Cybersecurity - Cyber Security Informer

Roger Grimes on Prioritizing Cybersecurity Advice

Schneier on Security

OCTOBER 31, 2024

For example, we are often given a cybersecurity guideline (e.g., The catch is: There are two recommendations that WILL DO MORE THAN ALL THE REST ADDED TOGETHER TO REDUCE CYBERSECURITY RISK most efficiently: patching and using multifactor authentication (MFA). PCI-DSS, HIPAA, SOX, NIST, etc.) with hundreds of recommendations.

Cybersecurity

Cybersecurity Risk Authentication

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

MARCH 8, 2025

For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem. Yet here we are, in 2025, and the percentage of women in cybersecurity remains stagnantor worse, is backtracking. Meanwhile, cybersecurity job vacancies are skyrocketing. It’s utter madness.

Cybersecurity

Cybersecurity Penetration Testing Accountability Cyber Risk

BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From “Me” In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States

Joseph Steinberg

JANUARY 31, 2025

The post BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From Me In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States appeared first on Joseph Steinberg: CyberSecurity Expert Witness, Privacy, Artificial Intelligence (AI) Advisor.

Artificial Intelligence

Artificial Intelligence Cybersecurity Scams

CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025

Joseph Steinberg

MARCH 11, 2025

During the upcoming Summer 2025 semester, cybersecurity expert Joseph Steinberg will once again lecture at Columbia University. The post CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025 appeared first on Joseph Steinberg: CyberSecurity Expert Witness, Privacy, Artificial Intelligence (AI) Advisor.

Artificial Intelligence

Artificial Intelligence Cybersecurity Technology

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles.

Cyber threats

Cybersecurity Lessons from Covid19

Adam Shostack

JANUARY 2, 2025

What can Cybersecurity learn from the covid pandemic? COVID-19 offers an opportunity and call to action for cybersecurity professionals, policy makers, and the public to think about preparation and response to catastrophic digital threats. Join us for a provocative exploration on Thursday!

Cybersecurity

Cybersecurity Cyber threats Technology

Lessons for Cybersecurity from the American Public Health System

Adam Shostack

JANUARY 16, 2025

The white papers attempt to portray a comprehensive picture of the computing research field detailing potential research directions, challenges, and recommendations.

Cybersecurity

Cybersecurity Government

How to Build Your Cybersecurity Talent Stack

SecureWorld News

JANUARY 13, 2025

A career in cybersecurity isn't about mastering one skillit's about layering complementary skills that make you versatile and invaluable. In cybersecurity, that means layering foundational knowledge with technical expertise, soft skills, and specialized abilities that align with your career goals. That's the power of a talent stack.

Cybersecurity

Cybersecurity DNS Threat Detection Software

Cybersecurity Resolutions for 2025

IT Security Guru

JANUARY 9, 2025

Resolution #1: Adopt a Proactive Approach to Cybersecurity to Combat AI-Driven Attacks Adopt a proactive approach to cybersecurity that integrates advanced defence mechanisms with fundamental best practices to mitigate and combat AI-driven attacks. This will require expertise in cryptography, IT infrastructure and cybersecurity.

Cybersecurity

Cybersecurity Cyber threats Architecture Digital transformation

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely.

Cybersecurity

Is Cybersecurity Awareness Month Worth the Money?

Adam Shostack

JANUARY 2, 2025

As we wrap up another cybersecurity awareness month, Id like to ask: Is it worth the money and effort? Cybersecurity awareness month was invented by Microsofts marketing department, and it now absorbs a huge amount of time and energy: Time from corporate cybersecurity teams to create and execute marketing campaigns.

Cybersecurity

Cybersecurity Marketing Information Security

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

OCTOBER 15, 2024

The American Water cyber breach has sparked conversations about the importance of cybersecurity in safeguarding essential services and the growing frequency of cyber threats targeting public utilities. Train Employees in Cybersecurity Best Practices Phishing awareness: Many cyberattacks begin with phishing emails.

Cybersecurity

Cybersecurity Penetration Testing Cyber threats Firewall

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

Joseph Steinberg To Speak Again At Penn Club & Columbia Club About CyberSecurity

Joseph Steinberg

MARCH 24, 2025

CyberSecurity Expert Joseph Steinberg will, once gain, deliver a talk for the Penn Club and Columbia Club. In this session, Steinberg will show you how you can improve your odds of staying cybersecure, no matter your level of technological sophistication.

Artificial Intelligence

Artificial Intelligence Cybersecurity Data breaches Government

IT Leadership Agrees AI is Here, but Now What?

