The E.U.-U.S. Data Privacy Framework was adopted today by the European Union. This follows their adoption by the U.S. Department of Commerce last week. The action also creates a new U.S.-based judicial body, called the Data Protection Review Court, which will review cases about EU privacy rights that fall under the framework’s jurisdiction. Some privacy analysts feel this isn’t enough protection, as I describe in my story for SiliconANGLE today.

Just about every cybersecurity provider has an artificial intelligence-related story to tell these days. Many of them are first iteration AI-enhanced tools and are just like anything else AI-related: enhancements. Some vendors like Nvidia have taken AI to the extreme, as this diagram shows.

My review of the tools and what they portend for our secure future here on SiliconANGLE today.

We’re finally inching closer to curing our addiction to passwords.

This week the FIDO Alliance put together an online event and posted a series of white papers to try to help businesses that want to move forward with passkeys — digital credentials that don’t require usernames and passwords — to host their first 12-step programs for ridding themselves of the scourge that results in huge holes in cloud cybersecurity protection.

“Passkeys are a superior password replacement,” said Tom Sheffield, senior director of cybersecurity for Target Corp. “And you shouldn’t wait to implement them in your business.” Read more of my analysis for SiliconANGLE here.

An old security technology that has gotten little attention is finally ready for a new closeup.

It goes by the name polymorphic code — or alternatively, automated moving target defense or AMTD — and it has been around for nearly a decade. It came into its own around 2017 when was popularized by both malware writers and defenders.

And once again, security professionals are playing another cat-and-mouse game, but this time the stakes are a lot higher thanks to better tools on both sides.

On the malware side, the term describes code that can adapt to conditions and change its behavior to try to avoid detection. It cuts across a wide swath of computing circumstances, including the ability to attack runtime memory, file systems, credentials, virtual machines, workloads, containers and network connections.

You can learn more about this technology and both its uses for good and evil in this post for SiliconANGLE.

Despite more than a decade of talk, the seminal concept in cybersecurity of zero trust — the assumption that no user or device on a computer network can be trusted — hasn’t been implemented nearly as widely as one might expect from all of the attention.

The problems include numerous practical and perceptual obstacles, coupled with a complex collection of products that need careful coordination to deliver on its promises. The upshot: Zero trust won’t be a silver bullet for ever-growing cybersecurity woes anytime soon. Read my report for SiliconANGLE here to learn more.

Two recent events are once again bringing the internet’s foundational Domain Name System into the news, and not in a good way.

The first event involving the DNS last week was a warning from the Cybersecurity Infrastructure and Security Agency issued on Friday for version 9 of the Berkeley Internet Name Domain, or BIND.

The second news item relevant to DNS concerns an open letter issued Friday by Vint Cerf, Stephen Crocker, Carl Landwehr and several others, entitled “Concerns over DNS Blocking.”

More specifics can be found in my story for SiliconANGLE here.