Mediaboss Marketing

The U.S. National Security Agency has announced the creation of a new entity to oversee the development and integration of artificial intelligence capabilities within U.S. national security systems.

The new NSA AI Security Center has been designed to become a focal point for developing best practices for evaluating methodology and risk frameworks, with an aim to promote the secure adoption of AI capabilities across the national security and defense industries. The new center will also consolidate the NSAs previous AI security-related activities in one place.

The AI Security Center will become NSAs focal point for leveraging foreign intelligence insights, contributing to the development of best practices, guidelines, principles, evaluation methodology and risk frameworks for AI security,Army Gen. Paul Nakasone (pictured), director of the NSA, said at a National Press Club event in Washington, D.C., as reported by Defense Onelate last week. Nakasone also noted that the AI Center has an end goal of promoting the secure development, integration and adoption of AI capabilities within our national security systems and our defense industrial base.

In a statement from the Department of Defense,Nakasone provided further details behind the motivation for setting up the center, saying that today, the U.S. leads in this critical area, but this lead should not be taken for granted.

Our adversaries, who have for decades used theft and exploitation of our intellectual property to advance their interests, will seek to co-opt our advances in AI and corrupt our application of it,Nakasone explained.

The new AI Security will be part of theNSAs Cybersecurity Collaboration Center and will set a clear path forward to address both the opportunities and challenges of AI as industry rockets forward with innovation.

We must build a robust understanding of AI vulnerabilities, foreign intelligence threats to these AI systems and ways to encounter the threat in order to have AI security, Nakasone added. We must also ensure that malicious foreign actors cant steal Americas innovative AI capabilities to do so.

The threats from foreign intelligence are real, with the NSA warning on Sept. 27 that an alleged Chinese-linked hacking group isactively targeting and exploiting routers, particularly those from Cisco Systems Inc.The advisory claimed that BlackTech, also known as Palmerworm, Temp.Overboard, Circuit Panda and Radio Panda have demonstrated capabilities in modifying router firmware without detection.

Photo: Fort George G Meade/Flickr

THANK YOU

View post:
New NSA center will oversee development and integration of AI capabilities - SiliconANGLE News

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), Developer and Vendor Challenges to Identity and Access Management, to provide developers and vendors of multi-factor authentication (MFA) and single sign-on (SSO) technologies with actionable recommendations to address key challenges in their products.

The report was developed by an NSA and CISA-led working panel through the Enduring Security Framework (ESF), a public-private cross-sector working group that provides cybersecurity guidance addressing high priority threats to the nations critical infrastructure.

The co-authors observe that the increase of multi-computer use has led to vulnerabilities in access management and identity verification, meaning risk for computer systems and information one of the most critical resources for any organization. Cyber criminals are continuing to refine methods and approaches as the cyber landscape evolves. A significant portion of breaches occur from misusing or manipulating digital identities, including stolen credentials and phishing, or by exploiting vulnerabilities.

Following these general observations, the report proceeds in greater detail. User names and passwords are no longer enough to keep systems secure. Sophisticated phishing attacks even have the ability to bypass basic MFA forms, because not all forms of MFA offer the same level of protection. For example, malicious actors can intercept one-time codes in real time and then use them to authenticate identity on systems.

Specifically, the CTR outlines the following challenges:

The guidance details each of these challenges and provides recommendations for developers, vendors, and security professionals to help better protect their organizations and partners.

Read the full report now.

Read more at NSA

The rest is here:
NSA- and CISA-Led Panel Release Report on Developer and Vendor Challenges to Identity and Access Management ... - HSToday

