Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Automation. Show all posts
Technology
AI Automation Industry Innovation OT security Technology

Rewiring OT Security: AI Turns Data Overload into Smart Response

 

Artificial intelligence is fundamentally transforming operational technology (OT) security by shifting the focus from reactive alerts to actionable insights that strengthen industrial resilience and efficiency.

OT environments—such as those in manufacturing, energy, and utilities—were historically designed for reliability, not security. As they become interconnected with IT networks, they face a surge of cyber vulnerabilities and overwhelming alert volumes. Analysts often struggle to distinguish critical threats from noise, leading to alert fatigue and delayed responses.

AI’s role in contextual intelligence

The adoption of AI is helping bridge this gap. According to Radiflow’s CEO Ilan Barda, the key lies in teaching AI to understand industrial context—assessing the relevance and priority of alerts within specific environments. 

Radiflow’s new Radiflow360 platform, launched at the IT-SA Expo, integrates AI-powered asset discovery, risk assessment, and anomaly detection. By correlating local operational data with public threat intelligence, it enables focused incident management while cutting alert overload dramatically—improving resource efficiency by up to tenfold.

While AI enhances responsiveness, experts warn against overreliance. Barda highlights that AI “hallucinations” or inaccuracies from incomplete data still require human validation. 

Fujitsu’s product manager Hill reinforces this, noting that many organizations remain cautious about automation due to IT-OT communication gaps. Despite progress, widespread adoption of AI in OT security remains uneven; some firms use predictive tools, while others still react post-incident.

Double-edged nature of AI

AI’s dual nature poses both promise and peril. It boosts defenses through faster detection and automation but also enables adversaries to launch more precise attacks. Incomplete asset inventories further limit visibility—without knowing what devices exist, even the most advanced AI models operate with partial awareness. Experts agree that comprehensive visibility is foundational to AI success in OT.

Ultimately, the real evolution is philosophical: from detecting every alert to discerning what truly matters. AI is bridging the IT-OT divide, enabling analysts to interpret complex industrial signals and focus on risk-based priorities. The goal is not to replace human expertise but to amplify it—creating security ecosystems that are scalable, sustainable, and increasingly proactive.
Read more »
Technology
agentic AI Automation Customer Indian Companies Marketing Technology

Marketing in India Is Getting an AI Upgrade – Here’s How



A transformation is underway in Indian marketing, though it is not being announced with glossy campaigns or loud product launches. Instead, it is taking shape quietly inside dashboards, chatbots, and automation platforms. The driver of this shift is “agentic AI” – software agents that do more than respond to instructions. They can plan, decide, and act with limited human prompting, and in doing so, they are redefining everyday marketing work.


From automation to autonomy

For years, companies used automation to schedule campaigns or process large datasets. Agentic AI moves beyond that. These systems manage workflows end-to-end, such as handling customer queries on WhatsApp, sending reminders at the right moment, or guiding a new customer through onboarding without human intervention. Early adopters report measurable results, including faster response times, higher campaign click-through rates, and grave time savings for marketing teams.

The advantage is not in flashy outcomes, but in fixing everyday problems that previously consumed entire teams. By taking on repetitive execution, these systems allow marketers to focus on strategy, creativity, and customer storytelling.


The three phases of adoption

Analysts describe agentic AI adoption in three stages.

Phase 1: Humans lead, with AI acting as an assistant, offering prompts and helping structure workflows.

Phase 2: Humans and AI agents work together, with agents acting as digital colleagues that can run their own processes.

Phase 3: Humans set strategy and direction, while agents execute, monitor, and report back, stepping in only when exceptions arise.

Indian firms are gradually moving from Phase 1 to Phase 2, with a few early leaders experimenting with Phase 3 models. This evolution requires employees to act less like operators and more like “agent managers,” overseeing performance and guiding outcomes.


Solving India’s unique challenges

The Indian market has particular complexities that make this shift of great importance. Agentic AI is being used to handle multilingual customer intent, to improve cash-on-delivery fraud checks, and to map diverse product ranges for quick discovery. These are not headline-grabbing functions, but they are the foundation of smoother customer experiences and stronger business performance.

The country’s digital scale makes even small improvements matter. With more than 800 million internet users and billions of monthly digital transactions, a one percent lift in engagement or conversion can translate into millions in revenue. Agentic AI’s ability to personalise communication in regional languages, adjust offers to local contexts, and time campaigns more precisely is proving especially valuable.


Balancing efficiency with trust

Despite these benefits, there are serious risks. Over-automation can make customer interactions feel mechanical or impersonal, undermining brand trust. AI systems trained on non-Indian data risk cultural missteps or bias. And with the Digital Personal Data Protection (DPDP) Act now in place, firms must be transparent about how customer data is collected and used.

Experts caution that companies must not treat AI as a replacement for human judgment. Indian marketing has always thrived on creativity, emotion, and cultural nuance – qualities that machines cannot replicate. The most successful organisations will treat agentic AI as an accelerator, not a substitute, ensuring humans remain in the loop for strategy, empathy, and storytelling.

The coming two years will be decisive. Businesses that invest now in agent platforms, employee training, and responsible guardrails are likely to gain a competitive edge as adoption becomes mainstream. Those who rely on AI only for cost-cutting, without focusing on customer trust or data protection, may risk losing credibility and market share.

For consumers, the change will likely feel subtle but impactful. Service queries will be answered more quickly, product recommendations will become more relevant, and campaigns will appear in local languages with cultural sensitivity. At the same time, human marketers will continue to shape the big ideas, emotional narratives, and ethical safeguards that AI cannot provide.

Agentic AI is not replacing marketing teams; it is redefining their roles. The future of Indian marketing lies in this partnership – where machines handle the execution, and people bring the judgment, creativity, and trust that truly connect with customers.


Read more »
validation
Automation Compliance Cybersecurity Data Breach Downtime Encryption Infrastructure PenTesting Risk validation

Pentera Report: 67% of Companies Hit by Data Breaches in Past Two Years

 

A new study by Pentera reveals that 67% of organizations have experienced a data breach in the last 24 months — with 24% affected in the past year, and 43% reporting incidents within the previous 12 months.

The most common consequence of these breaches was unplanned downtime, affecting 36% of companies. In addition, 30% faced data compromise, while 28% incurred financial losses, emphasizing the growing risk and impact of security failures.

Among the organizations that shared the breach aftermath, a startling 76% said the incidents affected the confidentiality, integrity, or availability of their data. Only 24% reported no significant consequences.

