Check out Tenable’s report detailing challenges and best practices for cloud and AI security. Plus, CISA rolled out a roadmap for the CVE Program, while NIST updated its guidelines for secure software patches. And get the latest on TLS/SSL security and AI attack disclosures!
Here are five things you need to know for the week ending September 12.
Key takeaways
- Organizations are struggling to secure their AI systems and cloud environments. They need proactive security, robust identity protection and more leadership support.
- The future of the CVE Program became clearer after CISA unfurled a roadmap for enhancing it.
- NIST has updated its guidelines for securely developing and distributing software updates and patches.
1 – Tenable report: Security trails AI and cloud adoption
Use artificial intelligence and cloud now, worry about security later.
That seems to be the motto of the majority of organizations today – a risky attitude that puts them in a precarious position to manage their cyber risk.
This is the dangerous scenario that emerges from the new Tenable report “The State of Cloud and AI Security 2025.”
“Most organizations already operate in hybrid and multi-cloud environments, and over half are using AI for business-critical workloads,” reads the global study, commissioned by Tenable and developed in collaboration with the Cloud Security Alliance.
“While infrastructure and innovation have evolved rapidly, security strategy has not kept pace,” it adds.
Based on a survey of 1,025 IT and security professionals, the report found 82% of respondents have hybrid – on-prem and cloud – environments. Furthermore, 63% use two or more cloud providers.
Meanwhile, organizations are jumping into the AI pond with two feet: 55% are using AI and 34% are testing it. Among those using AI, about a third have suffered an AI-related breach already.
“The report confirms what we’re seeing every day in the field. This article has been indexed from Security Boulevard