FORT MEADE, Md. The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), Developer and Vendor Challenges to Identity and Access Management, to provide developers and vendors of multi-factor authentication (MFA) and single sign-on (SSO) technologies with actionable recommendations to address key challenges in their products. The report was developed by an NSA and CISA-led working panel through the Enduring Security Framework (ESF), a public-private cross-sector working group that provides cybersecurity guidance addressing high priority threats to the nations critical infrastructure. The co-authors observe that the increase of multi-computer use has led to vulnerabilities in access management and identity verification, meaning risk for computer systems and information - one of the most critical resources for any organization. Cyber criminals are continuing to refine methods and approaches as the cyber landscape evolves. A significant portion of breaches occur from misusing or manipulating digital identities, including stolen credentials and phishing, or by exploiting vulnerabilities. Following these general observations, the report proceeds in greater detail. User names and passwords are no longer enough to keep systems secure. Sophisticated phishing attacks even have the ability bypass basic MFA forms, because not all forms of MFA offer the same level of protection. For example, malicious actors can intercept one-time codes in real time and then use them to authenticate identity on systems. Specifically, the CTR outlines the following challenges:

Ambiguity with MFA terminology

Lack of clarity on security properties

Reliance of MFA on self-enrollment by the user and one time enrollment code flow

Tradeoff between SSO functionality and complexity

Improvements necessary to standards throughout the identity ecosystem

Knowledge base for the integration between existing architectures and legacy applications

SSO capabilities often bundled with high-end enterprise features making them inaccessible to small and medium businesses

The guidance details each of these challenges and provides recommendations for developers, vendors, and security professionals to help better protect their organizations and partners. Read the full report now. Read the related March 2023 ESF release, Recommended Best Practices for Administrators Identity and Access Management. Visit our full library for more cybersecurity information and technical guidance.

NSA Media Relations MediaRelations@nsa.gov 443-634-0721

Go here to see the original:
NSA and ESF Partners Release Report on MFA and SSO Challenges - National Security Agency

This National Hispanic Heritage Month, were proud to bring you the Mucho Gusto! or Nice to meet you! series of weekly interviews featuring members of NSAs Hispanic and Latino (HLAT) Employee Resource Group (ERG). Our interviewees embrace what we share in common and celebrate what makes us unique, in keeping with the years theme, Todos Somos. Somos Uno: We are all. We are One. This week, wed like to introduce you to ERG member Vivian Hernandez. Where are you originally from and what would you like to share about your upbringing? I was born to a Puerto Rican father and a Costa Rican mother, but my ancestry goes back to Spain. I was born in San Turce, Puerto Rico, and spent the first year of my life in Costa Rica while my mother was working out the kinks to come to the U.S. We eventually moved to Miami, Florida where I grew up. I was the only child and we didnt have any family in the U.S., so my parents made lots of Cuban friends who became like family. I remember all the parties we had growing up enjoying every special occasion, holiday, or the just because party. We had a lot of happy times dancing, eating fabulous foods from various countries, and just coming together. Growing up in South Florida was great because no matter where you went, you were able to speak in your native language (Spanish) and everyone treated you like family. Growing up in Miami also meant going to the beach a lot and playing dominos while you were there. It also meant many Disney trips, visiting Parrot Jungle, and going to the flea market (those from Miami can relate).

What does this years NHHM theme Todos Somos. Somos Uno: We are all. We are One mean to you? The theme means that we put aside our biases and our differences, and we unite together as one to celebrate our diversity which makes us who we are. This couldnt be better demonstrated than the annual Calle Ocho event which takes place in Little Havana in Miami. Its a massive Latin American carnival event that attracts millions of people. The carnival extends close to twenty blocks or more and brings representations from numerous Latin American countries proudly displaying their dance/folklore, music, and delicious foods. All these people unite together to celebrate the Latin culture no matter where you are from. How has your ethnic heritage shaped the person you are today, personally or professionally? Latinos are hard workers and I saw that firsthand in my home. My mother was the epitome of hard work. She came to this country determined to give the best of herself. I remember going to the eyeglass company where she worked as a manager and watch her work ethic. On those rare visits, she taught me that same work ethic as I helped on the assembly line putting glasses into boxes. I just thought it was fun. Watching her throughout my life has shaped my own personal work ethic and taught me to appreciate every opportunity presented to me. How did you come to work for the Agency and what part of your job do you love the most? Before coming to the Agency I worked for the Hollywood Police Department in Hollywood, Florida. The department was in need of a polygraph examiner, and I volunteered to go to school so I could take on the task. However, budgetary issues did not make that possible. At the same time, my husband, who was also in law enforcement, was looking at positions with the federal government because he was planning to retire in the future. I began helping him look and I came across the Polygraph Examiner position with the Agency. We kicked around the idea of moving for the job and I applied. I went through the process and was hired. I recently moved to NSA Georgia and into a Counterintelligence Investigator position after four years in Polygraph. The move was the best thing I did. I love my new position because I wear different hats, I work investigations, and its never a dull moment.

