Jamming in a ban on state AI regulation. - CyberWire Daily

Summary9 min read

CyberWire Daily Summary: "Jamming in a Ban on State AI Regulation"

Release Date: May 13, 2025
Host: Dave Buettner
Guests: Laura Enriquez (Outpost 24), Michaelo Steppa (Outpost 24), Noel Russell (AI Leadership Institute)

1. House Republicans' Ban on State AI Regulation

House Republicans have introduced a controversial amendment to the latest budget reconciliation bill that aims to significantly limit state-level regulation of artificial intelligence (AI). Spearheaded by Representative Brett Guthrie, the bill includes a clause that prohibits states from enforcing any AI-related laws for the next decade.

Impact on Existing Laws: If passed, this amendment would invalidate current state regulations in jurisdictions like California and New York, which mandate transparency and bias audits for AI applications in sectors such as healthcare and hiring.
Industry Reaction: Critics argue that this move is a substantial advantage for the AI industry, which has strong connections with former Trump-era officials and has historically resisted regulatory oversight.
Quote: Laura Enriquez of Outpost 24 highlighted the potential consequences, stating at [02:45]:
“This bill could effectively block states from implementing vital safeguards that protect citizens from unregulated AI usage, representing a significant rollback in technology policy.”

2. Spain Investigates Cyber Links in Power Grid Collapse

Spain is scrutinizing whether smaller renewable energy generators played a role in the catastrophic power grid collapse on April 28, which resulted in a 60% reduction in the country's electricity supply.

Focus of Investigation: The National Cybersecurity Institute is examining the cyber defenses of solar and wind operators, specifically looking into remote access protocols and any anomalies in system operations.
Potential Vulnerabilities: The decentralization of Spain’s energy infrastructure, shifting from centralized fossil fuel plants to numerous renewable sites, has increased the number of potential cyberattack vectors. Devices managing energy flow and communication are now critical points of vulnerability.
Quote: Michaelo Steppa emphasized the seriousness of the investigation at [05:30]:
“While no definitive cyberattack has been confirmed, the rapid transition to renewable energy has undeniably expanded the threat landscape, necessitating robust cybersecurity measures across all energy-producing entities.”

3. Major Security Flaw Discovered in Asus Motherboards

A significant security vulnerability has been identified in the automatic update systems of Asus motherboards, specifically affecting the Armory Crate and Driver Hub tools used on both AMD and Intel platforms.

Nature of the Vulnerabilities: Two critical flaws allow remote attackers to manipulate system behavior or gain unauthorized access through crafted HTTP requests. These vulnerabilities stem from software that is auto-installed via the UEFI BIOS using the Windows Platform Binary Table.
Mitigation Steps: Asus has promptly released updates to address these security issues. Users are strongly advised to apply these updates immediately and perform scans of their BIOS files using VirusTotal to detect any potential threats.
Quote: At [08:15], Dave Buettner warned:
“Users must act swiftly to update their systems, as these vulnerabilities could be exploited to compromise critical system functionalities and data integrity.”

4. Emerging macOS Info-Stealing Malware Utilizes PI Installer

Researchers have uncovered a new information-stealing malware targeting macOS systems, which leverages the PI Installer to bypass traditional detection mechanisms.

Malware Characteristics: First detected in January, the malware is packaged within macho binaries and remains undetected by most antivirus solutions. The PI Installer enables the malware to operate without requiring a native Python installation, further enhancing its evasion capabilities.
Functionality: The malware stealthily harvests user credentials through deceptive AppleScript dialogs, extracts data from the keychain, and targets cryptocurrency wallets. It employs multiple layers of obfuscation, including base85 encoding, XOR encryption, and ZLib compression, making detection and analysis challenging.
Security Recommendations: Experts advise users to exercise caution with unsigned executables and be vigilant against unexpected password prompts. Monitoring for PI Installer activity and suspicious environment variables is also recommended as this attack vector gains popularity.
Quote: Michaelo Steppa highlighted the sophistication of the malware at [10:45]:
“The use of PI Installer marks a significant evolution in malware tactics, allowing attackers to maintain a low profile while executing complex data extraction operations on macOS systems.”

