Cybersecurity’s global alarm system is breaking down
". . .As these public resources falter, organizations and governments are confronting a critical weakness in our digital infrastructure: Essential global cybersecurity services depend on a complex web of US agency interests and government funding that can be cut or redirected at any time. . .
Avoiding a digital ‘dark age’
It will likely come as no surprise that practitioners are looking to AI to help fill the gap, while at the same time preparing for a coming swarm of cyberattacks by AI agents. Security researchers have used an OpenAI model to discover new “zero-day” vulnerabilities. And both the NVD and CVE teams are developing “AI-powered tools” to help streamline data collection, identification, and processing. NIST says that “up to 65% of our analysis time has been spent generating CPEs”—product information codes that pinpoint affected software. If AI can solve even part of this tedious process, it could dramatically speed up the analysis pipeline.
But Martin cautions against optimism around AI, noting that the technology remains unproven and often riddled with inaccuracies—which, in security, can be fatal. “Rather than AI or ML [machine learning], there are ways to strategically automate bits of the processing of that vulnerability data while ensuring 99.5% accuracy,” he says.
- The CVE Foundation, launched in April 2025 by breakaway board members, proposes a globally funded nonprofit model similar to that of the internet’s addressing system, which transitioned from US government control to international governance.
- Other security leaders are pushing to revitalize open-source alternatives like Google’s OSV Project or the NVD++ (maintained by VulnCheck), which are accessible to the public but currently have limited resources.
As
these various reform efforts gain momentum, the world is waking up to
the fact that vulnerability intelligence—like disease surveillance or
aviation safety—requires sustained cooperation and public investment.
Without it, a patchwork of paid databases will be all that remains,
threatening to leave all but the richest organizations and nations
permanently exposed.
Matthew King is a technology and environmental journalist based in New York. He previously worked for cybersecurity firm Tenable
Keep Reading
Most Popular
We did the math on AI’s energy footprint. Here’s the story you haven’t heard.
The emissions from individual AI text, image, and video queries seem small—until you add up what the industry isn’t tracking and consider where it’s heading next.
We’re learning more about what weight-loss drugs do to the body
GLP-1 agonists like Wegovy, Ozempic, and Mounjaro might benefit heart and brain health—but research suggests they might also cause pregnancy complications and harm some users.
This giant microwave may change the future of war
The defense tech startup Epirus has developed a cutting-edge, cost-efficient drone zapper that’s sparking the interest of the US military. Now the company has to deliver.
No comments:
Post a Comment