If I handed you a magic wand, what would be your ideal workplace in terms of diversity, equality and inclusion? What does that look like for NSA as a whole? My ideal workplace would be working with individuals who recognize that we are all diverse and different, and who will respect those differences regardless of each individuals background. This could also translate to NSA as a whole: because of our differences, we have different perspectives, experiences, and ideas that can come together and make us better as an Agency. I must say though, I already work with a great team of people!

What advice would you have for aspiring NSA employees? My advice is to have a vision and set goals or milestones. Embrace what it means to work hard and collaborate with others. The journey is not accomplished alone, yet, connecting with others and being open to new ideas and knowledge will help you succeed in your walk. Extra question: If you could pick one word to represent what NHHM means to you, what would it be? Belonging

Read this article:
Unexpected Twists, Unified Community: Vivian's NSA Journey - National Security Agency

October 2, 2023 by Joseph Fitsanakis

LAST WEEK, TWO SENIOR UNITED States intelligence officials shared rare insights on artificial intelligence, as they discussed some of the opportunities and threats of this new technological paradigm for their agencies. On Wednesday, Lakshmi Raman, Director of Artificial Intelligence at the Central Intelligence Agency, addressed the topic during an on-stage interview at Politicos AI & Tech Summit in Washington, DC. On Thursday, the National Security Agencys outgoing director, Army General Paul Nakasone, discussed the same subject at the National Press Clubs Headliners Luncheon in the US capital.

Nakasone (pictured) noted in his remarks that the US Intelligence Community, as well as the Department of Defense, have been using artificial intelligence for quite some time. Thus, artificial intelligence systems are already integral in managing and analyzing information on a daily basis. In doing so, such systems contribute in important ways to the decision-making by the NSAs human personnel. At the same time, the NSA has been using artificial intelligence to develop and define best-practices guidelines and principles for intelligence methodologies and evaluation.

Currently, the United States maintains a clear advantage in artificial intelligence over is adversaries, Nakasone said. However, that advantage should not be taken for granted. As artificial intelligence organizational principles are increasingly integrated into the day-to-day functions of the intelligence and security enterprise, new risks are emerging by that very use. For this reason, the NSA has launched its new Artificial Intelligence Security Center within its existing Cybersecurity Collaboration Center. The mission of the Cybersecurity Collaboration Center is to develop links with the private sector in the US and its partner nations to secure emerging technologies and harden the US Defense Industrial Base.

Nakasone added that the decision to create the Artificial Intelligence Security Center resulted from an NSA study, which alerted officials to the national security challenges stemming from adversarial attacks against the artificial intelligence models that are currently in use. These attacks, focusing on sabotage or theft of critical artificial intelligence technologies, could originate from other generative artificial intelligence technologies that are under the command of adversarial actors.

Last Wednesday, the CIAs Raman discussed some of the ways that artificial intelligence is currently being put to use by her agency to improve its analytical and operational capabilities. Raman noted that the CIA is developing an artificial intelligence chatbot, which is meant to help its analysts refine their research and analytical writing capabilities. Additionally, artificial intelligence systems are being used to analyze quantities of collected data that are too large for human analysts to manage. By devoting artificial intelligence resources to the relatively menial and low-level tasks of data-sifting and sorting, the CIA enables its analysts to dedicate more time to strategic-level products.

At the same time, however, the CIA is concerned about the rapid development of artificial intelligence by nations such as China and Russia, Raman said. New capabilities in artificial intelligence, especially the generative kind, will inevitably provide US adversaries with tools and capabilities that will challenge American national security in the coming years, she concluded.

Author: Joseph Fitsanakis | Date: 02 October 2023 | Permalink

Like Loading...

See the rest here:
NSA, CIA senior officials address artificial intelligence threats and ... - intelNews.org