News for Admins

Tech News

Article from ADMIN 81/2024
By
In the news: DHS Releases New Guidelines for Securing Critical Infrastructure; Datadog Report Examines DevSecOps Best Practices; Upskilling Key to Tech Staffing Challenges, Says LF Survey; 2024 Open Source Pros Job Survey Report Released; OpenSSF Issues Guidance to Help Prevent Social Engineering Attacks; Black Duck Supply Chain Edition Released by Synopsys; Spectra Logic Announces New Tape Libraries and Management Software; LPI Launches Open Source Essentials Program; Apache Software Foundation Celebrates 25 Years; SUSE Announces Rancher Prime 3.0; NSA Issues Zero Trust Guidelines for Network Security; and NIST Releases Major New Version of Cybersecurity Framework.

DHS Releases New Guidelines for Securing Critical Infrastructure

The US Department of Homeland Security has released new resources to help address threats posed by AI, including guidelines to mitigate AI risks to critical infrastructure (https://www.dhs.gov/news/2024/04/29/dhs-publishes-guidelines-and-report-secure-critical-infrastructure-and-weapons-mass).

"AI can present transformative solutions for US critical infrastructure, and it also carries the risk of making those systems vulnerable in new ways to critical failures, physical attacks, and cyber attacks. Our department is taking steps to identify and mitigate those threats," said Secretary of Homeland Security Alejandro Mayorkas.

DHS outlines a four-part mitigation strategy, involving the following steps:

  • Govern: Establish an organizational culture of AI risk management – build organizational structures that prioritize security.
  • Map: Understand your individual AI use context and risk profile.
  • Measure: Develop systems to assess, analyze, and track AI risks – identify repeatable methods and metrics for measuring and monitoring AI risks and impacts.
  • Manage: Prioritize and act upon AI risks to safety and security – implement controls to maximize the benefits of AI systems while decreasing harmful impacts.

Read the Safety and Security Guidelines for Critical Infrastructure Owners and Operators for more information: https://www.dhs.gov/publication/safety-and-security-guidelines-critical-infrastructure-owners-and-operators.

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • IT Pros Report Lack of Familiarity with Secure Software Development
  • News for Admins
    In the news: MySQL 9.0 Released; NordVPN Launches File Checker Tool; Critical OpenSSH Vulnerability Affects Linux Systems; IT Pros See Shrinking Job-Related Benefits Despite Salary Increases; Top Trends Driving Observability Adoption; Containers Dominate in Both Development and Production, According to Docker Report; Ubuntu Core 24 Released for Edge and IoT; Yocto Project Releases 5.0 LTS Version; OpenSSF Introduces Siren Security Platform; Raspberry Pi Announces Intent to Go Public; and Red Hat Introduces Image Mode for RHEL.
  • News for Admins
    In the news: CIQ Offers Long-Term Support for Rocky Linux on AWS; Apple's PQ3 Brings Post-Quantum Security to iMessage; Google Open Sources Magika File-Type Detection System; Microsoft Announces Sudo for Windows; Linux Foundation Launches Post-Quantum Cryptography Alliance; Sys Admins Saw the Biggest Average Salary Increase in 2023, According to Dice; Use of Open Source Software Increased Significantly in 2023; Docker Build Cloud Announced; Wi-Fi CERTIFIED 7 Announced; EU Commissions Nostradamus Project for Quantum Testing; and NIST Identifies Main Types of Adversarial Machine Learning Threats, GitLab Announces Critical Security Releases.
  • Google Commits $1 Million in Funding to the Secure Open Source Program
  • OpenSSF Introduces Siren Security Platform
comments powered by Disqus