5. US Charges 14 North Korean Nationals in IT Job Scheme

The United States has indicted 14 North Korean nationals involved in a remote IT job scheme designed to funnel at least $88 million to the Democratic People’s Republic of Korea (DPRK) over six years.

Modus Operandi: The group established fake companies such as Baby Box Info and Cubixtech US, using these fronts to create fabricated resumes and references. They deployed malware and remote access tools to infiltrate corporate networks, enabling unauthorized financial transfers and data theft.
Global Reach: Infected devices were traced to locations including Pakistan, Nigeria, and Dubai, with evidence of coordination between the operatives and North Korean handlers.
Security Implications: This operation underscores the necessity for enhanced cybersecurity measures and rigorous hiring verifications across various industries to prevent similar infiltration and financial exploitation.
Quote: Laura Enriquez commented on the operation's scale at [12:20]:
“The breadth of this scheme highlights the adaptability of North Korean cyber operations and the critical need for multinational cooperation in combating such threats.”

6. Europe's Cybersecurity Agency Launches European Vulnerability Database

In a significant move to bolster cybersecurity across the European Union, the EU’s cybersecurity agency has inaugurated the European Vulnerability Database (EUVD).

Purpose and Functionality: Developed under the NIS 2 directive, the EUVD serves as a centralized platform for tracking and managing cybersecurity vulnerabilities. It mirrors the functionality of the US National Vulnerability Database, aiming to enhance risk management and transparency within the EU.
Data Integration: The database aggregates information from various sources, including national CERTs, vendors, and established databases like MITRE's CVE and CISA's KEV catalog.
User Access: The EUVD features three distinct dashboards that highlight critically exploited vulnerabilities and those requiring coordinated EU-level responses. Each vulnerability entry provides comprehensive details, including affected products, severity ratings, and recommended mitigation steps.
Quote: Laura Enriquez emphasized the strategic importance of the EUVD at [14:00]:
“With the introduction of the EUVD, Europe takes a proactive stance in cybersecurity, providing a robust tool for stakeholders to effectively manage and respond to emerging threats.”

7. CISA Revises Cybersecurity Alerts Distribution

The Cybersecurity and Infrastructure Security Agency (CISA) has revamped its approach to disseminating cybersecurity updates. Moving forward, only urgent alerts regarding emerging threats or significant cyber activities will be posted on its website. Routine guidance, vulnerability notices, and product warnings will transition to distribution via email, RSS feeds, and the X Twitter platform.

Rationale and Concerns: This shift is believed to stem from budget cuts and staff reductions influenced by Trump-aligned cost-cutting measures. However, this change has sparked concern among cybersecurity experts who argue that reducing the visibility of routine updates could weaken national cybersecurity defenses.
Expert Opinions: Former CISA Director Jen Easterly criticized the move, stating at [15:30]:
“Limiting access to routine security updates undermines our ability to maintain a secure digital environment, as timely information is crucial for proactive defense measures.”
CISA's Response: In response to the backlash, CISA is urging users to subscribe to its email notifications to ensure they remain informed about critical security updates.

8. Arrest Made in DoppelPamer Ransomware Attacks

Authorities in Moldova have apprehended a 45-year-old foreign national suspected of orchestrating DoppelPamer ransomware attacks, including a significant 2021 assault on the Dutch Research Council that resulted in €4.5 million in damages.

Criminal Activities: The suspect is accused of deploying ransomware, executing extortion schemes, and engaging in money laundering activities. During the arrest, law enforcement seized laptops, phones, and approximately €84,800 in cash.
Operational Insights: DoppelPamer, linked to the TA505 cybercrime group, has been active since 2019, targeting critical infrastructure and various sectors through sophisticated ransomware deployments.
Quote: Michaelo Steppa underscored the implications at [17:00]:
“The capture of this individual marks a pivotal victory in the ongoing battle against ransomware threats, demonstrating the effectiveness of international cooperation in cybersecurity enforcement.”

