The Critical Domain of LLM Cybersecurity

May 15, 2025 / bugejajoseph / Leave a comment

Organizations worldwide are adopting Large Language Models (LLMs) at an accelerated pace, confronting unprecedented security challenges. These sophisticated systems introduce fundamental vulnerabilities that circumvent conventional security architectures — notably the inability to isolate control and data planes, their non-deterministic outputs, and susceptibility to hallucinations. According to the OWASP’s LLM AI Cybersecurity & Governance Checklist, these characteristics substantially transform an organization’s threat landscape beyond traditional parameters.

Establishing robust LLM defense frameworks requires a comprehensive security approach. The OWASP checklist outlines specific defensive measures for LLM implementation including “resilience-first” approaches that emphasize threat modeling, AI asset inventory, and specialized security training. It recommends AI red team exercises to identify vulnerabilities before exploitation and warns organizations about “Shadow AI”— the risk of employees using unapproved AI tools that bypass standard security protocols.

With the EU AI Act and evolving regulatory frameworks, compliance requirements for AI systems are becoming increasingly rigorous. Organizations that methodically integrate LLM security protocols with established frameworks such as MITRE ATT&CK and MITRE ATLAS gain strategic advantages in identifying, evaluating, and mitigating AI-specific threats while leveraging these technologies’ transformative potential. The strategic imperative is establishing comprehensive security protocols before adversaries exploit existing vulnerabilities.

5 Key Metrics to Enhance Cybersecurity Posture

April 21, 2025May 15, 2025 / bugejajoseph / Leave a comment

In cybersecurity, the right metrics help assess and improve an organization’s security posture. These five are especially effective at distinguishing strong programs from those at risk:

Mean Time to Respond/Recover (MTTR). Speed matters. Top teams reduce MTTR through automation and regular incident response drills. The faster a threat is contained, the less damage it causes.
Vulnerability Resolution Rate. The question is not how many vulnerabilities you fix — it is whether you are addressing the right ones. Smart security leaders prioritize based on business impact, not just severity scores.
Security Awareness Engagement. When security becomes part of your culture, the metrics shift from “completion rates” to active participation. I have seen organizations transform their security posture when they started tracking how often employees report suspicious activities rather than just training attendance.
Phishing Resilience. The most revealing metric is not your click rate — it is how that rate changes as your simulations become increasingly sophisticated. Organizations making real progress show declining click rates even as attacks grow more convincing.
Patch Management Efficiency. Strong teams balance rapid patching with system stability, achieving high compliance without disrupting operations.

These metrics offer a clearer lens into actual security posture. What key indicators are driving your strategic decisions, and what innovative methods are you using to measure what truly safeguards your organization? I would love to hear your experiences.

Safeguarding the Future: My IoT Security Lecture at Lund University

September 30, 2023 / bugejajoseph / Leave a comment

Last Thursday, I had the honor of delivering an online lecture at Lund University, focusing on IoT security. The lecture addressed the core threats targeting IoT systems and the essential security measures to protect these devices from potential harm. In an increasingly interconnected world, the critical role of IoT security cannot be overstated.

As we continue to witness the exponential growth of IoT devices, it is crucial to prioritize security measures. The potential consequences of a security breach can be catastrophic, and we must remain vigilant in safeguarding our digital assets.

It is always a pleasure to share my expertise and insights on cybersecurity and IoT to guide the next-generation. I appreciate the opportunity and eagerly await what the future has in store.

Exploring the Interdependencies between AI and Cybersecurity

December 30, 2022December 18, 2022 / bugejajoseph / Leave a comment

With the increasing prevalence of AI technology in our lives, it is important to understand the relationship between AI and cybersecurity. This relationship is complex, with a range of interdependencies between AI and cybersecurity. From the cybersecurity of AI systems to the use of AI in bolstering cyber defenses, and even the malicious use of AI, there are a number of different dimensions to explore.

Protecting AI Systems from Cyber Threats: As AI is increasingly used in a variety of applications, the security of the AI technology and its systems is paramount. This includes the implementation of measures such as data encryption, authentication protocols, and access control to ensure the safety and integrity of AI systems.

Using AI to Support Cybersecurity: AI-based technologies are being used to detect cyber threats and anomalies that may not be detected by traditional security tools. AI-powered security tools are being developed to analyze data and detect malicious activities, such as malware and phishing attacks.

AI-Facilitated Cybercrime: AI-powered tools can be used in malicious ways, from deepfakes used to spread misinformation to botnets used to launch DDoS attacks. The potential for malicious use of AI is a major concern for cybersecurity professionals.

In conclusion, AI and cybersecurity have a multi-dimensional relationship with a number of interdependencies. AI is being used to bolster cybersecurity, while at the same time it is being used for malicious activities. Cybersecurity professionals must be aware of the potential for malicious use of AI and ensure that the security of AI systems is maintained.

Security Engineering and Machine Learning

June 25, 2021 / bugejajoseph / Leave a comment

This week I attended the 36th IFIP TC-11 International Information Security and Privacy Conference. The conference was organized by the Department of Informatics at the University of Oslo. During the first day of the conference, there was a keynote on Security Engineering by the celebrated security expert Prof. Dr. Ross Anderson.

He discussed the topic involving the interaction between security engineering and machine learning. He warned us about the things that can go wrong with machine learning systems, including some new attacks and defenses, such as the Taboo Trap, data ordering attacks, sponge attacks, and more.

Outline of Ross Anderson’s keynote (IFIP TC-11).

