US tech titans back push for data and AI standards, and other cybersecurity news to know this month

Five major US tech companies – Cisco, IBM, Intel, Microsoft and Red Hat – have joined forces to support the OASIS Data Provenance Standards Technical Committee, launched to refine and promote data safety standards for the rapidly evolving AI landscape.

This initiative builds on the work of the Data and Trust Alliance (D&TA), which includes other major players like American Express, Humana and Walmart. The committee will focus on standardizing data provenance protocols, ensuring businesses can validate data quality as AI applications expand.

“Data governance is nothing new – people have been at this for a long time,” Kristina Podnar, Senior Policy Director at D&TA, told Cybersecurity Dive. "But we’ve never had businesses come together to make it happen.”

With companies like IBM already seeing positive results from internal tests, Podnar highlighted the urgency, saying, “They want tools in the marketplace,” with actionable standards expected within 12 to 18 months.

The alliance between big tech companies advocating for data regulation comes at a crucial time. The Forum's Global Cybersecurity Outlook 2025 reveals that 66% of organizations expect AI to significantly impact cybersecurity in the coming year. Yet, only 37% have processes to evaluate the security of AI systems before deployment.

Several US national security agencies have paused efforts to address Russian sabotage, disinformation and cyberattacks, as the Trump administration calls for a resolution to the war in Ukraine, according to Reuters.

Under President Biden, working groups were established to monitor Russia's military and other strategies, but coordination with European allies has slowed since Trump took office.

The pause follows the winding down of other initiatives focused on Russia, raising concerns among some officials that reducing these efforts could leave the US more vulnerable to Russian actions.

This comes amid significant cuts to federal jobs. However, earlier in March, Reuters reported that the White House had urged agencies to protect their cybersecurity teams despite budget reductions, stressing the importance of cybersecurity to national security.

Cybercriminals are exploiting a year-old SSRF vulnerability (CVE-2024-27564) in a third-party ChatGPT tool (not made by Open AI), mainly targeting US government agencies and financial firms, according to cybersecurity firm Veriti. The flaw allows attackers to send arbitrary requests without authentication, Security News reports. Over 10,000 attacks were observed in a week, with financial and healthcare organizations in Germany, Thailand, Indonesia, Colombia and the UK also affected. Veriti warns that misconfigurations leave many organizations at risk of exploitation.

Microsoft has detected a phishing campaign impersonating Booking.com to target the hospitality sector. Active since December 2024, the attack uses the ClickFix technique to spread credential-stealing malware. Tracked as Storm-1865, it aims to commit financial fraud and theft, explains The Hacker News.

Hackers believed to be affiliated with North Korea’s Lazarus Group have successfully converted at least $300 million of the $1.5 billion stolen in a recent crypto heist, reports the BBC. The breach, targeting the ByBit exchange from February, has left authorities struggling to recover the digital funds.

Europol has warned that organized crime gangs are increasingly using AI-powered scams and payment systems to expand their operations globally. The technology allows them to create multilingual messages, impersonate individuals, and conduct more sophisticated cyber fraud, making their activities harder to detect, according to the European Union's latest crime threat assessment.

The UK's National Cyber Security Centre has released new guidance to help organizations transition to quantum-resistant encryption by 2035. The advice emphasizes the adoption of post-quantum cryptography to protect sensitive data, such as banking and communications, from future quantum computing threats.

Chief Information Security Officers (CISOs) are increasingly expected to go beyond traditional cyber protection and drive broader organizational transformation. Adopting a holistic security platform approach, rather than a siloed one, helps businesses achieve cyber resilience, build trust and drive growth, says Deryck Mitchelson, Global CISO at Check Point Software Technologies. Discover how cybersecurity can enable innovation, compliance and shareholder value in the digital age.

The rapidly growing digital twin market is transforming cybersecurity. From optimizing physical security systems to enhancing network visibility and simulating cyber threats, digital twins are driving cost savings and improving incident response. Learn how this technology is reshaping how organizations approach security and resilience in the digital age.

Explore three key trends shaping the future of cybersecurity:

Read more on how they are redefining approaches to digital security in the evolving risk landscape.