9. Interview: AI Operational Maturity with Noel Russell

Guest: Noel Russell, CEO of the AI Leadership Institute and author of "Scaling Responsible AI: From Enthusiasm to Execution"

In an insightful segment, Noel Russell discusses the importance of scaling responsible AI within enterprises. Highlighting her forthcoming book, she emphasizes the necessity of integrating ethical considerations into the AI development lifecycle.

Key Insights:
- Doers vs. Talkers: Russell advocates for actionable strategies over mere rhetoric in AI deployment, stressing that hands-on experience is crucial for effective implementation.
- Governance and Security: She outlines a four-layer AI Safety System used by industry leaders like Microsoft and Amazon, which begins with the Human AI Experience—ensuring that security, legal compliance, and business objectives are collaboratively defined from the outset.
- System Prompts and Infrastructure: Russell explains how controlled system prompts and transparent infrastructure choices are vital for maintaining AI safety and integrity.
Metaphor of the Baby Tiger: Russell uses the analogy of a baby tiger to describe nascent AI projects, cautioning that without proper oversight, these “tigers” can grow into dangerous entities.
Quote: At [17:45], Russell elucidates her metaphor:
“When you start an AI project, you begin with an adorable, cute little model. But without asking critical questions early on, that baby tiger can grow up to become a threat.”
Human Element: Emphasizing the role of people in fostering a security-conscious AI culture, Russell notes that technology accounts for only a fraction of successful AI implementations. The true challenge lies in cultivating teams that prioritize accuracy, fairness, and security from the project's inception.
Future of AI Governance: She suggests leveraging Large Language Models (LLMs) as integrated security auditors within AI systems to enforce rules and maintain compliance automatically.
Quote: Russell concludes at [20:55]:
“Embedding governance into the very fabric of AI systems ensures that ethical considerations are not an afterthought but a foundational element of AI behavior.”

10. Additional Security Insights

Identity Attack Paths: The summary highlights the increasing threat of identity-based attacks due to poor directory hygiene and technical debt. Spectrops' Bloodhound Enterprise offers solutions for Attack Path Management, enabling organizations to visualize and mitigate potential attack vectors by understanding how adversaries may exploit identity pathways.
iOS Bug Affecting Messages: An unusual iOS bug causes messages containing "Dave and Buster's" to disappear without a trace, a quirk attributed to the system's stringent parsing rules. While not a security threat, it underscores the complexities of iOS's message handling systems.

Conclusion

This episode of CyberWire Daily delves deep into the evolving landscape of cybersecurity and AI regulation. From legislative actions that could stifle state-level AI oversight to intricate malware threats targeting major tech infrastructures, the discussions underscore the critical need for robust security measures and responsible AI deployment. The interview with Noel Russell provides a thought-provoking perspective on integrating ethical frameworks into AI systems, ensuring that technological advancements do not outpace the necessary safeguards. As cyber threats continue to grow in sophistication and reach, the insights shared in this episode equip industry leaders and cybersecurity professionals with the knowledge to navigate and mitigate these challenges effectively.

Notable Quotes:

“This bill could effectively block states from implementing vital safeguards that protect citizens from unregulated AI usage, representing a significant rollback in technology policy.”
— Laura Enriquez, [02:45]
“Users must act swiftly to update their systems, as these vulnerabilities could be exploited to compromise critical system functionalities and data integrity.”
— Dave Buettner, [08:15]
“The use of PI Installer marks a significant evolution in malware tactics, allowing attackers to maintain a low profile while executing complex data extraction operations on macOS systems.”
— Michaelo Steppa, [10:45]
“This bill could effectively block states from implementing vital safeguards that protect citizens from unregulated AI usage, representing a significant rollback in technology policy.”
— Laura Enriquez, [02:45]
“Embedding governance into the very fabric of AI systems ensures that ethical considerations are not an afterthought but a foundational element of AI behavior.”
— Noel Russell, [20:55]

For a comprehensive understanding and continuous updates on the cybersecurity landscape, stay tuned to the CyberWire Daily podcast.