I especially enjoyed the part of his talk where he mentions the human to machine learning interaction. Coincidentally, this is a topic that I am researching. He discusses cases when robots incorporating machine learning components start mixing with humans, and then some tension and conflict, e.g., robots trying to deceive and bully humans, arises. This is a scenario that we should expect to see more in the future.

I highly recommend you to consider purchasing his brilliant book titled: “Security Engineering: A Guide to Building Dependable Distributed Systems”. This book is filled with actionable advice and latest research on how to design, implement, and test systems to withstand attacks. Certainly, this book has an extremely broad coverage of security in general and absolutely worth the purchase!

That is a Wrap On Computing 2020

July 18, 2020 / bugejajoseph / Leave a comment

As a follow-up to my previous blog post, I can say that it was an honor to participate yesterday and on Thursday at the Computing Conference 2020. It was very well organized, professionally executed, and fun!

There was a wide range of presenters coming from different research areas covering computing, AI, security, IoT, and much more. It was also cool to have a Mindfulness and Yoga general session at the conference. This was something unique!

Here, is a screenshot of my presentation with feedback received. Also, I got private messages for collaboration work and I truly appreciate those!

My presentation with feedback received.

Once again thanks for the thumbs up and already looking forward to next year’s edition!

Talking about DoS Attacks at the Computing Conference

July 6, 2020 / bugejajoseph / Leave a comment

On Friday, 17 July 2020, I will be talking at the Computing Conference 2020. This conference going was going to be held in London but due to the COVID-19 pandemic, it is now going to be held fully online. I am especially excited to listen to the keynote of Vinton G. Cerf. He is widely known as a “father of the Internet”. Cerf is also the vice president and Chief Internet Evangelist for Google. During the conference, I will be talking about Denial of Service (DoS) attacks and how commercial devices are prone to severe forms of this attack.

DoS is a widely used attack vector by various malicious threat agents from hackers to nation-states. Its consequences range from a nuisance to loss of revenues to even loss of life. Think about for instance the effects of disabling medical devices such as pacemakers, drones and weapon systems, connected alarm systems, and so on. In the case of smart homes, DoS may be the first attack to remove a component from a network to exploit a vulnerability. In our study, we found devices manufactured by established commercial players prone especially to HTTP GET DoS attacks. This can result in the complete shutdown of the device, possibly remotely, by using a simple exploit with code available over the Internet.

DoS attacks targeting the smart connected home.

Take a look at the conference agenda and have a read of my conference paper. I will be uploading my presentation slides after the conference is held under my Presentations tab.

Feel free to drop me a message or get in touch if you want to know more about this topic or in case you are interested in information security.

The Current State of IoT Security and a Glimpse Into The Future

March 12, 2020March 12, 2020 / bugejajoseph / Leave a comment

On Tuesday 10th March, I was invited to give a guest lecture about IoT security in Blekinge Tekniska Högskola (BTH) in Karlskrona, Sweden. Karlskrona is approximately 3 hours away from Malmö.

During my lecture, I gave realistic examples of attacks that targeted IoT systems. For instance, attacks targeting consumer drones, electric cars, and IP cameras. I also discussed the technical, procedural, and human challenges involved in securing IoT and some safeguards.

Blekinge Tekniska Högskola.

In the future, I will work to automate IoT security. Similar to smart devices acting autonomously to perceive and act on their environment, IoT security should evolve towards greater autonomy in detecting threats and reacting to attacks. This evolution relates to the autoimmunity of smart devices allowing for the prevention and containment of attacks in hostile environments.

You can access a condensed version of my lecture here.

Weak risk awareness of our connected homes

September 21, 2018September 23, 2018 / bugejajoseph / Leave a comment

Traditionally, only a handful of household devices were connected to the Internet. Nowadays, we have everyday devices ranging from toasters, lightbulbs, TVs all connected to the Internet and with the possibly of being remotely controlled. These devices often go by the name of Internet of Things or smart home devices. While these networked devices bring added convenience, efficiency, and peace of mind, they also bring unique perils to the smart home residents.

The more smart devices are connected to the home’s network, the more can go wrong. Malicious threat agents such as hackers can reprogram the devices to attack others, vendors can collect fine-grained information on your activities and behaviours, or your devices could become infected with malware possibly preventing you from entering your home or adjusting the temperature to your liking. Many of the manufacturers making these devices have shallow experience with information security and see security and privacy as a burden. As a result, many of the devices available in the market have little or no security backed into them. For example, some devices come with default passwords that are easily retrieved on the Internet, or they cannot be easily updated or reconfigured in a more secure or privacy-preserving way.

In August 2018, I was interviewed by Malmö University on a similar topic. The interview was transcribed in Swedish but now you can read the full interview in English at the following link: http://iotap.mau.se/weak-risk-awareness-connected-homes/

My Licentiate Seminar

August 28, 2018 / bugejajoseph / Leave a comment

On Monday, 03 September, I have my licentiate seminar at Malmö University. On that day, I will give a presentation, where I will talk for about 40 minutes about the smart connected home ecosystem.

Here, I will emphasize the security and privacy risks such as an Internet of Things system bring to the smart home residents, threat agents interested in conducting attacks on the home, challenges in implementing effective mitigations, and more.

This talk is essentially a summary highlighting key parts of my licentiate thesis (see picture of it below):

The full thesis is 192 pages long with a word count of about 48,000 words.

Take a look at my thesis and upcoming seminar by following the link: http://iotap.mah.se/smart-connected-homes-joseph-bugeja/

Joseph Bugeja

Security, Privacy, and Trust

risks