Posts

Showing posts with the label vendor management

Zero Day Factory: How to Manage Risks from New AI-Driven Vulnerability Discovery Capabilities

Reports that new, advanced AI models are capable of finding unknown and potentially dangerous software vulnerabilities at record speeds have been a focus for cybersecurity professionals over the past several weeks. The gravity and novelty of the potential threat have now drawn attention from across industry and the U.S. government. The White House Office of the National Cyber Director, for example, is reportedly convening industry roundtables, and technical experts have begun to offer initial recommendations. AI-driven vulnerability discovery capabilities, if used by malicious actors, could make it dramatically easier and faster for even low-skill criminals (let alone nation-state hackers) to find and take advantage of vulnerabilities. So what should companies be doing now? The capabilities described would appear to give the advantage to malicious cyber actors, because significant and previously unknown “zero day” vulnerabilities can be found and exploited in a matter of hours. T...