Loading summary

Transcript23 lines

[00:02]
Dave Buettner
You're listening to the Cyberwire Network, powered by N2K. Hey everybody. Dave here. Join me and my guests Outpost 24's Laura Enriquez and Michaelo Steppa on Tuesday, May 13th at noon Eastern time for a live discussion on the biggest threats hitting web applications today and what you can do about them. We're going to talk about why attackers still love Web apps in 2025. The latest threat trends shaping the security landscape, how to spot and prioritize critical vulnerabilities fast, along with scalable practical steps to strengthen your defenses. Again, the webinar is Tuesday, May 13th for our live conversation on the state of modern Web application security. You can register now by visiting events.thecyberwire.com that's events.thecyberwire.Com we'll see you there. Hey everybody, Dave here. I've talked about Deleteme before and I'm still using it because it still works. It's been a few months now and I'm just as impressed today as I was when I signed up. Deleteme keeps finding and removing my personal information from data broker sites, and they keep me updated with detailed reports so I know exactly what's been taken down. I'm genuinely relieved. Knowing my privacy isn't something I have to worry about every day. The Deleteme team handles everything. It's the set it and forget it peace of mind. And it's not just for individuals. Deleteme also offers solutions for businesses, helping companies protect their employees personal information and reduce exposure to social engineering and phishing threats. And right now, our listeners get a special deal 20% off your Delete Me plan. Just go to JoinDelete Me.com N2K and use promo code N2K at checkout. That's JoinDeleteMe.com N2K code N2K House Republicans look to limit state regulation of AI Spain investigates potential cybersecurity weak links in the April 28 power grid collapse, a major security flaw has been found in Asus motherboards Automatic update system a new macOS info stealing malware uses PI installer to evade detection the US charges 14 North Korean nationals in a remote IT job scheme. Europe's cybersecurity agency launches the European vulnerability database. CISA pairs back website security alerts Moldovan authorities arrest a suspect in doppelpamer ransomware attacks on today's threat vector, David Moulton speaks with Noel Russell from the AI Leadership Institute about AI Operational Maturity. And Dave and Buster's invites vanish into the void. It's Tuesday, May 13th, 2025. I'm Dave Buettner and this is your CyberW Intel Briefing. Thanks for joining us here once again. It's always great to have you with us. House Republicans have added controversial language to the new budget reconciliation bill that could severely limit state regulation of artificial intelligence. The bill, introduced by Representative Brett Guthrie, includes a clause barring states from enforcing any AI related laws for 10 years. The sweeping language could nullify existing laws in states like California and New York that require transparency and bias audits for AI tools in healthcare and hiring. Critics argue this is a major gift to the AI industry, which has close ties to Trump era officials and has resisted oversight. If passed, the bill would block states from protecting citizens from unchecked AI use, marking a dramatic shift in tech policy. Spain is investigating whether small renewable energy generators were a cybersecurity weak link in the April 28 power grid collapse that cut 60% of the country's electricity, the Financial Times reports. The National Cybersecurity Institute is questioning solar and wind operators about their cyber defenses, remote access and system anomalies. While no cyber attack has been confirmed, authorities haven't ruled one out, and a judge is now probing that possibility. Spain's shift from centralized fossil fuel plants to thousands of smaller renewable sites has increased potential cyberattack targets. Devices managing energy flow and communication links may offer entry points. Red Electrica, the grid operator, said no attack hit its systems, but flagged risks tied to data gaps from small producers. Despite skepticism from energy experts about the likelihood of a coordinated cyber attack, officials stress that all scenarios remain under review. Spain is investing 1.1 billion euros to boost national cybersecurity across sectors. A major security flaw has been found in Asus Mainboard's automatic update system, affecting Armory Crate and Driver Hub tools on AMD and Intel platforms. Two vulnerabilities allow remote attackers to alter system behavior or access features via crafted HTTP requests. The root issue lies in software auto