BankInfoSecurity.com

Playbook Aims to Help Healthcare, Public Sector Manage AI Vendor Security Gaps
The Health Sector Coordinating Council released guidance to help the healthcare and public health sector better manage the explosion of third-party AI vendor cyber risk concerns they face, especially as the technology is embedded in all sorts of products.

Critics Call Foreign-Made Router Ban 'Industrial Policy Disguised As Cybersecurity'
Netgear obtained a temporary waiver from the Federal Communications Commission allowing it to continue importing consumer routers through most of 2027, making the networking hardware giant the first consumer brand to circumvent a ban on foreign-made hardware.

Felicis-Led Series A Backs Telemetry Correlation Across Cloud, Identity, Endpoints
Artemis, a New York startup led by former Amazon GuardDuty product leader Shachar Hirshberg, emerged from stealth with $70 million to build an AI-driven SIEM alternative that correlates telemetry across enterprise environments, tailors detections and speeds investigations.

Agencies Prioritizing Tracking Use Over Enforcing Immediate Cutoffs
Federal agency staffers tell ISMG they are still using Anthropic's AI tools weeks after U.S. President Donald Trump ordered an immediate halt, as officials prioritize mapping dependencies and evaluating alternatives over enforcing a rapid shutdown.

CISO Insights Reveal Gaps Between AI Adoption Speed and Data Security Maturity
A survey of 124 CISOs reveals most enterprises have scaled AI but lack confidence in data security controls. With only one in five initiatives meeting KPIs, gaps in enforcement, data trust and visibility are emerging as critical barriers to AI success.

Slumping Stock and Slower Growth Than Rival Rubrik Pave Way for Take-Private Deal
Reuters reported that Commvault is working with Goldman Sachs to explore a sale after receiving takeover interest from both private equity firms and strategic buyers. Thoma Bravo is among the buyers that have expressed interest in Commvault, sources told Reuters.

Congressional Funding Standoff Still Unresolved
The Cybersecurity and Infrastructure Security Agency has told furloughed workers to report to work despite an ongoing funding lapse. U.S. DHS officials in recent days directed all furloughed personnel to return to work on their next scheduled shift, amid increasing concerns from cybersecurity analysts.

Malware-as-a-Service Operations Favors Russian-Speaking Customers
An emerging remote access Trojan targeting Android devices in Spanish-speaking nations is propagating fraudulent advertisements as an initial access point on Meta-owned applications.

OpenAI Unveils GPT‑5.4‑Cyber in Pointed Rejoinder to Anthropic
OpenAI unveiled Tuesday its answer to AI rival Anthropic's much-touted private release of a cybersecurity model by announcing the broader availability of GPT‑5.4‑Cyber. Internal safeguards, customer verification and "trust signals" will safeguard the world from misuse, the company asserted.

Why CISOs Must Rethink Trust, MFA and Machine Identity Governance
AI-driven phishing emails, voice deepfakes and synthetic identities have changed the threat landscape. Attackers now mimic trusted users with precision. Security teams can no longer rely on static controls or traditional verification methods.

Bridging Observability Gaps With AI, OTel and Scalable Data Models
As AI-driven development and cloud adoption accelerate system complexity, traditional observability tools are struggling to keep pace. This analysis outlines four foundational pillars to close visibility gaps and enable faster, AI-powered root cause analysis.

Real-Time Payments, AI-Led Exploits Are Exposing Flaws Fraud Detection Can't Catch
For years, fraud prevention has followed a familiar script. A transaction is initiated. A model evaluates it. Fraud still gets detected as it happens or after it occurs. But this model is breaking down with the rise of instant payments and artificial intelligence tools.

CEO Solomon Says Bank is Working with Anthropic, Vendors on Controls
Goldman Sachs CEO David Solomon said the bank is "hyper-aware" of the heightened capabilities of Anthropic's Mythos model, as it works with the firm and security vendors to harness its potential. His comments come amid concern over the model's ability to accelerate cyberattacks.

Why Cyber Risk Is Now Shaped as Much by Nations as by Hackers
Wars are becoming more frequent, and are no longer only kinetic. They are just as active in the cyber world, with impacts much larger than can be imagined. This also leads to state-sponsored hacktivists targeting the critical infrastructure of nations.

Veteran Hardware Hacker's Chip Facilitates More Trustworthy and Secure Devices
How can we trust hardware to not betray us? Enter the Baochip-1x, a piece of largely open-source silicon created by Andrew "Bunnie" Huang, which he said is designed to give developers an affordable, security-focused and attestable chip, not least for building high-assurance, embedded devices.

European Governments Grow Suspicious of Silicon Valley
French abandonment of American software for open-source alternatives continues apace, with all government ministries now facing a fall deadline for outlining plans to reduce their dependence on U.S. tech. France must "regain control of our digital destiny," said public action minister David Amiel.

Patients Allege Health Entities Did Not Get Consent to Record Conversations
Proposed federal class action litigation alleges that two California healthcare organizations violated patient privacy in their use of an AI-enabled ambient tool that records, transcribes, and processes sensitive conversations between clinicians and patients without individuals' consent.