Confidence in government-led cybersecurity efforts is also alarmingly low. Just 14% of cybersecurity leaders said they trust the support provided. Although 64% of CISOs acknowledged receiving some level of help, many feel it’s not enough to safeguard the private sector.

To strengthen cyber defenses, U.S. enterprises are spending an average of $187,000 a year on penetration testing, which simulates cyberattacks to uncover system vulnerabilities. This figure makes up just over 10% of the overall IT security budget, yet over 50% of CISOs plan to increase this allocation in 2025.

Still, companies are making system changes — such as new users, configuration updates, and permission modifications — much more frequently than they validate security. The report highlights that 96% of U.S. organizations update infrastructure quarterly, but only 30% test their defenses at the same pace.

“The pace of change in enterprise environments has made traditional testing methods unsustainable,” said Jason Mar-Tang, Field CISO at Pentera.
“96% of organizations are making changes to their IT environment at least quarterly. Without automation and technology-driven validation, it's nearly impossible to keep up. The report’s findings reinforce the need for scalable security validation strategies that meet the speed and complexity of today’s environments.”
Read more »
Trust
AI Automation Biometrics consent Cybersecurity Data Ethics Intelligence Privacy Regulation Security surveillance Technology Transparency Trust

Public Wary of AI-Powered Data Use by National Security Agencies, Study Finds

 

A new report released alongside the Centre for Emerging Technology and Security (CETaS) 2025 event sheds light on growing public unease around automated data processing in national security. Titled UK Public Attitudes to National Security Data Processing: Assessing Human and Machine Intrusion, the research reveals limited public awareness and rising concern over how surveillance technologies—especially AI—are shaping intelligence operations.

The study, conducted by CETaS in partnership with Savanta and Hopkins Van Mil, surveyed 3,554 adults and included insights from a 33-member citizens’ panel. While findings suggest that more people support than oppose data use by national security agencies, especially when it comes to sensitive datasets like medical records, significant concerns persist.

During a panel discussion, investigatory powers commissioner Brian Leveson, who chaired the session, addressed the implications of fast-paced technological change. “We are facing new and growing challenges,” he said. “Rapid technological developments, especially in AI [artificial intelligence], are transforming our public authorities.”

Leveson warned that AI is shifting how intelligence gathering and analysis is performed. “AI could soon underpin the investigatory cycle,” he noted. But the benefits also come with risks. “AI could enable investigations to cover far more individuals than was ever previously possible, which raises concerns about privacy, proportionality and collateral intrusion.”

The report shows a divide in public opinion based on how and by whom data is used. While people largely support the police and national agencies accessing personal data for security operations, that support drops when it comes to regional law enforcement. The public is particularly uncomfortable with personal data being shared with political parties or private companies.

Marion Oswald, co-author and senior visiting fellow at CETaS, emphasized the intrusive nature of data collection—automated or not. “Data collection without consent will always be intrusive, even if the subsequent analysis is automated and no one sees the data,” she said.

She pointed out that predictive data tools, in particular, face strong opposition. “Panel members, in particular, had concerns around accuracy and fairness, and wanted to see safeguards,” Oswald said, highlighting the demand for stronger oversight and regulation of technology in this space.

Despite efforts by national security bodies to enhance public engagement, the study found that a majority of respondents (61%) still feel they understand “slightly” or “not at all” what these agencies actually do. Only 7% claimed a strong understanding.

Rosamund Powell, research associate at CETaS and co-author of the report, said: “Previous studies have suggested that the public’s conceptions of national security are really influenced by some James Bond-style fictions.”

She added that transparency significantly affects public trust. “There’s more support for agencies analysing data in the public sphere like posts on social media compared to private data like messages or medical data.”
Read more »
Technology
AI Automation Business Enterprise Organization security Technology

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Threat Alert: Hackers Using AI and New Tech to Target Businesses

Hackers are exploiting the advantages of new tech and the availability of credentials, commercial tools, and other resources to launch advanced attacks faster, causing concerns among cybersecurity professionals. 

Global Threat Landscape Report 2025

The 2025 Global Threat Landscape Report by FortiGuard Labs highlights a “dramatic escalation in scale and advancement of cyberattacks” due to the fast adoption of the present hostile tech and commercial malware and attacker toolkits.  

According to the report, the data suggests cybercriminals are advancing faster than ever, “automating reconnaissance, compressing the time between vulnerability disclosure and exploitation, and scaling their operations through the industrialization of cybercrime.”

According to the researchers, hackers are exploiting all types of threat resources in a “systematic way” to disrupt traditional advantages enjoyed by defenders. This has put organizations on alert as they are implementing new defense measures and leveling up to mitigate these changing threats. 

Game changer AI

AI has become a key tool for hackers in launching phishing attacks which are highly effective and work as initial access vectors for more harmful attacks like identity theft or ransomware.

A range of new tools such as WormGPT and FraudGPT text generators; DeepFaceLab and Faceswap deepfake tools; BlackmailerV3, an AI-driven extortion toolkit for customizing automatic blackmail emails, and AI-generated phishing pages like Robin Banks and EvilProxy, making it simple for threat actors to make a swift and dirty cybercrime business. 

The report highlights that the growing cybercrime industry is running on “cheap and accessible wins.” With AI evolving, the bar has dropped for cybercriminals to access tactics and intelligence needed for cyberattacks “regardless of an adversary's technical knowledge.”

These tools also allow cybercriminals to build better and more convincing phishing threats and scale a cybercriminal enterprise faster, increasing their success rate. 

Attackers leveraging automated scanning

Attackers are now using automated scanning for vulnerable systems reaching “unprecedented levels” at billions of scans per month, 36,000 scans every second. The report suggests a yearly rise in active scanning to 16.7%. The defenders have less time to patch vulnerable systems due to threat actors leveraging automation, disclosing security loopholes impacting organizations. 

According to researchers, “Tools like SIPVicious and commercial scanning tools are weaponized to identify soft targets before patches can be applied, signaling a significant 'left-of-boom' shift in adversary strategy.”

Read more »
Technology
Automation Cybersecurity Infrastructure Innovation Integration Manufacturing Technology

Critical Infrastructure at Risk: Why OT-IT Integration is Key to Innovation and Cybersecurity

 

As cyberattacks grow more advanced, targeting the essential systems of modern life—from energy pipelines and manufacturing plants to airports and telecom networks—governments are increasing pressure on industries to fortify their digital and physical defenses.