installed from the UEFI BIOS using Windows platform binary table ASUS has released updates to fix these issues. Users should update immediately and scan BIOS files for threats using VirusTotal. A new info stealing malware targeting macOS systems has been uncovered using PI Installer to evade detection. First spotted in January and analyzed by JAMF Threat Labs, the malware is bundled in macho binaries and remains undetected by most antivirus tools. PI Installer allows the malware to run without a native Python installation, especially effective since Mac OS 12.3 removed. Built in Python, the malware harvests user credentials via fake AppleScript dialogs, extracts data from the keychain and targets crypto wallets. It uses multiple obfuscation layers, including base 85 encoding, XOR encryption, and ZLib compression. The malware's behavior is stealthy, leaving little trace on disk, and operates across Mac architectures. Researchers warn users to be wary of unsigned executables and unexpected password prompts. They recommend monitoring for PI installer activity and suspicious environment variables as this method grows more popular among attackers. Meanwhile, Apple has issued a critical security update for macros sequoia to patch eight major vulnerabilities that could allow malicious apps to access sensitive user data. The flaws affect key components like Apple Intelligence Reports, Core, Bluetooth Finder, and the TCC Privacy Framework. Notable issues include permission bypasses and improper state management that could expose personal data. Though no active exploitation has been reported, security experts warn these flaws underscore growing challenges in maintaining privacy and across complex operating systems. The US has charged 14 North Korean nationals in a scheme that used stolen identities to secure remote IT jobs at US companies, sending at least $88 million to the DPRK over six years. Flashpoint's investigation, based on a DOJ indictment, revealed that the group used fake companies, malware and remote access tools to infiltrate corporate networks. Domains linked to fake firms like Baby Box Info and cubixtech US were used to build fake resumes and references. Infected devices in places like Pakistan, Nigeria and Dubai were found with saved credentials, job board activity, and evidence of coordination with North Korean handlers. Signs included Korean language settings, VPNs masking DPRK connections, and tactics to avoid detection like faking voice calls and smuggling laptops. The findings point to a global operation aimed at stealing money, data and access, reinforcing the need for stronger cybersecurity and hiring verification across industries. Europe's cybersecurity agency has officially launched the European Vulnerability Database, a centralized platform for tracking cybersecurity flaws. Developed under the NIS 2 directive, the EUVD mirrors the US National Vulnerability Database and aims to enhance risk management and transparency across the EU. It gathers data from sources like CCERTs, vendors and databases such as MITRE's CVE and CISA's KEV catalog. Users can access three dashboards highlighting critical exploited and EU coordinated vulnerabilities. Each entry includes details like affected products, severity and mitigation steps. Concerns over the future of the U S based CVE program have increased interest in the EUVD as a stable, independent resource. Enissa says the tool is vital for public users, companies and authorities to better manage threats and respond effectively to known vulnerabilities. CISA announced a major change in how it shares cybersecurity updates. Only urgent alerts about emerging threats or major cyber activity will now appear on its website. Routine guidance, vulnerability notices and product warnings will be distributed via email, RSS and X Twitter. This shift, possibly tied to budget cuts and staff reductions under a Trump aligned cost cutting initiative, has raised concerns among experts. Critics, including former CISA director Jen Easterly, warn that reducing visibility for routine security updates undermines national cybersecurity. The policy reflects a broader trend of federal agencies moving communications to X Twitter despite its limitations. Agencies like the NTSB and Social Security Administration have also begun phasing out traditional press releases and email updates. Observers worry this change favors Elon Musk's platform and limits accessibility to critical public information. CISA urges users to subscribe to its email notifications to stay informed. Moldovan authorities have arrested a 45 year old foreign national suspected of involvement in Doppelpamer ransomware attacks, including a 2021 attack on the Dutch Research Council that caused 4.5 million euros in damages. The suspect, whose identity remains undisclosed, is accused of ransomware deployment, extortion and money laundering. Seized items include laptops, phones and €84,800 in cash. The arrest follows international efforts to dismantle DoppelPamer, a ransomware strain linked to the TA505 group, which has targeted critical infrastructure and multiple sectors since 2019. Coming up after the break, David Moulton speaks with Noel Russell, CEO of the AI Leadership Institute, about AI operational maturity and Dave and Buster's invites vanish into the void.
