OpenAI Released ChatGPT Enterprise With SOC 2 Compliant & Data Encryption
Several reports have indicated data leakage from ChatGPT ever since its release by the Microsoft-backed OpenAI in November 2022. Additionally, threat actors have been abusing the platform to gain unauthorized access or leak sensitive and confidential data.
However, ChatGPT has released a new ChatGPT enterprise version, which is claimed to be SOC 2 compliant with Enterprise-grade security and privacy,including higher-speed ChatGPT-4 access.
Several Fortune 500 companies have adopted ChatGPT for their business purposes.
Companies that are known to have integrated with the ChatGPT Enterprise edition include Block, Canva, Carlyle, The Estée Lauder Companies, PwC, and Zapier.
“Since ChatGPT’s launch just nine months ago, we’ve seen teams adopt it in over 80% of Fortune 500 companies. We’ve heard from business leaders that they’d like a simple and safe way of deploying it in their organization,” reads the post by OpenAI.
Introducing ChatGPT Enterprise: enterprise-grade security, unlimited high-speed GPT-4 access, extended context windows, and much more. We’ll be onboarding as many enterprises as possible over the next few weeks. Learn more: https://t.co/lU3ErLtBmTpic.twitter.com/lhixa4IXlc
ChatGPT enterprise does not use any data for training their AI and doesn’t learn from its usage. “We do not train on your business data or conversations, and our models don’t learn from your usage.” said a post by OpenAI
Additionally, all the conversations are claimed to be encrypted. A new admin console lets organizations manage team members, SSO, domain verification, usage insights, and large-scale deployment.
Furthermore, ChatGPT enterprise performs two times faster than the previous version and also includes advanced data analysis access, which was previously known as Code Interpreter, allowing technical and non-technical teams to analyze data swiftly.
This data can also be used for financial research, marketing analysis, or data scientists.
Additional features of this ChatGPT enterprise include Data encryption, a Dashboard for usage insights, shareable chat templates, Free credits for API usage, 32k token context windows, and much more.
OpenAI also stated that they are working on ChatGPT for smaller teams, advanced data analytics, and more tools for data analysts, customer support, and much more.
Organizations are looking to include Artificial Intelligence assistants like ChatGPT inside their business, which could be an excellent tool for developing their analysis and business capabilities.
It is recommended for organizations to have complete knowledge about ChatGPT or any other Artificial Intelligence assistants before implementing them.
Slovenia’s Biggest Power Provider has Suffered a Cyberattack
One of Slovenia’s major power providers, HSE, has recently fallen victim to a significant cyberattack.
The security and control system, along with the fire alarms, were breached by the criminal who caused significant damage.
It has been reported that the attack was carried out by the Ransomware gang, which resulted in the encryption of files and rendered them inaccessible to the rightful owners.
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
Timeline of Incidents
The IT systems’ control functionalities have been successfully restored by the organization.
Between November 22nd and 25th, an incident occurred. However, I want to assure you that it did not impact the production or supply of electricity.
“Key power station operation and trading systems are operational, the connection to the national grid operator has been restored and there are good prospects that a smooth operation of the entire communications and IT infrastructure will be restored without major negative consequences,” HSE said on 27 November.
It has been reported in the media that there were issues with a high water level alarm system and the ability to trade electricity, which are both crucial activities of the company, besides generating electricity. However, the company has denied such reports and clarified that there were no temporary disruptions in these functions.
According to the HSE director general, Tomaž Štokelj, the recent cyber attack did not cause any disruption to the electricity trading and outgoing services. However, as a precautionary measure, there were slight changes made to the execution of individual transactions.
As per the latest reports, the attackers have demanded a ransom of 1 million Euros from the company. Fortunately, there has been no new development in the situation, and the incident has not affected other sectors.
However, the company is still reeling from the financial impact of the attack, which is significant. We will keep you updated on any further developments.
HSE is actively addressing the issue with the help of both internal teams and external specialists. As energy is classified as critical infrastructure, the police and the National Security Council have been notified of the situation.
In response to the news, please see below comments from Ryan McConechy, CTO of Barrier Networks:
“When critical national infrastructure organizations suffer a cyberattack, there is a strong possibility they will disconnect the services they provide into society, which can have devastating effects on citizens”.
He also recommended industrial “organizations have visibility across their assets and have implemented segmentation, they must then run a regular security programme where they monitor for threats, run scheduled patch updates, and practice incident response training to help minimise risks”.
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel
Iranian nation-state actors have been observed using a previously undocumented command-and-control (C2) framework called MuddyC2Go as part of attacks targeting Israel.
"The framework’s web component is written in the Go programming language," Deep Instinct security researcher Simon Kenin said in a technical report published Wednesday.
The tool has been attributed to MuddyWater, an Iranian Read More
The Hacker News | #1 Trusted Cybersecurity News Site