A series of high-profile breaches, including the shutdown of Seattle’s port and airport and disruptions to emergency services in New York, have triggered calls for action. As early as 2020, agencies like the NSA and CISA urged critical infrastructure operators to tighten their cybersecurity frameworks.

Despite this, progress has been gradual. Many businesses remain hesitant due to perceived costs. However, experts argue that merging operational technology (OT)—which controls physical equipment—with information technology (IT)—which manages digital systems—offers both protection and growth potential.

This fusion not only enhances reliability and minimizes service interruptions, but also creates opportunities for innovation and revenue generation, as highlighted by experts in a recent conversation with CIO Upside.

“By integrating (Internet-of-Things) and OT systems, you gain visibility into processes that were previously opaque,” Sonu Shankar, chief product officer at Phosphorus, told CIO Upside. Well-managed systems are a “launchpad for innovation,” said Shankar, allowing enterprises to make use of raw operational data.

“This doesn’t just facilitate operational efficiencies — it would potentially generate new revenue streams born from integrated visibility,” Shankar added.

Understanding OT and Its Role

Operational technology refers to any hardware or system essential to a business’s core services—such as factory machinery, production lines, logistics hubs, and even connected office devices like smart printers.

Upgrading these legacy systems might seem overwhelming, particularly for industries reliant on outdated hardware. But OT-IT convergence doesn’t have to be expensive. In fact, several affordable and scalable solutions already exist.

Technologies such as network segmentation, zero trust architecture, and cloud-based OT-IT platforms provide robust protection and visibility:

Network segmentation breaks a primary network into smaller, isolated units—making it harder for unauthorized users to access critical systems.

Zero trust security continuously verifies users and devices, reducing the risks posed by human error or misconfigurations.

Cloud platforms offer centralized insights, historical logs, automated system upkeep, and AI-powered threat detection—making it easier to anticipate and prevent cyber threats.

Fused OT-IT environments lay the groundwork for faster product development and better service delivery, said James McQuiggan, security awareness advocate at KnowBe4.

“When OT and IT systems can communicate effectively and securely across multiple platforms and teams, the development cycle is more efficient and potentially brings products or services to market faster,” he said. “For CIOs, they are no longer just supporting the business, but shaping what it will become.”

As digital threats escalate and customer expectations rise, the integration of OT and IT is no longer optional—it’s a strategic imperative for security, resilience, and long-term growth
Read more »
Vulnerabilities
Automation Backup Cyber Security Exploits Infrastructure Vulnerabilities

CISA Highlights Major Vulnerabilities in Critical Infrastructure Systems

 

The Cybersecurity and Infrastructure Security Agency (CISA) has released two significant advisories focused on Industrial Control Systems (ICS), urging swift action from organizations operating within vital infrastructure sectors. These advisories—ICSA-25-091-01 and ICSA-24-331-04—highlight newly discovered vulnerabilities that could pose severe threats if left unaddressed.

ICSA-25-091-01 focuses on a critical vulnerability affecting Rockwell Automation's Lifecycle Services, which integrate with Veeam Backup and Replication. This issue stems from improper deserialization of untrusted data (CWE-502)—a known risk that allows remote attackers to execute malicious code. The flaw has received a CVSS v4 score of 9.4, indicating a high-severity, low-complexity threat that is remotely exploitable.

Impacted products include:

  • Industrial Data Center (IDC) with Veeam (Generations 1-5)
  • VersaVirtual Appliance (VVA) with Veeam (Series A-C)
If exploited, the vulnerability could give attackers with admin rights full access to execute arbitrary code, potentially leading to complete system takeover.

"CISA urges organizations to take immediate defensive measures to mitigate the risk, including:
• Minimizing network exposure for all control systems and ensuring they are not directly accessible from the internet.
• Using secure access methods like Virtual Private Networks (VPNs) when remote access is necessary.
• Keeping VPNs up to date to prevent vulnerabilities from being exploited."

Rockwell Automation is collaborating with CISA to inform affected clients—especially those under Infrastructure Managed Service contracts—about available patches and remediation steps.

ICSA-24-331-04 draws attention to multiple security flaws in Hitachi Energy’s MicroSCADA Pro/X SYS600, a system widely used in energy and manufacturing sectors. These vulnerabilities include improper query logic handling, session hijacking via authentication bypass, and path traversal risks.

The most critical issue, CVE-2024-4872, carries a CVSS v3 score of 9.9, making it one of the most severe. It enables attackers with valid credentials to inject harmful code into the system, risking unauthorized access and corruption of persistent data.

Other issues include:
  • CVE-2024-3980: Lack of proper file path limitations
  • Exposure to further system compromise if not promptly patched
"Hitachi Energy has released patches for the affected versions, including a critical update to Version 10.6 for MicroSCADA Pro/X SYS600. Users are also advised to apply necessary workarounds and stay updated with security patches to protect against exploitation."

CISA strongly advises organizations using these systems to implement all recommended mitigations without delay to minimize potential risks.
Read more »
Data Analytics
Automation cyber resilience Cyber Security Cyber Security Tool cybersecurity best practices Cybersecurity Experts Data Analytics

Integrating Human Expertise and Technology for Robust Cybersecurity

 

In today’s complex digital landscape, the role of human expertise in cybersecurity remains indispensable. Two pivotal approaches — human-led security testing and human-centric cybersecurity (HCC) — have gained prominence, each contributing distinct strengths. However, these strategies often function in silos, creating fragmented defenses. To achieve comprehensive cyber resilience, organizations must integrate these methods with advanced technologies like automation and data analytics.

Human-led security testing leverages the intuition and expertise of cybersecurity professionals. Ethical hackers and penetration testers bring invaluable insights, uncovering vulnerabilities that automated tools may overlook. Their ability to simulate real-world attack scenarios allows organizations to anticipate and neutralize sophisticated cyber threats dynamically. This approach ensures tailored defenses capable of adapting to specific challenges.

On the other hand, human-centric cybersecurity (HCC) focuses on empowering end users by designing security measures that align with their behaviours and limitations. Traditional tools often burden users with complexity, leading to risky workarounds. HCC addresses this by creating intuitive, accessible solutions that seamlessly integrate into daily workflows. When users perceive these measures as helpful rather than obstructive, compliance improves, enhancing overall security frameworks.

Technology acts as a vital bridge between these human-driven approaches. Automation and data analytics provide scalability and efficiency, handling repetitive tasks and processing vast data volumes. Real-time threat intelligence and continuous monitoring enable organizations to identify and respond to emerging risks quickly. This technological backbone allows human experts to focus on addressing complex, strategic challenges.