[13:00]
Noel Russell
Foreign.
[13:11]
Dave Buettner
And now a word from our sponsor, Threat Locker. Keeping your system secure shouldn't mean constantly reacting to threats. Threat Locker helps you take a different approach by giving you full control over what software can run in your environment. If it's not approved, it doesn't run. Simple as that. It's a way to stop ransomware and other attacks before they start, without adding extra complexity to your day. See how ThreatLocker can help you lock down your environment at www.threatlocker.com. let's be real. Navigating security compliance can feel like assembling IKEA furniture without the instructions. You know you need it, but it takes forever and you're never quite sure if you've done it right. That's where Vanta comes in. Vanta is a trust management platform that automates up to 90% of the work for frameworks like SoC2, ISO 27001 and HIPAA. Getting you audit ready in weeks, not months. Whether you're a founder, an engineer, or managing IT and security for the first time, Vanta helps you prove your security posture without taking over your Life. More than 10,000 companies, including names like Atlassian and Quora, trust Vanta to monitor compliance, streamline risk, and speed up security reviews by up to five times and the roi, A recent IDC report found Vanta saves businesses over half a million dollars a year and pays for itself in just three months. For a limited time, you can get $1,000 off vanta@vanta.com cyber that's v a n t a dot com cyber on today's threat Vector segment, host David Moulton speaks with Noel Russell, CEO of the AI Leadership Institute about how to scale responsible AI in the enterprise.
[15:27]
David Moulton
Hi, I'm David Moulton, host of the Threat Vector podcast where we discuss pressing cybersecurity threats and resilience and uncover insights into the latest industry trends. In my latest episode, I sat down with Noel Russell, Founder and Chief AI Officer at AI Leadership Institute, to talk about how to scale responsible AI in the enterprise. Noel's advice? Be a doer, not a talker. In a world racing to adopt AI, It's a reminder that hands on experience matters more than hype and that early decisions about accuracy, fairness and security can have long lasting consequences. This episode will help you ask better questions, close blind spots and move forward with confidence. Check out the episode wherever you listen to podcasts.
[16:13]
Noel Russell
Foreign.
[16:19]
David Moulton
Noel is a multi award winning futurist and an executive AI strategist whose career spans roles at Amazon, Alexa, aws, Microsoft, IBM, Accenture and npr. And now she's the author of a powerful new book, Scaling Responsible AI From Enthusiasm to Execution, where she outlines the framework and principles that organizations can use to scale AI ethically, securely and effectively. I downloaded the PDF copy of the book and got into it as far as I could before I said, you know what, I need to have a conversation with you about it. And today we're going to talk about AI leadership going from prototyping into production and then how organizations can rapidly adopt what they're doing in generative AI. And what is the tipping point that balancing innovation with risk, speed and responsibility. So Noel, your book Scaling Responsible AI from Enthusiasm to Execution. I think it's already making waves and I especially liked your baby tiger metaphor. And I see you've got your baby tiger with you today.
[17:31]
Noel Russell
Bruiser.
[17:32]
David Moulton
Bruiser. I love the framing. It's both cute, but you know baby tigers are dangerous if mishandled. Can you tell Us where that analogy came from and what you want business leaders to take away from that analogy.
[17:45]
Noel Russell