As AI evolves, enhanced cybersecurity and hiring challenges grow. IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

SecureWorld News

JANUARY 7, 2025

Cybersecurity in today's world is akin to the enchanted realms of fairy tales, where threats lurk in dark digital forests and heroes wield keyboards instead of swords. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Phishing Engineering

How Cybersecurity Training Must Adapt to a New Era of Threats

Security Boulevard

NOVEMBER 5, 2024

The post How Cybersecurity Training Must Adapt to a New Era of Threats appeared first on Security Boulevard. We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever.

Cybersecurity

Cybersecurity Security Awareness

From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions

Security Boulevard

JANUARY 9, 2025

Here are some likely predictions across cybersecurity, GenAI and innovation, and defensive cyber. The post From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions appeared first on Security Boulevard. What to expect in 2025 and beyond, into the future.

Cybersecurity

Cybersecurity Threat Detection Security Awareness Risk

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. While skepticism is healthy, excessive distrust can lead to the dismissal of genuine outreach or important instructionsundermining cybersecurity efforts.

Cybersecurity

Cybersecurity Technology Scams Risk

Zero Trust Mandate: The Realities, Requirements and Roadmap

and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines. Join us and learn how to better advise your agency clients on strategy, architect Zero Trust solutions, and win more cybersecurity business!

Cybersecurity

News alert: SquareX’s “Year of Browser Bugs” project exposes critical cybersecurity blind spots

The Last Watchdog

MARCH 18, 2025

The YOBB project was inspired by Month of Bugs (MOB), an iconic cybersecurity initiative where security researchers would publish one major vulnerability found in major software providers every day of the month. The research will reveal never-seen-before attack vectors that remain unknown even to the cybersecurity community.

Cybersecurity

Cybersecurity Architecture Media Password Management

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

Richard Staynings is a renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

4 Tips to Fortify the Human Element in Your Cybersecurity Posture

Security Boulevard

JANUARY 6, 2025

Four actionable tips that will enable you to enhance the human element of your cybersecurity posture, transforming potential vulnerabilities into robust defenses. The post 4 Tips to Fortify the Human Element in Your Cybersecurity Posture appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Cyber threats Security Awareness

5 Key Findings From the 2023 FBI Internet Crime Report

In this eBook, we will look at the 2023 report and explore the most important cybersecurity stats and how to prevent them. The annual FBI Crime Report provides detailed statistics on crime at the national, state, and local levels.

Identity Theft

Top 10 Cybersecurity Trends for Web Developers in 2025

SecureBlitz

MARCH 24, 2025

In this post, we will show you the top cybersecurity trends every web developer should expect in 2024. As web developers, staying abreast of the latest cybersecurity trends is no longer a luxury; it’s a necessity. The digital landscape is constantly evolving, and with it, the threats posed by cybercriminals.

Cybersecurity

Cybersecurity Cyber threats

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

The Last Watchdog

DECEMBER 4, 2024

4, 2024 –A majority of senior cybersecurity professionals at the UK’s largest organisations struggle with feelings of helplessness and professional despair, new research by Green Raven Limited indicates. Cheltenham, England, Dec. Almost three-quarters say they would consider a major breach as a personal failure. •59%

Cybersecurity

Cybersecurity Cyber threats Risk CISO

Google's $32 Billion Bet on Cybersecurity: What Wiz Acquisition Means

SecureWorld News

MARCH 19, 2025

In a move that shakes up the cybersecurity business landscape, Google has announced its largest acquisition to date: a $32 billion all-cash agreement to acquire Wiz, a rapidly growing cloud security startup. Cybersecurity leaders have reacted to the news with both excitement and caution.

Cybersecurity

Cybersecurity Marketing Data privacy Government

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

Cybersecurity threats against federal contractors are escalating, with adversaries continuously seeking vulnerabilities within governmental supply chains. This legislation, which has garnered strong bipartisan support, represents a crucial step in reinforcing the nation's cybersecurity posture. government. government.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

Cybersecurity Predictions for 2024

We’ve recently looked back at what happened within cybersecurity in 2023. In this eBook—with some guidance from the Google Cloud Cybersecurity Forecast 2024—we will delve into some of the most anticipated trends, threats, and cutting-edge solutions that are set to define the cybersecurity landscape in the months ahead.

Cybersecurity

How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast

Adam Shostack

FEBRUARY 20, 2025

Adam was on the Medical Device Cybersecurity podcast Im excited to share that I recently spoke with the Cyber Doctor on the Medical Device Cybersecurity podcast! Whether youre an engineer, security professional, or product leader, this discussion may help you refine your approach to building secure systems efficiently.

Cybersecurity

Cybersecurity Engineering

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. The report concludes that "while DeepSeek R1 does not instantly generate fully functional malware, its ability to produce semi-functional code should be a wake-up call for the cybersecurity industry."

