National Vulnerability Database (NVD) Archives | FedScoop https://fedscoop.com/tag/national-vulnerability-database-nvd/ FedScoop delivers up-to-the-minute breaking government tech news and is the government IT community's platform for education and collaboration through news, events, radio and TV. FedScoop engages top leaders from the White House, federal agencies, academia and the tech industry both online and in person to discuss ways technology can improve government, and to exchange best practices and identify how to achieve common goals. Thu, 02 May 2024 19:09:31 +0000 en-US hourly 1 https://wordpress.org/?v=6.5.4 https://fedscoop.com/wp-content/uploads/sites/5/2023/01/cropped-fs_favicon-3.png?w=32 National Vulnerability Database (NVD) Archives | FedScoop https://fedscoop.com/tag/national-vulnerability-database-nvd/ 32 32 Bipartisan Senate bill on AI security would bolster voluntary cyber reporting processes https://fedscoop.com/senate-bill-on-ai-security-bolster-voluntary-cyber-reporting/ Thu, 02 May 2024 19:09:30 +0000 https://fedscoop.com/?p=77965 The AI Act of 2024 from Sens. Warner and Tillis calls on NIST and CISA to update databases and NSA to launch an AI security center.

The post Bipartisan Senate bill on AI security would bolster voluntary cyber reporting processes appeared first on FedScoop.

]]>
A bipartisan Senate bill released Wednesday would strengthen security measures around artificial intelligence, overhauling a series  of actions including cyber vulnerability tracking and a public database for AI incident reports.

The Secure AI Act of 2024, introduced by Sens. Mark Warner, D-Va., and Thom Tillis, R-N.C., requires the National Institute of Standards and Technology to update the National Vulnerability Database (NVD) and the Cybersecurity and Infrastructure Security Agency to update the Common Vulnerabilities and Exposure (CVE) program, or create a new process, according to a summary of the bill

Additionally, the bill would charge the National Security Agency with establishing an AI Security Center that would provide an AI test-bed for research for private-sector and academic researchers, and develop guidance to prevent or mitigate “counter AI-techniques.”

“Safeguarding organizations from cybersecurity risks involving AI requires collaboration and innovation from both the private and public sector,” Tillis said in a press release. “This commonsense legislation creates a voluntary database for reporting AI security and safety incidents and promotes best practices to mitigate AI risks.” 

Under the legislation, CISA and NIST would have one year to develop and implement a voluntary database for tracking AI security and safety incidents, which would be available to the public. 

Similarly, NIST would only have 30 days after the enactment of this legislation to initiate a “multi-stakeholder process” to evaluate if the consensus standards for vulnerability reporting accommodate AI security vulnerabilities. After establishing this process, NIST would have 180 days to submit a report to Congress about the sufficiency of reporting processes. 

“By ensuring that public-private communications remain open and up-to-date on current threats facing our industry, we are taking the necessary steps to safeguard against this new generation of threats facing our infrastructure,” Warner said in the press release.

The post Bipartisan Senate bill on AI security would bolster voluntary cyber reporting processes appeared first on FedScoop.

]]>
77965