Absolutely. It actually came from my journey, as you mentioned. Yes, I've worked at a lot of companies. The interesting thing about my career is that I always at the, I end up at these companies before they've done a thing, before they've gone into the world of Amazon Alexa or before they've launched cognitive services at Microsoft. And so I was at Microsoft, I was hired to help the research organization Productize AI. So they had 17 research models that were going to be in my purview. And I immediately thought of them like I would use the term herding cats. And so herding cats kind of transformed into this concept of a tiger because cats aren't that fierce and I'm a cat owner, but you know, like, you don't want a bunch of cats around, but they're more a nuisance than like a danger.
[18:27]
Dave Buettner
Right.
[18:27]
Noel Russell
And so I realized, like, I needed to change that a little bit. And so we ended up with a tiger. And that metaphor though, has now become even more interesting over time because now we're looking at. You know, I always will tell people, when you start an AI project, you start with this like adorable, cute little model that you think, you know, it does novel things, trite things, it's exciting, everyone loves it, people want to be on the team. And then at some point you're hoping someone will go, wow, baby tiger. Like how big are you going to be? Or what are you going to eat? Or you have razor sharp teeth. Like, how much do you have to eat? Where are you going to live? What happened when I don't want you anymore? Like, no one asked that in baby tiger mode. And so that's how this book was created was literally I was like, what happens when, like it's still a baby tiger but like nobody's asking these questions.
[19:14]
David Moulton
So what happens when it grows up?
[19:16]
Noel Russell
Yes. How do we, you know, avoid that? Yeah. Baby tigers become big tigers and big tigers eat people. Right. Like so.
[19:23]
David Moulton
Yep.
[19:24]
Noel Russell
Let's be careful.
[19:27]
David Moulton
Well, let's, let's talk about the, the human element of responsible AI. You emphasize that people, not just the technology, are the key to responsible AI. What's the role of a security culture in helping AI succeed at scale?
[19:42]
Noel Russell
So in this case, you know, we kind of look at that weaving. I like that you said the DNA. I haven't used that analogy in a while, but it is like it has to be part of the DNA, has to be woven into the fabric of these projects. So now all of a sudden, which is why most of the time, the technology part is probably 25% of what I do when I go to an organization, help them build a solution or deploy a solution. The tech is usually not the hard, hard part. The hard part is how do you get a team of people that are going to care about all the things that we've shared that are going to care about accuracy and fairness and security, and how do you get them into that project early enough to ensure that you've built it into the model's behavior, not just bundled it on. That's why governance is required, but it's not enough, because you can just change your governance policies or worse, get acquired by a company that completely dismantles your governance process. Then what are you going to do? So it needs to be built in. And that's the beauty of having LLMs as part of your infrastructure. So I'll encourage, you know, you just. If we expand our mind and think about how do we use an LLM to actually be the security auditor in these systems and embed it into the deployed feature. So now when you get that feature, an LLMs built in, to say, oh, no, these are the rules by which I'm abided.
[20:55]
David Moulton
Yeah.
[20:55]
Noel Russell
And there's a framework called the AI Safety system, and Microsoft and Amazon both use it. I think Microsoft's the only one that's kind of called it out, that this is what they do intentionally. But that safety system is like four layers. And it starts with the human AI experience, which is like, that's when you involve security, legal compliance, everyone's in the room, plus the line of business owners, plus the engineers. And you're like, what are we trying to do? And this is when you define delegation, what's the AI going to do? What are the humans going to do? This is like the Skynet moment, right? When you decide if you want to can you give everything to the AI? You could. It'll hurt you, baby tiger, right? But most organizations are like, no, there's stuff I want to keep. And usually security is one of those things. Accuracy is one, fairness is one. So there are certain things. But once that human AI experience is defined, that's not a technical problem, that's like a designer problem. So you have these user experience designers designing how AI will be integrated into a workflow or process. The next thing is the system prompt is realizing with every machine you deploy, you have the ability to control, control the way it operates. Most people, when they think prompt engineering, they're thinking the prompts they use to ask