Integrating these elements fosters a proactive security culture where people, not just systems, are central to defense strategies. Educating employees, conducting regular threat simulations, and promoting secure behaviors through incentives help build shared responsibility for cybersecurity. Research forecasts that by 2027, half of large enterprises will adopt HCC strategies, prioritizing security behavior and culture programs (SBCPs). These initiatives utilize simulations, automation, and analytics to encourage informed decision-making and enhance incident reporting.

A holistic cybersecurity approach blends human intuition, user-friendly processes, and technology-driven efficiency. Human-led testing uncovers evolving threats, while HCC empowers employees to respond confidently to risks. Automation and analytics amplify these efforts, providing actionable insights and driving continuous improvements. Together, these elements create a robust, forward-thinking cybersecurity environment capable of meeting the challenges of an ever-evolving digital world.

Read more »
System Vulnerability
Automation Jenkins malware Ransomware System Vulnerability

Critical Jenkins RCE Vulnerability: A New Target for Ransomware Attacks


Recently, the CISA (Cybersecurity and Infrastructure Security Agency) warned about a critical remote code execution (RCE) vulnerability in Jenkins, a widely used open-source automation server. This vulnerability, CVE-2024-23897, has been actively exploited in ransomware attacks, posing a significant risk to organizations relying on Jenkins for their continuous integration and continuous delivery (CI/CD) processes.

Understanding the Vulnerability

The Jenkins RCE vulnerability stems from a flaw in the args4j command parser, a library used by Jenkins to parse command-line arguments. This flaw allows attackers to execute arbitrary code on the Jenkins server by sending specially crafted requests. The vulnerability can also be exploited to read arbitrary files on the server, potentially exposing sensitive information.

The args4j library is integral to Jenkins’ functionality, making this vulnerability particularly concerning. Attackers exploiting this flaw can gain full control over the Jenkins server, enabling them to deploy ransomware, steal data, or disrupt CI/CD pipelines. Given Jenkins’ widespread use in automating software development processes, the impact of such an exploit can be far-reaching.

The Impact of Exploitation

The exploitation of the Jenkins RCE vulnerability has already been observed in several ransomware attacks. Ransomware, a type of malware that encrypts a victim’s data and demands payment for its release, has become a prevalent threat in recent years. By exploiting the Jenkins vulnerability, attackers can access critical infrastructure, encrypt valuable data, and demand ransom payments from affected organizations.

The consequences of a successful ransomware attack can be devastating. Organizations may face significant financial losses, operational disruptions, and reputational damage. In some cases, the recovery process can be lengthy and costly, further exacerbating the impact of the attack. As such, it is crucial for organizations using Jenkins to take immediate action to mitigate the risk posed by this vulnerability.

What to do?

  • Ensure that Jenkins and all installed plugins are updated to the latest versions. The Jenkins community regularly releases security updates that address known vulnerabilities. Keeping the software up-to-date is a critical step in protecting against exploitation.
  • Apply any available security patches for the args4j library and other components used by Jenkins. These patches are designed to fix vulnerabilities and should be applied as soon as they are released.
  • Limit network access to Jenkins servers to only trusted IP addresses. By restricting access, organizations can reduce the attack surface and prevent unauthorized users from exploiting the vulnerability.
  • Use strong authentication mechanisms, such as multi-factor authentication (MFA), to secure access to Jenkins servers. MFA adds an additional layer of security, making it more difficult for attackers to gain unauthorized access.
  • Regularly monitor Jenkins logs and network traffic for signs of suspicious activity. Early detection of potential exploitation attempts can help organizations respond quickly and mitigate the impact of an attack.
  • Ensure that critical data is regularly backed up and stored securely. In the event of a ransomware attack, having reliable backups can facilitate data recovery without paying the ransom.

Read more »
Vulnerability management
AI Automation Cyber Threats Technology Vulnerability management

AI and Vulnerability Management: Industry Leaders Show Positive Signs

AI and Vulnerability Management: Industry Leaders Show Positive Signs

Positive trend: AI and vulnerability management

We are in a fast-paced industry, and with the rise of technological developments each day, the chances of cyber attacks always arise. Hence, defense against such attacks and cybersecurity becomes paramount. 

The latest research into the cybersecurity industry by Seemplicity revealed that 91% of participants claim their security budget is increasing this year. It shows us the growing importance of cybersecurity in organizations.

Understanding report: An insight into industry leaders' mindset

A survey of 300 US cybersecurity experts to understand views about breathing topics like automation, AI, regulatory compliance, vulnerability and exposure management. Organizations reported employing 38 cybersecurity vendors, highlighting sophisticated complexity and fragmentation levels within the attack surfaces. 

The fragmentation results in 51% of respondents feeling high levels of noise from the tools, feeling overwhelmed due to the traffic of notifications, alerts, and findings, most of which are not signaled anywhere. 

As a result, 85% of respondents need help with handling this noise. The most troubling challenge reported being slow or delayed risk reduction, highlighting the seriousness of the problem, because of the inundating noise slowing down effective vulnerability identification and therefore caused a delay in response to threats. 

Automation and vulnerability management on the rise

97% of respondents cited methods (at least one) to control noise, showing acceptance of the problem and urgency to resolve it. 97% showed some signs of automation, hinting at a growth toward recognizing the perks of automation in vulnerability and exposure management. The growing trend towards automation tells us one thing, there is a positive adoption response. 

However, 44% of respondents still rely on manual methods, a sign that there still exists a gap to full automation.

But the message is loud and clear, automation has helped in vulnerability and exposure management efficiency, as 89% of leaders report benefits, the top being a quicker response to emergency threats. 

AI: A weapon against cyber threats

The existing opinion (64%) that AI will be a key force against fighting cyber threats is a positive sign showing its potential to build robust cybersecurity infrastructure. However, there is also a major concern (68%) about the effects of integrating AI into software development on vulnerability and exposure management. AI will increase the pace of code development, and the security teams will find it difficult to catch up. 

Read more »
Technology
AI Automation Cyber Threats Security survey Technology

AI's Rapid Code Development Outpaces Security Efforts

 


As artificial intelligence (AI) advances, it accelerates code development at a pace that cybersecurity teams struggle to match. A recent survey by Seemplicity, which included 300 US cybersecurity professionals, highlights this growing concern. The survey delves into key topics like vulnerability management, automation, and regulatory compliance, revealing a complex array of challenges and opportunities.

