The news is out that the DoD and the NSA is about to open an AI Security Center. Here’s why they are doing this:
The AI Security Center will become the focal point for developing best practices, evaluation methodology and risk frameworks with the aim of promoting the secure adoption of new AI capabilities across the national security enterprise and the defense industrial base.
The new entity will consolidate the agency’s various artificial intelligence, security-related activities.
“The AI Security Center will work closely with U.S. Industry, national labs, academia across the [intelligence community] and Department of Defense and select foreign partners,” Nakasone said during a discussion hosted by the National Press Club in Washington.
Emily Phelps, Director, Cyware had this comment:
“In an era where technological advancements are both an advantage and a potential threat, centralizing expertise and capabilities can foster rapid development while ensuring that vulnerabilities are addressed quickly. Collaborative initiatives with the Defense Department, intelligence community, academia, and international partners can provide a holistic approach to AI-supported security. It’s crucial for the US to not only maintain but enhance its leadership in AI, ensuring that its innovative capabilities remain protected.”
This is a really good move by the NSA. It puts the smartest minds on the topic in one place. Which will make it way easier to respond to whatever curve balls that AI has in store for all of us.
Over 50,000 Vulnerabilities Discovered in DoD Systems Through Bug Bounty Program
Posted in Commentary with tags DoD on March 19, 2024 by itnerdThe Department of Defense Cyber Crime Center (DC3) announced that it processed its 50,000th vulnerability since introducing its crowd-sourced ethical hacking vulnerability disclosure program:
Unlike short-duration bug bounties, VDP’s crowd-sourced ethical hackers report vulnerabilities continuously as part of a defense-in-depth approach. Through its function as the focal point for receiving vulnerability reports, DC3 VDP continues to contribute significantly to DoD’s overall security.
Olivier Beg, Co-Founder and Chief Hacking Officer at Hadrian had this to say:
“The DoD reaching 50,000 processed vulnerabilities through its Vulnerability Disclosure Program is a major milestone! As a security researcher who has submitted to the VDP, I’ve seen firsthand the program’s dedication to continuous improvement. The expansion of scope and focus on automation make it an attractive option for researchers to contribute to national security.
I’m excited about the DoD VDP’s future. With continued emphasis on researcher recognition, transparency around remediation efforts, and greater accessibility for the security community, this program has the potential to become a true benchmark for cybersecurity collaboration.”
Bug bounty programs are great for surfacing all sorts of issues. This is an initiative that I applaud and I hope to see more of going forward.
Leave a comment »