

Michael Hill
UK Editor
Michael Hill is the UK editor of CSO Online. He has spent the past five-plus years covering various aspects of the cybersecurity industry, with particular interest in the ever-evolving role of the human-related elements of information security. A keen storyteller with a passion for the publishing process, he enjoys working creatively to produce media that has the biggest possible impact on the audience.

OWASP lists 10 most critical large language model vulnerabilities
The list highlights the impact and prevalence of the 10 most critical vulnerabilities found in artificial intelligence applications based on LLMs.

UK NCSC announces closure of CCP cyber certification scheme
CCP applications to close from June 30 as UK cybersecurity sector prepares for introduction of new chartered titles.

SAFE Security claims to predict data breaches with new generative AI offering
SAFE Security’s Cyber Risk Cloud of Clouds generates likelihoods for different risk scenarios based on an organization’s cybersecurity posture.

10 notable critical infrastructure cybersecurity initiatives in 2023
How vendors, governments, industry bodies, and nonprofits are contributing to increasing the cyber resilience of critical national infrastructure this year.

ISACA pledges to help grow cybersecurity workforce in Europe
ISACA will provide 20,000 free memberships to students across Europe and support the identification of qualified cybersecurity candidates for organizations.

Inactive, unmaintained Salesforce sites vulnerable to threat actors
Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by malicious actors.

Trellix, Netskope announce new Amazon Security Lake support to enhance threat detection, remediation
Trellix expands XDR support for Amazon Security Lake while Netskope integrates its SSE platform with AWS’ centralized security data service.

Armed Forces vets well-suited to cybersecurity, says UK Cyber Security Council
Veterans are used to careers in high stakes environments and coping well under pressure, so providing more pathways into cyber for veterans should be a priority.

Inactive accounts pose significant account takeover security risks
Inactive accounts that haven’t been accessed for extended periods are more likely to be compromised due to password reuse and lack of multifactor authentication.

UK NCSC releases new training packages to help businesses manage supply chain risks
Free training packages cover mapping supply chains and gaining confidence in supply chain cybersecurity.

6 ways generative AI chatbots and LLMs can enhance cybersecurity
Generative AI chatbots and large language models can be a double-edged swords from a risk perspective, but with proper use they can also improve cybersecurity in key ways