News from the AI & ML world
DeeperML - #protection
|
@owaspai.org
//
The Open Worldwide Application Security Project (OWASP) is actively shaping the future of AI regulation through its AI Exchange project. This initiative fosters collaboration between the global security community and formal standardization bodies, driving the creation of AI security standards designed to protect individuals and businesses while encouraging innovation. By establishing a formal liaison with international standardization organizations like CEN/CENELEC, OWASP is enabling its vast network of security professionals to directly contribute to the development of these crucial standards, ensuring they are practical, fair, and effective.
OWASP's influence is already evident in the development of key AI security standards, notably impacting the AI Act, a European Commission initiative. Through the contributions of experts like Rob van der Veer, who founded the OWASP AI Exchange, the project has provided significant input to ISO/IEC 27090, the global standard on AI security guidance. The OWASP AI Exchange serves as an open-source platform where experts collaborate to shape these global standards, ensuring a balance between strong security measures and the flexibility needed to support ongoing innovation. The OWASP AI Exchange provides over 200 pages of practical advice and references on protecting AI and data-centric systems from threats. This resource serves as a bookmark for professionals and actively contributes to international standards, demonstrating the consensus on AI security and privacy through collaboration with key institutes and Standards Development Organizations (SDOs). The foundation of OWASP's approach lies in risk-based thinking, tailoring security measures to specific contexts rather than relying on a one-size-fits-all checklist, addressing the critical need for clear guidance and effective regulation in the rapidly evolving landscape of AI security.
Share:
References :
Classification:
Louis Columbus@AI News | VentureBeat
//
Cloudflare is addressing the growing need for robust cyber security in the face of emerging technologies and cyber threats, particularly concerning quantum computing. They've announced that organizations can now protect their sensitive corporate network traffic against potential quantum threats through their Zero Trust platform. This allows customers to tunnel corporate network traffic through Cloudflare's Zero Trust platform using post-quantum cryptography, effectively upgrading network security without requiring customers to manage the complex cryptographic updates themselves.
Recent breakthroughs in quantum computing highlight the vulnerability of conventional cryptography, and Cloudflare has been at the forefront of developing and implementing post-quantum cryptography since 2017. The National Institute of Standards and Technology (NIST) has also set a timeline to phase out RSA and Elliptic Curve Cryptography (ECC) by 2035, emphasizing the urgency of this transition. Cloudflare reports that over 35% of the non-bot HTTPS traffic that touches Cloudflare today is post-quantum secure, and users of major browsers like Chrome, Edge, and Firefox already benefit from this enhanced security.
Share:
References :
Classification:
|
BenchmarksBlogsResearch Tools |