Fragmentation in Security Environments

Organisations now rely on an average of 38 different security product vendors, leading to significant complexity and fragmentation in their security frameworks. This fragmentation is a double-edged sword. While it broadens the arsenal against cyber threats, it also results in an overwhelming amount of noise from security tools. 51% of respondents report being inundated with alerts and notifications, many of which are false positives or non-critical issues. This noise significantly hampers effective vulnerability identification and prioritisation, causing delays in addressing real threats. Consequently, 85% of cybersecurity professionals find managing this noise to be a substantial challenge, with the primary issue being slow risk reduction.

The Rise of Automation in Cybersecurity

In the face of overwhelming security alerts, automation is emerging as a crucial tool for managing cybersecurity vulnerabilities. According to a survey by Seemplicity, 95% of organizations have implemented at least one automated method to manage the deluge of alerts. Automation is primarily used in three key areas:

1. Vulnerability Scanning: 65% of participants have adopted automation to enhance the precision and speed of identifying vulnerabilities, significantly streamlining this process.

2. Vulnerability Prioritization: 53% utilise automation to rank vulnerabilities based on their severity, ensuring that the most critical issues are addressed first.

3. Remediation: 41% of respondents automate the assignment of remediation tasks and the execution of fixes, making these processes more efficient.

Despite these advancements, 44% still rely on manual methods to some extent, highlighting obstacles to complete automation. Nevertheless, 89% of cybersecurity leaders acknowledge that automation has increased efficiency, particularly in accelerating threat response.

AI's Growing Role in Cybersecurity

The survey highlights a robust confidence in AI's ability to transform cybersecurity practices. An impressive 85% of organizations intend to increase their AI spending over the next five years. Survey participants expect AI to greatly enhance early stages of managing vulnerabilities in the following ways:

1. Vulnerability Assessment: It is argued by 38% of the demographic that AI will  boost the precision and effectiveness of spotting vulnerabilities.

2. Vulnerability Prioritisation: 30% view AI as crucial for accurately ranking vulnerabilities based on their severity and urgency.

Additionally, 64% of respondents see AI as a strong asset in combating cyber threats, indicating a high level of optimism about its potential. However, 68% are concerned that incorporating AI into software development will accelerate code production at a pace that outstrips security teams' ability to manage, creating new challenges in vulnerability management.


Views on New SEC Incident Reporting Requirements

The survey also sheds light on perspectives regarding the new SEC incident reporting requirements. Over half of the respondents see these regulations as opportunities to enhance vulnerability management, particularly in improving logging, reporting, and overall security hygiene. Surprisingly, fewer than a quarter of respondents view these requirements as adding bureaucratic burdens.

Trend Towards Continuous Threat Exposure Management (CTEM)

A trend from the survey is the likely adoption of Continuous Threat Exposure Management (CTEM) programs by 90% of respondents. Unlike traditional periodic assessments, CTEM provides continuous monitoring and proactive risk management, helping organizations stay ahead of threats by constantly assessing their IT infrastructure for vulnerabilities.

The Seemplicity survey highlights both the challenges and potential solutions in the evolving field of cybersecurity. As AI accelerates code development, integrating automation and continuous monitoring will be essential to managing the increasing complexity and noise in security environments. Organizations are increasingly recognizing the need for more intelligent and efficient methods to stay ahead of cyber threats, signaling a shift towards more proactive and comprehensive cybersecurity strategies.

Read more »
Threat Intelligence
Accountability Automation collaboration Cyber Security Cybersecurity executives Microsoft organizational changes Secure Future Initiative security governance Threat Intelligence

Microsoft to Enforce Executive Accountability for Cybersecurity

 

Microsoft is undergoing organizational adjustments to enhance cybersecurity measures throughout its products and services, focusing on holding senior leadership directly responsible. Charlie Bell, Microsoft's executive vice president of security, outlined these changes in a recent blog post aimed at reassuring customers and the US government of the company's dedication to bolstering cybersecurity amidst evolving threats.

One key aspect of this initiative involves tying a portion of the compensation for the company's Senior Leadership Team to the progress made in fulfilling security plans and milestones. Additionally, Microsoft is implementing significant changes to elevate security governance, including organizational restructuring, enhanced oversight, controls, and reporting mechanisms.

These measures encompass appointing a deputy Chief Information Security Officer (CISO) to each product team, ensuring direct reporting of the company's threat intelligence team to the enterprise CISO, and fostering collaboration among engineering teams across Microsoft Azure, Windows, Microsoft 365, and security groups to prioritize security.

Bell's announcement follows a recent assessment by the US Department of Homeland Security's Cyber Safety Review Board (CSRB), highlighting the need for strategic and cultural improvements in Microsoft's cybersecurity practices. The CSRB identified areas where Microsoft could have prevented a notable cyber incident involving a breach of its Exchange Online environment by the Chinese cyber-espionage group Storm-0558, which compromised user emails from various organizations, including government agencies.

Microsoft previously launched the Secure Future Initiative (SFI) to address emerging threats, incorporating measures such as automation, artificial intelligence (AI), and enhanced threat modelling throughout the development lifecycle of its products. The initiative also aims to integrate more secure default settings across Microsoft's product portfolio and strengthen identity protection while enhancing cloud vulnerability response and mitigation times.

Bell's update provided further details on Microsoft's approach, emphasizing six key pillars: protecting identities and secrets, safeguarding cloud tenants and production systems, securing networks, fortifying engineering systems, monitoring and detecting threats, and expediting response and remediation efforts.

To achieve these goals, Microsoft plans to implement various measures, such as automatic rotation of signing and platform keys, continuous enforcement of least privileged access, and network isolation and segmentation. Efforts will also focus on inventory management of software assets and implementing zero-trust access to source code and infrastructure.

While the full impact of these changes may take time to materialize, Microsoft remains a prominent target for cyberattacks. Despite ongoing challenges, industry experts like Tom Corn, chief product officer at Ontinue, acknowledge the ambitious scope of Microsoft's Secure Future Initiative and its potential to streamline operationalization for broader benefit.
Read more »
Technology
Artifcial Intelligence Automation Cybersecurity Ransomware SOCs Technology

Cybersecurity Teams Tackle AI, Automation, and Cybercrime-as-a-Service Challenges

 




In the digital society, defenders are grappling with the transformative impact of artificial intelligence (AI), automation, and the rise of Cybercrime-as-a-Service. Recent research commissioned by Darktrace reveals that 89% of global IT security teams believe AI-augmented cyber threats will significantly impact their organisations within the next two years, yet 60% feel unprepared to defend against these evolving attacks.

One notable effect of AI in cybersecurity is its influence on phishing attempts. Darktrace's observations show a 135% increase in 'novel social engineering attacks' in early 2023, coinciding with the widespread adoption of ChatGPT2. These attacks, with linguistic deviations from typical phishing emails, indicate that generative AI is enabling threat actors to craft sophisticated and targeted attacks at an unprecedented speed and scale.

Moreover, the situation is further complicated by the rise of Cybercrime-as-a-Service. Darktrace's 2023 End of Year Threat Report highlights the dominance of cybercrime-as-a-service, with tools like malware-as-a-Service and ransomware-as-a-service making up the majority of harrowing tools used by attackers. This as-a-Service ecosystem provides attackers with pre-made malware, phishing email templates, payment processing systems, and even helplines, reducing the technical knowledge required to execute attacks.

As cyber threats become more automated and AI-augmented, the World Economic Forum's Global Cybersecurity Outlook 2024 warns that organisations maintaining minimum viable cyber resilience have decreased by 30% compared to 2023. Small and medium-sized companies, in particular, show a significant decline in cyber resilience. The need for proactive cyber readiness becomes pivotal in the face of an increasingly automated and AI-driven threat environment.

Traditionally, organisations relied on reactive measures, waiting for incidents to happen and using known attack data for threat detection and response. However, this approach is no longer sufficient. The shift to proactive cyber readiness involves identifying vulnerabilities, addressing security policy gaps, breaking down silos for comprehensive threat investigation, and leveraging AI to augment human analysts.

AI plays a crucial role in breaking down silos within Security Operations Centers (SOCs) by providing a proactive approach to scale up defenders. By correlating information from various systems, datasets, and tools, AI can offer real-time behavioural insights that human analysts alone cannot achieve. Darktrace's experience in applying AI to cybersecurity over the past decade emphasises the importance of a balanced mix of people, processes, and technology for effective cyber defence.

A successful human-AI partnership can alleviate the burden on security teams by automating time-intensive and error-prone tasks, allowing human analysts to focus on higher-value activities. This collaboration not only enhances incident response and continuous monitoring but also reduces burnout, supports data-driven decision-making, and addresses the skills shortage in cybersecurity.

As AI continues to advance, defenders must stay ahead, embracing a proactive approach to cyber resilience. Prioritising cybersecurity will not only protect institutions but also foster innovation and progress as AI development continues. The key takeaway is clear: the escalation in threats demands a collaborative effort between human expertise and AI capabilities to navigate the complex challenges posed by AI, automation, and Cybercrime-as-a-Service.

Read more »
VMware ESXi attacks
Automation Cyber Security double extortion tactics MrAgent tool Network Security RansomHouse gang ransomware-as-a-service VMware ESXi attacks

RansomHouse Gang Streamlines VMware ESXi Attacks Using Latest MrAgent Tool

 

RansomHouse, a ransomware group known for its double extortion tactics, has developed a new tool named 'MrAgent' to facilitate the widespread deployment of its data encrypter on VMware ESXi hypervisors.

Since its emergence in December 2021, RansomHouse has been targeting large organizations, although it hasn't been as active as some other notorious ransomware groups. Nevertheless, it has been employing sophisticated methods to infiltrate systems and extort victims.

ESXi servers are a prime target for ransomware attacks due to their role in managing virtual computers containing valuable data for businesses. Disrupting these servers can cause significant operational damage, impacting critical applications and services like databases and email servers.

Researchers from Trellix and Northwave have identified a new binary associated with RansomHouse attacks, designed specifically to streamline the process of targeting ESXi systems. This tool, named MrAgent, automates the deployment of ransomware across multiple hypervisors simultaneously, compromising all managed virtual machines.

MrAgent is highly configurable, allowing attackers to customize ransomware deployment settings received from the command and control server. This includes tasks such as setting passwords, scheduling encryption events, and altering system messages to display ransom notices.

By disabling firewalls and terminating non-root SSH sessions, MrAgent aims to minimize detection and intervention by administrators while maximizing the impact of the attack on all reachable virtual machines.

Trellix has identified a Windows version of MrAgent, indicating RansomHouse's efforts to broaden the tool's reach and effectiveness across different platforms.

The automation of these attack steps underscores the attackers' determination to target large networks efficiently. Defenders must remain vigilant and implement robust security measures, including regular updates, access controls, network monitoring, and logging, to mitigate the threat posed by tools like MrAgent.
Read more »
Tesla Security
Automated Machine Automation autonomous vehicles Autonomous-Car Technology Cars Cyber Security Technology Tesla Tesla Security

GM Cruise Halts Driverless Operations

General Motors' Cruise unit has suspended all driverless operations following a recent ban in California, halting their ambitious plans for a nationwide robotaxi service.

The decision comes in response to a regulatory setback in California, a state known for its stringent rules regarding autonomous vehicle testing. The California Department of Motor Vehicles revoked Cruise's permit to operate its autonomous vehicles without a human safety driver on board, citing concerns about safety protocols and reporting procedures.

This move has forced GM Cruise to halt all of its driverless operations, effectively putting a pause on its plans to launch a commercial robotaxi service. The company had previously announced its intention to deploy a fleet of autonomous vehicles for ride-hailing purposes in San Francisco and other major cities.

The suspension of operations is a significant blow to GM Cruise, as it now faces a setback in the race to deploy fully autonomous vehicles for commercial use. Other companies in the autonomous vehicle space, including Waymo and Tesla, have been making strides in the development and deployment of their autonomous technologies.

The California ban highlights the challenges and complexities surrounding the regulation of autonomous vehicles. Striking the right balance between innovation and safety is crucial, and incidents or regulatory concerns can lead to significant delays in the deployment of this technology.

While GM Cruise has expressed its commitment to working closely with regulators to address their concerns, the current situation raises questions about the timeline for the widespread adoption of autonomous vehicles. It also emphasizes the need for a unified regulatory framework that can provide clear guidelines for the testing and deployment of autonomous technologies.

In the meantime, GM Cruise will need to reassess its strategy and potentially explore other avenues for testing and deploying its autonomous vehicles. The company has invested heavily in the development of this technology, and overcoming regulatory hurdles will be a crucial step in realizing its vision of a driverless future.

The halt to GM Cruise's driverless robotaxi operations is a clear reminder of the difficulties and unknowns associated with the advancement of autonomous car technology. The safe and effective use of this ground-breaking technology will depend on companies and regulators working together as the industry develops.

Read more »
Technology
AI AI Usage Artificial Intelligence Automation ChatGPT Data Data Safety data security Safety Security Technology

Alert: AI Sector's Energy Consumption Could Match That of the Netherlands

 

A recent study warns that the artificial intelligence (AI) industry could potentially consume as much energy as a country the size of the Netherlands by 2027. 

This surge is attributed to the rapid integration of AI-powered services by major tech companies, particularly since the emergence of ChatGPT last year. Unlike conventional applications, these AI-driven services demand considerably more power, significantly heightening the energy intensity of online activities.

Nonetheless, the study suggests that the environmental impact of AI might be less severe if its current growth rate were to slow down. Nevertheless, many experts, including the report's author, emphasize that such predictions are speculative due to the lack of sufficient data disclosure from tech firms, making accurate forecasts challenging.

Without a doubt, AI necessitates more robust hardware compared to traditional computing tasks. The study, conducted by Alex De Vries, a PhD candidate at the VU Amsterdam School of Business and Economics, is contingent on certain parameters remaining constant. These include the rate at which AI advances, the availability of AI chips, and the continuous operation of servers at full capacity.

De Vries notes that Nvidia, a chip designer, is estimated to supply approximately 95% of the required AI processing equipment. By estimating the quantity of these computers projected to be delivered by 2027, he approximates an energy consumption range for AI between 85 and 134 terrawatt-hours (TWh) annually. At the higher end, this is roughly equivalent to the energy consumption of a small country, akin to the Netherlands.

De Vries stresses that his findings underscore the importance of using AI only in cases where it is genuinely necessary. His peer-reviewed study has been published in the journal Joule.

AI systems, such as the sophisticated language models underpinning popular chatbots like OpenAI's ChatGPT and Google's Bard, require specialized computer warehouses known as data centers. 

Consequently, this equipment consumes more power and, like conventional setups, necessitates substantial water usage for cooling. The study did not incorporate the energy required for cooling, an aspect often omitted by major tech companies in their disclosures.

Despite this, the demand for AI-powered computers is surging, along with the energy required to maintain these servers at optimal temperatures. 

Notably, companies are showing a growing interest in housing AI equipment within data centers. Danny Quinn, CEO of Scottish data center firm DataVita, highlights the significant disparity in energy consumption between racks containing standard servers and those housing AI processors.

In its recent sustainability report, Microsoft, a company heavily investing in AI development, revealed a 34% surge in water consumption between 2021 and 2022. This amounted to 6.4 million cubic meters, roughly equivalent to 2,500 Olympic swimming pools.

Professor Kate Crawford, an authority on AI's environmental impact, underscores the monumental energy and water requirements of these high-powered AI systems. She emphasizes that these systems constitute a substantial extractive industry for the 21st century, with enormous implications for resource usage.

While AI's energy demands present a challenge, there are also hopes that AI can contribute to solving environmental problems. Google and American Airlines, for instance, have recently found that AI tools can reduce aircraft contrails, a contributor to global warming. 

Additionally, the U.S. government is investing millions in advancing nuclear fusion research, where AI could accelerate progress in achieving a limitless, green power supply. This year, a university academic reported a breakthrough in harnessing immense power through AI-driven prediction in an experiment, offering promise for future sustainable energy solutions.
Read more »
Technology
AI AI Crypto Artificial Intelligence Automation Bots Crypto Crypto Currency Data Tech Technology

Revolutionizing Everyday Life: The Transformative Potential of AI and Blockchain

 

Artificial intelligence (AI) and blockchain technology have emerged as two pivotal forces of innovation over the past decade, leaving a significant impact on diverse sectors like finance and supply chain management. The prospect of merging these technologies holds tremendous potential for unlocking even greater possibilities.

Although the integration of AI within the cryptocurrency realm is a relatively recent development, it demonstrates the promising potential for expansion. Forecasts suggest that the blockchain AI market could attain a valuation of $980 million by 2030.

Exploring below the potential applications of AI within blockchain reveals its capacity to bolster the crypto industry and facilitate its integration into mainstream finance.

Elevated Security and Fraud Detection

One domain where AI can play a crucial role is enhancing the security of blockchain transactions, resulting in more robust payment systems. Firstly, AI algorithms can scrutinize transaction data and patterns, preemptively identifying and preventing fraudulent activities on the blockchain.

Secondly, AI can leverage machine learning algorithms to reinforce transaction privacy. By analyzing substantial volumes of data, AI can uncover patterns indicative of potential data breaches or unauthorized account access. This enables businesses to proactively implement security measures, setting up automated alerts for suspicious behavior and safeguarding sensitive information in real time.

Instances of AI integration are already evident. Scorechain, a crypto-tracking platform, harnessed AI to enhance anti-money laundering transaction monitoring and fortify fraud prediction capabilities. CipherTrace, a Mastercard-backed blockchain security initiative, also adopted AI to assess risk profiles of crypto merchants based on on-chain data.

In essence, the amalgamation of AI algorithms and blockchain technology fosters a more dependable and trustworthy operational ecosystem for organizations.

Efficiency in Data Analysis and Management

AI can revolutionize data collection and analysis for enterprises. Blockchain, with its transparent and immutable information access, provides an efficient framework for swiftly acquiring accurate data. Here, AI can amplify this advantage by streamlining the data analysis process. AI-powered algorithms can rapidly process blockchain network data, identifying nuanced patterns that human analysts might overlook. The result is actionable insights to support business functions, accompanied by a significant reduction in manual processes, thereby optimizing operational efficiency.

Additionally, AI's integration can streamline supply chain management and financial transactions, automating tasks like invoicing and payment processing, eliminating intermediaries, and enhancing efficiency. AI can also ensure the authenticity and transparency of products on the blockchain, providing a shared record accessible to all network participants.

A case in point is IBM's blockchain-based platform introduced in 2020 for tracking food manufacturing and supply chain logistics, facilitating collaborative tracking and accounting among European manufacturers, distributors, and retailers.

Strengthening Decentralized Finance (DeFi)

The synergy of AI and blockchain can empower decentralized finance and Web3 by facilitating the creation of improved decentralized marketplaces. While blockchain's smart contracts automate processes and eliminate intermediaries, creating these contracts can be complex. AI algorithms, like ChatGPT, employ natural language processing to simplify smart contract creation, reducing errors, enhancing coding efficiency, and broadening access for new developers.

