To foster innovation in fully homomorphic encryption (FHE), IBM® researchers have begun publishing challenges on the FHERMA platform for FHE challenges launched in late 2023 by Fair Math and the OpenFHE community. FHE: A new frontier in technology Fully homomorphic encryption is a groundbreaking technology with immense potential. One of its notable applications lies in enhancing medical AI models. By enabling various research institutes to collaborate seamlessly in the training process, FHE opens doors to a new era of possibilities. The ability to process encrypted data without decryption mark ..read more

The General Data Protection Regulation (GDPR), the European Union’s landmark data privacy law, took effect in 2018. Yet many organizations still struggle to meet compliance requirements, and EU data protection authorities do not hesitate to hand out penalties. Even the world’s biggest businesses are not free from GDPR woes. Irish regulators hit Meta with a EUR 1.2 billion fine in 2023. Italian authorities are investigating OpenAI for suspected violations, even going so far as to ban ChatGPT briefly. Many businesses find it hard to implement GDPR requirements because the law is not only complex ..read more

Breach and Attack Simulation (BAS) is an automated and continuous software-based approach to offensive security. Similar to other forms of security validation such as red teaming and penetration testing, BAS complements more traditional security tools by simulating cyberattacks to test security controls and provide actionable insights. Like a red team exercise, breach and attack simulations use the real-world attack tactics, techniques, and procedures (TTPs) employed by hackers to proactively identify and mitigate security vulnerabilities before they can be exploited by actual threat actors. H ..read more

Today’s enterprises face a broad range of threats to their security, assets and critical business processes. Whether preparing to face a complex cyberattack or natural disaster, taking a proactive approach and selecting the right business continuity disaster recovery (BCDR) solution is critical to increasing adaptability and resilience. Cybersecurity and cyber recovery are types of disaster recovery (DR) practices that focus on attempts to steal, expose, alter, disable or destroy critical data. DR itself typically targets a wider range of threats than just those that are cyber i ..read more

For federal and state governments and agencies, identity is the crux of a robust security implementation. Numerous individuals disclose confidential, personal data to commercial and public entities daily, necessitating that government institutions uphold stringent security measures to protect their assets. This need for robust security underscored by Executive Order 14028, published in May 2021, calls for enhancing the nation’s cybersecurity posture. The executive order highlights the importance of securing digital assets and mitigating cyberthreats by emphasizing the modernization of identity ..read more

The Digital Operational Resilience Act (DORA) marks a significant milestone in the European Union’s (EU) efforts to bolster the operational resilience of the financial sector in the digital age. Envisioned to comprehensively address information and communications technology (ICT) risk management in financial services, DORA aims to harmonize existing regulations across EU member states. It mandates that all financial institutions within its scope build the necessary digital operational resilience, emphasizing a tailored approach for each organization. Focusing on foundational capabilities To ad ..read more

Cyberattacks are becoming increasingly sophisticated. Read about the concerns that industry leaders have for the future and three approaches organizations can take to build up their defenses. Cyber workforce shortage There are over four million unfilled cybersecurity jobs in the world today. Filling these vacancies has become a security imperative, and several global compliance mandates have been established to tackle the issue. For example, in the US, the 2023-2025 CISA Cybersecurity Strategic Plan aims to increase basic-level cyber skills across the country, transform cyber education and boo ..read more

Ever since the COVID-19 pandemic, cash usage has been decreasing worldwide and digital payments based on cryptocurrencies or legacy digital payment systems have prevailed. As a result, new forms of centrally managed digital currencies are emerging alongside cryptocurrencies like Bitcoin, the notorious volatility of which has challenged their acceptance worldwide. More prominently, central bank digital currencies (CBDCs) have come to offer digital forms of central bank money, while tokenized deposits tokenize the lifecycle of commercial bank money in both the retail and wholesale context. Under ..read more

The distinction between “internal” and “external” networks has always been somewhat false. Clients are accustomed to thinking about firewalls as the barrier between network elements we expose to the internet and back-end systems that are only accessible to insiders. Yet as the delivery mechanisms for applications, websites and content become more decentralized, that barrier is becoming more permeable. The same is true for the people managing those network elements. Quite often, the same team (or the same person!) is responsible for managing internal network pathways and external delivery syste ..read more

Business continuity and disaster recovery plans are risk management strategies that businesses rely on to prepare for unexpected incidents. While the terms are closely related, there are some key differences worth considering when choosing which is right for you: Business continuity plan (BCP): A BCP is a detailed plan that outlines the steps an organization will take to return to normal business functions in the event of a disaster. Where other types of plans might focus on one specific aspect of recovery and interruption prevention (such as a natural disaster or cyberatt ..read more