Malware

Malware Cybersecurity Cyber threats Threat Detection

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

If you want a digital presence that will be around for the next ten years, scalability, growth, and digitization need to be tempered with a healthy dose of credential-centered cybersecurity. Zero Trust is a comprehensive security framework that fundamentally changes how organizations approach cybersecurity.

B2B

B2B Cybersecurity Risk Identity Theft

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities. The utility of these vulnerabilities declines over time as more systems are patched or replaced.

Cybersecurity

Bringing the Cybersecurity Imperative Into Focus

This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Tech leaders today are facing shrinking budgets and investment concerns. Download today to learn more!

Cybersecurity

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury’s OFAC sanctioned a Chinese cybersecurity firm and a Shanghai cyber actor for ties to Salt Typhoon and a federal agency breach. Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. telecommunication and internet service providers.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets. INE Security emphasizes the importance of regular training forall employees.

Small Business

Small Business Data breaches Backups Passwords

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Alkove Jim Alkove , CEO, Oleria Identity is cybersecurity’s biggest challenge. Sundaresan Bindu Sundaresan , Cybersecurity Director, LevelBlue In 2025, cybercriminals will exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven phishing. Attackers arent hacking in theyre logging in.

Cyber threats

Cyber threats CISO IoT Phishing

IronNet Has Shut Down

Schneier on Security

OCTOBER 11, 2024

After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity company called IronNet. At the time, he claimed that it was based on IP he developed on his own time while still in the military. That always troubled me.

Technology

Technology Cybersecurity

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?”

Cybersecurity

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

The post The Independent Op-Ed: Australias social media ban wont protect kids itll put them more at risk appeared first on Joseph Steinberg: CyberSecurity Expert Witness, Privacy, Artificial Intelligence (AI) Advisor.

Media

Media Risk Artificial Intelligence Government

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Part four of our four-part series From cybersecurity skills shortages to the pressures of hybrid work, the challenges facing organizations are at an all-time high. Lanowitz Theresa Lanowitz , Chief Evangelist, LevelBlue In 2025, cybersecurity success hinges on integrating it into core business operations.

Risk

Risk Threat Detection Technology Phishing

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

Penetration Testing

NOVEMBER 26, 2024

The flaw, designated CVE-2023-32428... The post macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published appeared first on Cybersecurity News.

Cybersecurity

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

The Last Watchdog

FEBRUARY 25, 2025

We are proud to set the standard for quality and effectiveness in cybersecurity and technical education, as evidenced by the success of our students.” The list showcases some of the best ethical hacking certifications for cybersecurity professionals. Cary, NC, Feb.

Education

Education Software Small Business Cybersecurity

Beware of Pixels & Trackers on U.S. Healthcare Websites

This report offers insights for cybersecurity, compliance, and privacy executives at healthcare organizations, as well as for policymakers and auditors.

Healthcare

Roger Grimes on Prioritizing Cybersecurity Advice

Women in Cybersecurity & IWD: Why I’m Done!

Trending Sources

BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From “Me” In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States

CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Cybersecurity Lessons from Covid19

Lessons for Cybersecurity from the American Public Health System

How to Build Your Cybersecurity Talent Stack

Cybersecurity Resolutions for 2025

The Importance of User Roles and Permissions in Cybersecurity Software

Is Cybersecurity Awareness Month Worth the Money?

American Water Shuts Down Services After Cybersecurity Breach

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

Joseph Steinberg To Speak Again At Penn Club & Columbia Club About CyberSecurity

IT Leadership Agrees AI is Here, but Now What?

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

How Cybersecurity Training Must Adapt to a New Era of Threats

From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Zero Trust Mandate: The Realities, Requirements and Roadmap

News alert: SquareX’s “Year of Browser Bugs” project exposes critical cybersecurity blind spots

Spotlight on Cybersecurity Leaders: Richard Staynings

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

4 Tips to Fortify the Human Element in Your Cybersecurity Posture

5 Key Findings From the 2023 FBI Internet Crime Report

Top 10 Cybersecurity Trends for Web Developers in 2025

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

Google's $32 Billion Bet on Cybersecurity: What Wiz Acquisition Means

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

Cybersecurity Predictions for 2024

How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Bringing the Cybersecurity Imperative Into Focus

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

IronNet Has Shut Down

Software Composition Analysis: The New Armor for Your Cybersecurity

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

macOS Vulnerability (CVE-2023-32428) Grants Root Access, PoC Published

News alert: INE secures spot in G2’s 2025 Top 50 education software rankings

Beware of Pixels & Trackers on U.S. Healthcare Websites

Stay Connected