Moreover, AI can enhance user experiences in Web3 marketplaces by tailoring recommendations based on user search patterns. AI-powered chatbots and virtual assistants can enhance customer service and transaction facilitation, while blockchain technology ensures product authenticity.

AI's data analysis capabilities further contribute to identifying trends, predicting demand and supply patterns, and enhancing decision-making for Web3 marketplace participants.

Illustrating this integration is the example of Kering, a luxury goods company, which launched a marketplace combining AI-driven chatbot services with crypto payment options, enabling customers to use Ethereum for purchases.

Synergistic Future of AI and Blockchain

Though AI's adoption within the crypto sector is nascent, its potential applications are abundant. In DeFi and Web3, AI promises to enhance market segments and attract new users. Furthermore, coupling AI with blockchain technology offers significant potential for traditional organizations, enhancing business practices, user experiences, and decision-making.

In the upcoming months and years, the evolving collaboration between AI and blockchain is poised to yield further advancements, heralding a future of innovation and progress.
Read more »
Technology
AI Artificial Intelligence Automation Career Chat Bot ChatGPT Designer GPT 3 Tech Tech Career Technology

Designers Still Have an Opportunity to Get AI Right

 

As ChatGPT attracts an unprecedented 1.8 billion monthly visitors, the immense potential it offers to shape our future world is undeniable.

However, amidst the rush to develop and release new AI technologies, an important question remains largely unaddressed: What kind of world are we creating?

The competition among companies to be the first in the AI race often overshadows thoughtful considerations about potential risks and implications. Startups working on AI applications like GPT-3 have not adequately addressed critical issues such as data privacy, content moderation, and harmful biases in their design processes.

Real-world examples highlight the need for more responsible AI design. For instance, creating AI bots that reinforce harmful behaviors or replacing human expertise with AI without considering the consequences can lead to unintended harmful effects.

Addressing these problems requires a cultural shift in the AI industry. While some companies may intentionally create exploitative products, many well-intentioned developers lack the necessary education and tools to build ethical and safe AI. 

Therefore, the responsibility lies with all individuals involved in AI development, regardless of their role or level of authority.

Companies must foster a culture of accountability and recruit designers with a growth mindset who can foresee the consequences of their choices. We should move away from prioritizing speed and focus on our values, making choices that align with our beliefs and respect user rights and privacy.

Designers need to understand the societal impact of AI and its potential consequences on racial and gender profiling, misinformation dissemination, and mental health crises. AI education should encompass fields like sociology, linguistics, and political science to instill a deeper understanding of human behavior and societal structures.

By embracing a more thoughtful and values-driven approach to AI design, we can shape a world where AI technologies contribute positively to society, bridging the gap between technical advancements and human welfare.
Read more »
Security
AI Automation Cyber Attacks cybercriminals Data Data Safety data security Safety Security

FBI Alerts: Cybercriminals Exploiting Open-Source AI Programs with Ease

 

Unsurprisingly, criminals have been exploiting open-source generative AI programs for various malicious activities, including creating malware and conducting phishing attacks, as stated by the FBI.

In a recent call with journalists, the FBI highlighted how generative AI programs, highly popular in the tech industry, are also fueling cybercrime. Criminals are using these AI programs to refine and propagate scams, and even terrorists are consulting the technology to develop more powerful chemical attacks.

A senior FBI official stated that as AI models become more widely adopted and accessible, these cybercriminal trends are expected to increase.

Although the FBI did not disclose the specific AI models used by criminals, it was revealed that hackers prefer free, customizable open-source models and pay for private hacker-developed AI programs circulating in the cybercriminal underworld.

Seasoned cybercriminals are exploiting AI technology to create new malware attacks and improve their delivery methods. For example, they use AI-generated websites as phishing pages to distribute malicious code secretly. The technology also helps hackers develop polymorphic malware that can bypass antivirus software.

Last month, the FBI issued a warning about scammers using AI image generators to create sexually themed deepfakes to extort money from victims. The extent of these AI-powered schemes remains unclear, but the majority of cases reported to the FBI involve criminal actors utilizing AI models to enhance traditional frauds, including scams targeting loved ones and the elderly through AI voice-cloning technology in phone calls.

In response, the FBI has engaged in constructive discussions with AI companies to address the issue. One proposed solution is using a "watermarking" system to identify AI-generated content and images more easily.

The senior official emphasized that the FBI considers this AI threat a national priority, as it affects all programs within the agency and is a recent development in the cybercrime landscape.
Read more »
Technology
AI Artificial Intelligence Automation ChatGPT Data data security Safety Security Technology

'Verified human': Worldcoin Users Crowd for Iris Scans

 

The Worldcoin project, founded by Sam Altman, CEO of OpenAI (the developer of ChatGPT), is offering people around the world the opportunity to get a digital ID and free cryptocurrency in exchange for getting their eyeballs scanned. 

Despite concerns raised by privacy advocates and data regulators, the project aims to establish a new "identity and financial network" where users can prove their human identity online.

The project was launched recently, and participants in countries like Britain, Japan, and India have already undergone eyeball scans. In Tokyo, people queued up in front of a shiny silver globe to have their irises scanned, receiving 25 free Worldcoin tokens as verified users.

Privacy concerns have been raised due to the data-collection process, with some seeing it as a potential privacy nightmare. The Electronic Privacy Information Center, a US privacy campaigner, expressed worries about the extent of data collection. Worldcoin claims its project is "completely private," allowing users to delete their biometric data or store it encrypted.

Worldcoin representatives have been promoting the project, offering free t-shirts and stickers with the words "verified human" at a co-working space in London. Users were lured by the promise of financial gains from the cryptocurrency, which was trading at around $2.30 on Binance, the world's largest exchange.

Some participants, like Christian, a graphic designer, joined out of curiosity and to witness advancements in artificial intelligence and crypto. Despite privacy concerns, many participants did not read Worldcoin's privacy policy and were enticed by the prospect of free tokens.

Critics, such as UK privacy campaign group Big Brother Watch, argue that digital ID systems increase state and corporate control and may not deliver the benefits they promise. Regulators, including Britain's data regulator, are investigating the UK launch of Worldcoin.

In India, operators approached people at a mall in Bengaluru to sign them up for Worldcoin, and most individuals interviewed expressed little concern about privacy, focusing more on the opportunity to get free coins.
Read more »
Subscribe to: Comments (Atom)