their questions. But this is the prompt that's used to tell the bot how to answer the questions. And that's completely controlled. And most context windows for that. It's like 375,000 characters. That's a lot of space for you to. And I go in. That's the first thing I do in an executive briefing when they're like, yeah, we're using AI. I'm like, great, let's take a look at one. And I go into the configuration of the system prompt, and it's like, you are a bot that does blah, blah, blah. Does it? And I'm pretty sure it's a default setting. I mean, it's not uncommon to many of these security things. You walk in, you're like, you know, we wrote a book on this. There's a document on this. Like, it's well documented, but people just won't do it. Many reasons. Time, resources. But now you can build an LLM that will infuse it into the life of your systems. And feature releases like, there's no excuses now and then, just quickly. The last two are less controlled. One model selection. So we talked about helm, right? Picking the right model for the right task. And then the last one is infrastructure, which, again, we're getting deeper and deeper. So if you're not building a model, you won't get to choose the infrastructure it runs on. But you should know, like, are you running on Amazon? Are you running on Microsoft? Are you running on Google? Are you running on hardware in your basement? Are you good at that? Have you ever built a NIC card? Like, nobody you know asks these questions.
[23:20]
David Moulton
Yeah, how far down the stack do you want to go? But you should know.
[23:22]
Noel Russell
But you should know, like, or at least they should be transparent about it. Like, even if they. They have what are called system cards. So I was just speaking with the CISO at Anthropic and Meta at the event here, and they both were like, we have system cards. And they monitor how many people read them. And it's like less than 1% of people who use their systems go to that page and download their system cards. Not because they didn't publish it, not because they didn't say, we're responsible. Here you go. Explainability. People aren't even asking the question foreign.
[23:58]
David Moulton
If you like what you've heard, catch the full episode now in your Threat Vector podcast feed. It's called how to scale responsible AI in the enterprise, released May 6.
[24:17]
Dave Buettner
And be sure to check out the complete Threat Vector podcast right here on the N2K CyberWire Network or wherever you get your favorite podcasts. What's the common denominator in security incidents? Escalations and lateral movement. When a privileged account is compromised, attackers can seize control of critical assets with bad directory hygiene and years of technical debt. Identity Attack Paths are easy targets for threat actors to exploit, but hard for defenders to detect. This poses risk in active directory, Entra ID and hybrid configurations. Identity leaders are reducing such risks with Attack Path Management. You can learn how Attack Path Management is connecting identity and security teams while reducing risk with Bloodhound Enterprise powered by Spectrops. Head to Spectrops IO today to learn more. Spectrops See your attack paths the way adversaries do and finally, a recent episode of the Search Engine podcast tackled an absurd but very real iOS bug. Say the phrase Dave and Busters in an audio message and poof. The message vanishes into the void. It never reaches the recipient, leaving only a ghostly typing animation behind. It's all thanks to iOS's hypervigilant blast door service. Turns out the transcription engine hears Dave and Busters transcribes it with an ampersand and forgets to properly escape it. In xhtml, the poor parser sees the rogue ampersand, panics, and nopes out crashing the message. Basically, Apple's message security is so strict it breaks over the mention of a popular sports bar. The bug isn't dangerous, it's actually a sign that Blast Door is doing its job. But still, maybe don't invite anyone to Dave and Buster's via voice message unless you want your plans to mysteriously disappear. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com Nduquet's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Keltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. And now, a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization, traditional defenses can't keep up. Spy Cloud's Holistic Identity Threat Protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing to neutralize identity based threats like account takeover, fraud and ransomware. Don't let invisible threats compromise your business. Get your free corporate Darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire.