Latest news with #CISA
Yahoo
2 days ago
- Business
- Yahoo
AI For Impact Day welcomes Dell Technologies as platinum sponsor
MCLEAN, Va., June 18, 2025 /PRNewswire/ -- Agile Defense announced today that Dell Technologies has joined its AI for Impact Day event as the platinum sponsor. The one-day summit takes place on June 26 in Reston, VA. Participants will explore real-world applications of AI and data solutions to optimize government, improve operational efficiency and support mission critical tasks. "Technology is evolving at an unprecedented pace, so it's absolutely critical that government agencies and their partners continue to adapt and embrace these new tools to optimize operations and deliver modern solutions that can achieve mission success," said John Hart, Chief Growth Officer for Agile Defense. "That's why we're glad to have partners like Dell Technologies supporting AI for Impact Day to help bring industry leaders together to address both the challenges and opportunities that AI presents." Keynote speakers include FBI Associate Deputy Director and COO Will Rivers and Bob Costello, Chief Information Officer at the Cybersecurity and Infrastructure Security Agency (CISA). AI for Impact Day summit presentations and panel discussions will include how AI innovations are driving government operations, human-centered design and customer experience in federal applications, insights from government leaders, partners and experts in AI and HCD and how to advance digital transformation across government. Dell Technologies' Technical Strategist Chris Thomas will participate on a panel discussing modernizing legacy systems using AI and cloud, data strategy in government and AI-powered analytics. Other speakers in attendance will be representing some of the industry's biggest names including Second Front, HiddenLayer, Domino Data Lab, U.S. Naval Surface Force, Beacon Global Strategies and more. Additional information along with registration details are available at About Agile Defense:Agile Defense stands at the forefront of innovation, driving advanced capabilities and solutions tailored to the most critical national security and civilian missions. With more than 2,000 teammates operating in North America, Europe, Asia, and the Middle East, Agile Defense supports our customer missions around the globe. Our collaborative and multi-disciplinary teams bring creativity and flexibility to developing advanced digital transformation, data analytics, and cyber solutions. We are not afraid to take on the most difficult challenges because we know that together, we can accomplish anything. Learn more at View original content to download multimedia: SOURCE Agile Defense
Fox News
2 days ago
- Business
- Fox News
Florida AG subpoenas Chinese company over 'compromised' medical devices that can transmit private data
Florida's Republican Attorney General James Uthmeier took legal action this week against a Chinese medical device manufacturer, accusing the company of selling "compromised" medical devices that allegedly include a "backdoor" that bad actors can manipulate. Contec Medical Systems Co., Ltd., a medical device company based in China with a sales branch that operates out of Florida, was served subpoenas this week by the state AG's office. In a press release announcing the legal action, Uthmeier accused Contec of potential cybersecurity risks, including violations of state consumer protection law, alleging there is evidence the company has been producing patient health monitoring devices inside the United States for over a decade, while simultaneously concealing "serious security problems" related to its products. The patient monitoring device in question, the CMS800, has also been accused of operating a "backdoor" by the Cybersecurity and Infrastructure Security Agency (CISA) and U.S. Food and Drug Administration (FDA). "Issues include a built-in 'backdoor' that could allow bad actors to manipulate data shown on the devices without the patient or provider's knowledge and programming that automatically transmits patient information to an IP address owned by a university in China," stated the press release put out by Uthmeier. "These problems are especially concerning given that the FBI has warned on previous occasions that hackers are targeting American healthcare systems. Federal agencies have recommended that these monitors be disconnected or disabled." Among the concerns listed by Uthmeier were efforts by Contec and those distributing its products to represent Contec's patient monitors as approved by the FDA and other international standards, even though they were not approved by the FDA, nor did they meet the global standards the company claimed. Uthmeier also accused one of Contec's distributors of its patient monitors, Miami-based Epsimed, of hiding that they were selling Contec's devices by relabeling them as their own. "CCP land ownership is bad, but it's [the] tip of the iceberg. Their industrial property holdings are worse, as is their port access. Perhaps worst of all is their deep penetration of critical infrastructure and govt systems." Meanwhile, Uthmeier, who also issued subpoenas to Epsimed, added that while Contec and Epsimed were representing the patient monitoring device as having certain quality assurances around safety and reliability, it simultaneously "contained a backdoor and transmitted patient information to China." Fox News Digital reached out to Contec repeatedly for this story but did not receive a response. Jose Mena, Epsimed's CEO, confirmed receipt of Uthmeier's subpoenas and said they are cooperating "100%." "We do not sell these monitors in the U.S. Our clients are in Latin America," Mena added. "The monitors are hardly used with internet connection," he continued. "For the monitor to connect to the internet and pose a threat, it requires a Central Monitoring System which we have never supplied, meaning, the monitors sold by EPSIMED are currently being used as stand-alone basis (not connected to internet). Finally and most importantly, as soon as we gained knowledge in January 2025 that CONTEC monitors had a vulnerability issue, we immediately removed this product from our product portfolio." Uthmeier's legal action, which is the first step in an ongoing effort that could lead to damages, civil penalties or injunctive relief against the companies, comes a week after China experts sounded an alarm over Chinese companies' increasing ability to potentially help the CCP sabotage the United States from within. The warning followed a massive attack by Israel on Iran's nuclear and military sites that Israel launched via a drone base it had built on Iranian soil and weapons systems and soldiers that had been smuggled into Iran. Public officials on both sides of the aisle have increasingly warned of China's growing land and asset control in the United States that could aid them in the chance a war breaks out between the world's two greatest economic superpowers. "The U.S. must choose to get serious or lose a war," Michael Lucci, the CEO and founder of State Armor Action, a conservative group with a mission to develop and enact state-level solutions to global security threats, warned via his X account following Israel's attacks. "CCP land ownership is bad, but it's tip of the iceberg. Their industrial property holdings are worse, as is their port access. Perhaps worst of all is their deep penetration of critical infrastructure and govt systems." Lucci added following news of Uthmeier's legal action that patients "need to feel safe when receiving care, not worried that their medical devices are sending their data back to Communist China."
Business Wire
2 days ago
- Business
- Business Wire
Miller Kaplan Grows with New Partner and Risk Advisory Practice
LOS ANGELES--(BUSINESS WIRE)--Miller Kaplan, a top-100 certified public accounting firm, is pleased to welcome a new partner Steven Gin, CISA to the Los Angeles office. With more than two decades of experience in public accounting, Gin will lead the launch of Miller Kaplan's Risk Advisory practice, further expanding the firm's suite of services to meet the evolving needs of its clients. Gin began his career in financial statement auditing and then moved into IT auditing. Over the last decade, he has built a strong track record in the risk advisory space—supporting clients with Sarbanes-Oxley (SOX) compliance, internal audits, and the design and testing of business processes and IT controls. His deep expertise and strategic insight will be instrumental in helping clients navigate complex regulatory environments and strengthen their internal control frameworks. As part of Miller Kaplan's continued growth strategy, the new Risk Advisory practice will offer a range of services, including SOX compliance, internal audit, board governance, enterprise risk management, and staff augmentation. 'Steven's arrival marks an exciting new chapter for Miller Kaplan,' shared Michael Kaplan, managing partner of the firm. 'His experience and leadership will be invaluable as we continue to expand our capabilities and help our clients manage risk in increasingly complex business environments.' 'I'm thrilled to join the firm at such a pivotal time and to help bring new solutions that not only strengthen our service offerings but also create meaningful value for our clients,' expressed Gin. 'This is an exciting opportunity to build something impactful together.' Gin's appointment reflects Miller Kaplan's commitment to delivering forward-thinking solutions that help organizations operate more securely, efficiently, and confidently in today's dynamic business landscape. About Miller Kaplan Listen, then advise. That's what makes Miller Kaplan one of the top-100 certified public accounting firms in the United States. Established in 1941, Miller Kaplan has been providing audit, accounting, tax, business management, information security, licensing and royalties, industry metrics, and consulting services, to individuals, businesses, fiduciaries, and tax-exempt organizations for more than 75 years. Visit for more information.
The Independent
2 days ago
- Business
- The Independent
Experts warn that Iran could target power and water systems for cyberattacks if US gets involved in Middle East
Experts in critical infrastructure sectors are cautioning the U.S. against further involvement in the Middle East, warning that Iran could decide to target American power and water systems in a series of cyberattacks. As the conflict between Israel and Iran evolves, leaders in the critical infrastructure realm remain on high alert. While there has not yet been a major cyber threat reported, these groups are amping up their defenses in the event one unfolds, Politico reported. 'Iranian cyber activity has not been as extensive outside of the Middle East but could shift in light of the military actions,' said John Hultquist, chief analyst for Google Threat Intelligence Group. Hultquist warned that if the U.S. decides to strike Iran directly, 'targets in the United States could be prioritized for action by Iran's cyber threat capability.' Previous incidents of increased geopolitical tension, such as Russia's war on Ukraine, have also prompted U.S. agencies, including the Cybersecurity and Infrastructure Security Agency to get ahead of emerging threats. Anne Neuberger, the deputy national security adviser for cyber and emerging tech at the White House under President Joe Biden, told Politico the government is essential in helping these sectors amplify their defenses at times of conflict. 'The government can play a very important role in helping companies defend themselves, from sharing declassified intelligence regarding threats to bringing companies together to coordinate defenses,' Neuberger said. 'Threat intel firms should lean forward in publicly sharing any intelligence they have. ODNI and CISA should do the same.' Last week, two information sharing and analysis centers and organizations, which share threat intelligence, warned U.S. companies to increase security measures in the event of Iranian cyberattacks. The Food and Agriculture group, whose members include the Hershey Company, Tyson and Conagra, as well as the Information Technology group, with members Intel, IBM, and AT&T, warned attacks on other targets could still impact U.S. companies. Along that line, the groups warned that 'cyberattacks aimed at Israel could inadvertently affect U.S. entities.' Jeffrey Troy, who leads the Aviation group, said past cyberattacks targeting GPS systems have left them 'in a constant state of vigilance, sharing intelligence in real time and collaborating on prevention, detection and mitigation strategies.' Leaders of some of these groups also say that staffing reductions across agencies since President Donald Trump took office have left them feeling like they are without federal support in preparing for potential cyberattacks. The Cybersecurity and Infrastructure Security Agency, the country's main cyber defense agency, is expected to lose around 1,000 employees, with many of its programs being cut or put on pause, according to the report. While the agency 'is still accessible,' there has been no outreach to strengthen defenses against Iranian hackers since last week, according to Andy Jabbour, who leads the Faith-Based Information Sharing and Analysis Organization. Much of how the possible threats get handled is in the hands of Trump, Jabbour told Politico. 'The next 24-48 hours will be interesting in that sense, and his decisions and his actions could certainly influence what we see here in the United States,' Jabbour said.
Forbes
3 days ago
- Business
- Forbes
Multiplayer AI: The New Operating Model For Identity Security
Dr. John Pritchard is the Chief Product Officer at Radiant Logic, responsible for the company's global product vision. AI-powered deepfakes and credential attacks are rewriting the rules of cyber risk, with identity-related breaches now costing organizations an average of $4.45 million per incident and accounting for over 70% of successful attacks on enterprise infrastructure and supply chains. Despite record investments in detection and response, breaches keep making headlines. Why? I call this the identity security paradox: More technology doesn't equal protection, especially if tools—and the people and AI agents using them—don't work together. Identity is the primary attack surface in the enterprise. Most organizations built their identity security stack on a traditional combination of IAM, IGA and PAM, but the rapid proliferation of cloud apps, machine identities and AI agents outpace these traditional controls. The result? Siloed data, unmanaged privileged accounts and hidden nonhuman identities—each a potential attack vector. Gartner finds that 65% of organizations still lack IAM maturity, weighed down by technical debt and fragmented architectures. Point solutions deployed to 'fix' audit findings or compliance gaps create more complexity, not less. Attackers exploit these seams, moving laterally between systems and identities that aren't monitored holistically. CISA's Silentshield Red Team Assessment demonstrated that decentralized teams and poor communication allowed adversaries to persist undetected, even when individual groups spotted anomalies. The lesson is clear: Solo efforts—whether a lone expert, an isolated AI agent or a disconnected tool—cannot keep pace with adversaries who are increasingly agile, automated and collaborative. To close these gaps, interoperability must become the standard for tools and the people and AI agents using them. Interoperability means more than connecting dashboards or sharing alerts. It's about ensuring that identity security posture management (ISPM) and identity threat detection and response (ITDR) systems share data, context and workflows in real time, across both human and machine identities. Gartner recommends a 'system of systems' approach, built on identity fabric principles, to support zero trust and intelligent automation. This means breaking down technical and organizational silos so prevention and detection teams operate from a unified, continuously updated single source of truth for identity data—a concept Gartner identifies as foundational for modern identity security. This trusted, authoritative data layer enables faster, more accurate decisions and ensures that every team acts on the same intelligence. When ISPM and ITDR interoperate, and when human and AI teammates collaborate based on shared reference points, blind spots shrink and attackers have fewer seams to exploit. I call the next evolution in identity security: multiplayer AI—intelligent systems designed to amplify human capabilities through enhanced teamwork. Gartner predicts by 2027, 90% of successful AI implementations in cybersecurity will focus on tactical task automation and process augmentation, not full autonomy or staff replacement. Multiplayer AI enables human and AI collaboration, breaking down silos and bridging gaps between prevention and detection. AI excels at analyzing vast datasets, detecting patterns humans miss and automating repetitive processes. Critical decisions, like determining whether anomalies are a threat or false positives, still require human judgment and contextual understanding. Studies show organizations using collaborative AI models—human decisions based on AI recommendations—see faster response times, fewer security incidents and improved resilience. The key is not just technology, but teamwork: AI handles the heavy lift of data processing and pattern recognition, while humans provide creativity, ethical oversight and business context. Thankfully, the industry is moving quickly. With the meteoric rise of agentic AI, open standards like Model Context Protocol (MCP) and Agent2Agent (A2A) are enabling AI agents from different vendors, clouds and frameworks to communicate, share context and coordinate tasks securely. Technology partners including OpenAI, Microsoft and Google are already adopting these protocols, breaking down silos that limit automation's impact. For business leaders, agentic AI means specialized agents for threat detection, access management, compliance and user behavior analytics can now form ad hoc teams-automating complex workflows and adapt to new threats. By 2028, Gartner forecasts multiagent AI will account for 70% of threat detection and response implementations, primarily to augment—not replace—staff. Early adopters will see measurable results: Leveraging agent-to-agent collaboration is predicted to cut attacker dwell time in compromised environments by up to 50%, while accelerating response and reducing operational risk. When humans and AI work together, identity security becomes faster, smarter and more resilient. 1. Establish an interoperability baseline. Audit ISPM and ITDR tools for data sharing and workflow integration across human and machine identities. Ensure architectures support agent-to-agent interoperability using open standards like MCP and A2A, so specialized agents can collaborate and automate cross-vendor workflows. Set quarterly targets to reduce IAM tool integration gaps. 2. Pilot tactical AI augmentation. Start with a focused, data-driven use case, such as automated privilege review or anomaly detection. Track improvement in response time and risk reduction. 3. Build AI literacy and human oversight. Train teams on both the benefits and limits of AI, including where human verification is required in critical workflows. 4. Continuously review identity hygiene. Use AI-driven discovery to identify unused or risky accounts, but require human validation before making changes. Aim to reduce privileged account sprawl and remediate orphaned accounts as they are detected. 5. Measure what matters. Track outcome-driven metrics such as percentage reduction in excessive permissions, improvement in MFA deployment rates and decreased incident response times. For example, reducing excessive permissions by 20% and increasing MFA coverage to 95% of privileged accounts within one year. The next breach won't be stopped by just another dashboard or a new AI agent. Organizations that have achieved true interoperability across tools, teams and AI will be able to respond more accurately to security issues. Multiplayer AI and agent-to-agent collaboration will lead the blueprints for resilience in the age of AI turbulence. Start by assessing your current environment for interoperability gaps, unify your tools and teams and empower your people with AI that amplifies—not replaces—their expertise. In the high-stakes game of identity security, victory belongs to those who play as a team. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
