud Internet Services’ (CIS), powered by Cloudflare. This offering allows IBM Cloud customers to configure mission-critical web and application performance and security solutions to help them combat critical security challenges such as with Distributed Denial-of-Service (DDoS) mitigation and data theft protection. Both IBM and Cloudflare continue to have a mission of delivering solutions that will address these potentially costly security threats, without hindering Internet speed or business innovation.

“With the rise of DDoS attacks and data theft, it’s become important to have a provider that helps us meet the challenges of the ever-changing threat landscape. That’s why at Liquid Reply, we have called on IBM Cloud and Cloudflare to help support our security initiatives,” said Davide Sarais, IT Lead at Liquid Reply. “By using IBM Cloud Internet Services, we’ve been able to maintain our compliance posture t. The new features that are available to IBM and Cloudflare clients are exciting advancements that we hope will take our approach to security to the next level.”

New Offering: Cloudflare Bot Management on IBM Cloud Internet Services

As malicious bot attacks become more sophisticated and manual mitigations…

Source…

Jamf VP explains enterprise security threats — and how to mitigate them

/in


Apple-focused device management and security vendor Jamf today published its Security 360: Annual Trends report, which reveals the five security tends impacting organizations running hybrid work environments. As it is every year, the report is interesting, so I spoke to Michael Covington, vice president of portfolio strategy, for more details about what the company found this year.

First, here’s a brief rundown of some of the salient points in the report:

  • In 2022, 21% of employees were using devices that were misconfigured, exposing the device and the employee to risk.
  • 31% of organizations had at least one user fall victim to a phishing attack.
  • 7% of Android devices accessed third-party app stores, which often provide versions of legitimate apps that have been tampered with to include malicious code that infects user devices, compared to 0.002% of iOS devices.
  • New malware infections dropped from just over 150 million to about 100 million, with malicious network traffic continuing to be more prevalent.

The report confirms that some of the most well-known bad security habits continue. For example, 16% of users are regularly exposing confidential or sensitive data by sharing it via unsecured Wi-Fi hotspots.

Security 360 also gives a good set of insights into how important privacy is to overall enterprise security.

The report points to a range of ways in which privacy, once broken, creates security instability, including nation states that subvert device security to watch, photograph, and record what people do in order to blackmail or otherwise exploit victims.

Another threat is poor data lifecycle management, when companies that do gather private information don’t protect that data well enough. The company continues to invest in approaches to challenge all of these. There’s a host of additional information available in the report, which you can explore here.

Source…

The growing threat of CEO fraud and how to mitigate it

/in


CEO fraud is a type of financial theft attack in which criminals impersonate a CEO or other C-level executive to obtain sensitive data or money. The perpetrators often trick a finance or human resources employee into executing unauthorised money transfers or sending confidential tax and payroll information. By posing as the CEO or other senior figures, the attacker guarantees that the malicious email gets employees’ attention. Many employees are reluctant to question a request from their CEO, so they usually provide the information.

The U.S. Federal Bureau of Investigation (FBI) categorises CEO fraud as a business email compromise (BEC) scam. BEC uses various techniques, including social engineering, compromising legitimate business email accounts, malicious software to access inboxes, and other computer intrusion tactics.

A growing threat

The number and impact of BEC scams continue to increase. The FBI reported a 65% increase in global losses from BEC between July 2019 and December 2021. According to the same report, data collected from the FBI Internet Crime Complaint Center, law enforcement, and financial institutions revealed that the scams cost victims more than USD $43 billion in 2021 and involved fraudulent transfers to banks from over 140 countries.

Breach reporting is not always mandatory, meaning the actual numbers could be much higher. Many victims are also embarrassed to report these cybercrimes as they may feel foolish and want to avoid reputational damage. The criminals rely on this shame to mask the staggering losses resulting from BEC.

Identifying and compromising CEOs

The perpetrators use platforms like LinkedIn and company websites to identify CEOs and senior executives and obtain their contact details. They then use email or messaging platforms such as WhatsApp to contact the targets and attempt to hijack their accounts. With a stolen email or messaging account, the attacker has access to the executive’s contacts and can use the same scam with CEOs and senior executives at other companies.

Spoofing sender details

There are two common tactics for manipulating sender information in CEO fraud emails:

  • In name spoofing, the attacker uses the name of the…

Source…