YouTube ... Quora ...Google search ...Google News ...Bing News

• Cybersecurity ... OSINT ... Frameworks ... References ... Offense ... NIST ... DHS ... Screening ... Law Enforcement ... Government ... Defense ... Lifecycle Integration ... Products ... Evaluating
• Case Studies
• Risk, Compliance and Regulation ... Ethics ... Privacy ... Law ... AI Governance ... AI Verification and Validation

Official U.S. Time

• Time ... Official U.S. Time | NIST
  • Positioning, Navigation and Timing (PNT)
    • Science and Technology (S&T) Positioning, Navigation, and Timing (PNT) Program | U.S. Department of Homeland Security (DHS)

Risk Management

• Singularity ... Sentience ... AGI ... Curious Reasoning ... Emergence ... Moonshots ... Explainable AI ... Automated Learning

Artificial Intelligence (AI)

• Artificial Intelligence (AI)

AI Risk Management Framework (AI RMF)

• On March 30, 2023 NIST launched the Trustworthy and Responsible AI Resource Center, which will facilitate implementation of, and international alignment with, the AI Risk Management Framework (AI RMF).
• On January 26, 2023, NIST released the AI Risk Management Framework (AI RMF 1,0) along with a companion NIST AI RMF Playbook, AI RMF Explainer Video, an AI RMF Roadmap, AI RMF Crosswalk, and various Perspectives.

AI Assurance Programs

• Microsoft unveils Azure OpenAI Service for government & AI customer commitments | Carl Franzen - Venture Beat ... Azure OpenAI Service REST APIs, which allow government customers to build new applications or connect existing ones to OpenAI’s GPT-4, GPT-3, and Embeddings
• Microsoft to launch AI Assurance Program as one of three commitments for responsible AI | Amber Hickman - Technology Record

Microsoft's program will help customers ensure that the AI applications they deploy on Microsoft’s platforms comply with legal and regulatory requirements for responsible AI. It will include elements such as regulator engagement support, implementation of the AI Risk Management Framework published by the U.S. National Institute of Standards and Technology (NIST), customer councils for feedback, and regulatory advocacy.

The program will focus on regulator engagement support that will apply what Microsoft calls the ‘KY3C’ approach: know your cloud, customer and content. Microsoft will also provide a risk framework implementation, customer councils and regulatory advocacy for governments and stakeholders, which involves a blueprint from Microsoft’s vice chair and president Brad Smith.

Risk Management Framework (RMF)

• Cybersecurity
• Capabilities
• Cybersecurity References
• Offense - Adversarial Threats/Attacks
• Cybersecurity Frameworks, Architectures & Roadmaps
• Cybersecurity Companies/Products
• Radial Basis Function Network (RBFN)
• Quantum Cryptographic Technology
• Federal Risk and Authorization Management Program (FedRAMP) | NIST
• Cybersecurity Framework | NIST
• AI Risk Management Framework (AI RMF 1.0 | NIST
• NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices | Chad Boutin - NIST ... The algorithms are designed to protect data created and transmitted by the Internet of Things and other small electronics. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023
• NIST Launches New Trustworthy and Responsible AI Resource Center: Includes First Version of AI Risk Management Framework Playbook

Post-Quantum Cryptography (PQC)

• Quantum Cryptography
• Side Channel Attack (SCA)
• Migrating to Post-Quantum Cryptography | The White House
• Quantum apocalypse: Experts warn of ‘store now, decrypt later’ hacks | Leigh McGowran - Silicon Republic
• The impact of Quantum Computing on cybersecurity | Forta Tripwire
• Post Quantum Solutions
  • PQShield
  • Blinky
  • Entrust
  • QuSecure
  • ID Quantique

In cryptography, post-quantum cryptography (PQC) (sometimes referred to as quantum-proof, quantum-safe or quantum-resistant) refers to cryptographic algorithms (usually public-key algorithms) that are thought to be secure against a cryptanalytic attack by a quantum computer. The problem with currently popular algorithms is that their security relies on one of three hard mathematical problems: the integer factorization problem, the discrete logarithm problem or the elliptic-curve discrete logarithm problem. All of these problems could be easily solved on a sufficiently powerful quantum computer running Shor's algorithm. Even though current quantum computers lack processing power to break any real cryptographic algorithm, many cryptographers are designing new algorithms to prepare for a time when quantum computing becomes a threat. This work has gained greater attention from academics and industry through the PQCrypto conference series since 2006 and more recently by several workshops on Quantum Safe Cryptography hosted by the European Telecommunications Standards Institute (ETSI) and the Institute for Quantum Computing. In contrast to the threat quantum computing poses to current public-key algorithms, most current symmetric cryptographic algorithms and hash functions are considered to be relatively secure against attacks by quantum computers. While the quantum Grover's algorithm does speed up attacks against symmetric ciphers, doubling the key size can effectively block these attacks. Thus post-quantum symmetric cryptography does not need to differ significantly from current symmetric cryptography. - Wikipedia

NIST Standardization process for PQC

• Post-Quantum Cryptography (PQC) | NIST
• National Security Agency (NSA)
• NIST winners and will ratify standards in 2024
• Multiple global rounds since 2015 led to NIST announcing winners in July 22 - four algorithms:
  • CRYSTALS-KYBER was chosen by NIST as the new standard for public-key encryption/KEMs
  • Falcon, CRYSTALS-Dilithium and SPHINCS+ will all be standardized for digital signatures
• There are more algorithms under consideration too, so the process continues

Automate Cybersecurity Maturity Model Certification (CMMC) Privacy & Security Notices with GPT-4 | NIST SP 800-171

Secure your Controlled Unclassified Information (CUI) with NIST SP 800-171, Practice AC.L2-3.1.9! In this episode, we'll guide you through the process of providing consistent privacy and security notices in compliance with CUI rules. Learn how to identify the necessary notices, craft them in line with CUI requirements, and display them effectively to your users. Gain insights into the right solutions and administrative controls to make your data protection practices robust and reliable. We're here to make compliance easy and understandable.