
How Do We Manage Vulnerabilities in the Age of AI?
• 5 min read
AI-assisted development is changing more than how software is written. It might also force us to reconsider the processes we use to identify, track, and manage vulnerabilities.
Articles
Likes on articles
Kathleen Moriarty, founder of SecurityBiaS is technology strategist and board advisor, working with SaaS providers on security to Build-in at Scale benefiting both the provider and their customer base. Adjunct Professor at Georgetown SCS, teaching Security Architecture and Design and Cyber Threat Intelligence. Formerly as the Chief Technology Officer, Center for Internet Security Kathleen defined and led the technology strategy, integrating emerging technologies working with under resourced organisations. Prior to CIS, Kathleen held a range of positions over 13 years at Dell Technologies, including the Security Innovations Principal in Dell Technologies Office of the CTO and Global Lead Security Architect for EMC Office of the CTO working on ecosystems, standards, risk management and strategy. In her early days with RSA/EMC, she led consulting engagements interfacing with hundreds of organisations on security and risk management, gaining valuable insights, managing risk to business needs. During her tenure in the Dell EMC Office of the CTO, Kathleen had the honor of being appointed and serving two terms as the Internet Engineering Task Force (IETF) Security Area Director and as a member of the Internet Engineering Steering Group from March 2014-2018. Named in CyberSecurity Ventures, Top 100 Women Fighting Cybercrime. She is a 2020 Tropaia Award Winner, Outstanding Faculty, Georgetown SCS. Keynote speaker, podcast guest, frequent blogger bridging a translation gap for technical content, conference committee member, and quoted on publications such as CNBC and Wired. Kathleen achieved over twenty five years of experience driving positive outcomes across Information Technology Leadership, short and long-term IT Strategy and Vision, Information Security, Risk Management, Incident Handling, Project Management, Large Teams, Process Improvement, and Operations Management in multiple roles with MIT Lincoln Laboratory, Hudson Williams, FactSet Research Systems, and PSINet. Kathleen holds a Master of Science Degree in Computer Science from Rensselaer Polytechnic Institute, as well as, a Bachelor of Science Degree in Mathematics from Siena College. Published Work: - Transforming Information Security: Optimizing Five Concurrent Trends to Reduce Resource Drain, July 2020.

• 5 min read
AI-assisted development is changing more than how software is written. It might also force us to reconsider the processes we use to identify, track, and manage vulnerabilities.

• 5 min read
Passwords and API keys are giving way to a new generation of short-lived machine credentials. But as non-human identities scale rapidly, the growing question is how much trust and assurance those identities should carry.

• 12 min read
Amidst all the noise around quantum computing, this article aims to help organisations move beyond the hype and focus on practical steps developers and teams can take to prepare for what’s ahead.

• 5 min read
Recent disruption linked to the MUSE cyberattack shows how dependent airports are on shared IT services. This article looks at governance and network design choices that limit blast radius and keep operations running.

• 10 min read
TLS session security isn't just about encryption - it’s about where and how that encryption is terminated. This article explores common risks in TLS deployments and how to align them with modern security principles like Zero Trust.

• 4 min read
Phishing tests are a common cybersecurity practice, but do they truly prepare employees for real-world threats? In some cases, these tests can inadvertently create a false sense of security or even undermine existing security controls.

• 7 min read
Cloud native architecture is a game changer for security at scale. Whether used on-premises or in the cloud, capabilities to ease the management of IT assets are improving. And while there’s a long way to go in simplifying interfaces and reducing skill-set barriers – this too will come in time.

• 4 min read
Ongoing debates on encryption and privacy highlight the complex dance between industry standards and policy. The outcome of these security and surveillance tussles remains open, reflecting the evolving relationship between technology and governance.

• 5 min read
The prolific use of Artificial Intelligence Large Language Models (LLMs) present new challenges we must address and new questions we must answer. For instance, what do we do when AI is wrong?

• 8 min read
The way we defend our systems is shifting right now thanks to a major change to the Transport Layer Protocol (TLS) taking place between the browser and a new device called the client-facing server.