Cybersecurity and Risk - Cyber Security Informer

Roger Grimes on Prioritizing Cybersecurity Advice

Schneier on Security

OCTOBER 31, 2024

This is a good point : Part of the problem is that we are constantly handed lists…list of required controls…list of things we are being asked to fix or improve…lists of new projects…lists of threats, and so on, that are not ranked for risks. For example, we are often given a cybersecurity guideline (e.g.,

Cybersecurity

Cybersecurity Risk Authentication

See No Risk, Hear No Warning, Speak No Breach: The Cybersecurity Trap for Small Businesses

Jane Frankland

APRIL 10, 2025

Just like the three wise monkeys , some small business owners are unintentionally following a philosophy of see no risk, hear no warning, speak no threat when it comes to cybersecurity. In the context of cybersecurity, its a silent enabler for hackers who thrive on unguarded systems and untrained staff. Here’s how: 1.

Small Business

Small Business Risk Cybersecurity Cyber Risk

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

To read the piece that appeared today in The Independent , please see: Australias social media ban wont protect kids itll put them more at risk on The Independent ‘s web site.

Media

Media Risk Artificial Intelligence Government

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. What is a DLP Risk Assessment?

Risk

Risk Cybersecurity Data breaches Cyber threats

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert and Podcaster, will outline the interconnected relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Risk

Cyber Risk in U.S. Healthcare: Tackling HIPAA, Vendors, and Human Error – A Free Webinar With Joseph Steinberg and Chip Witt

Joseph Steinberg

APRIL 23, 2025

Healthcare Cybersecurity And How to Fix It. healthcare organizations are under relentless cyber pressure and the risks to patient safety have never been higher. The post Cyber Risk in U.S. Whats Broken in U.S. From ransomware and cloud misconfigurations to vulnerable medical devices, U.S.

Healthcare

Healthcare Cyber Risk Artificial Intelligence Risk

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

Jane Frankland

APRIL 18, 2025

This is the state of cybersecurity today. Organisations invest heavily in governance, risk, and compliance (GRC) and risk management efforts while neglecting foundational elements like leadership and culture. To break free from this cycle, we must rethink how we approach cybersecurity. The result?

Cybersecurity

Cybersecurity Technology Risk Security Awareness

Reducing the Crushing Burden of Cybersecurity, Privacy Laws in the UK

SecureWorld News

NOVEMBER 17, 2024

The UK has a complex regulatory landscape for businesses, particularly in the realms of cybersecurity and privacy. As indicated above, international operations often require adherence to multiple jurisdictions' data protection and cybersecurity laws, creating a complex patchwork of requirements. of the UK's business population, 5.5

Cybersecurity

Cybersecurity Risk Healthcare Accountability

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

SecureWorld News

FEBRUARY 28, 2025

But amidst all these flashy, futuristic threats, the biggest cybersecurity risk remains the same as it's always beenhumans. Cybersecurity Through Human Behaviour just confirmed what most of us in the field already know: Cybersecurity isn't just a tech problemit's a behavior problem. Zero incentives to care. The solution?

Cybersecurity

Cybersecurity Risk Social Engineering Phishing

The Importance of User Roles and Permissions in Cybersecurity Software

By only giving users access to what they need for their job, you reduce the risk of data breaches and unauthorized modifications. You should restrict access to sensitive information and systems the same way you restrict access to your house. This is known as role-based access control or RBAC. Read the eBook to learn more!

Cybersecurity

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

The Last Watchdog

JANUARY 7, 2025

Security Risk Advisors (SRA) is a leading cybersecurity firm dedicated to providing comprehensive security solutions to businesses worldwide. Security Risk Advisors SCALR XDR is both a platform, built on Microsoft Azure and a 247 monitoring service with Microsoft Sentinel. Philadelphia, Pa., Philadelphia, Pa.,

Risk

Risk Penetration Testing Marketing Technology

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

Companies face the risk of insider threats, worsened by remote work. The insider threat, or the risk that an employee could harm the company, is a growing concern. The insider threat, or the risk that an employee could harm the company, is a growing concern. North Korean hackers infiltrate firms via fake IT hires, stealing data.

Risk

Risk Education Scams VPN

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Discover more on phished.io

Cyber threats

All Gmail users at risk from clever replay attack

Malwarebytes

APRIL 22, 2025

We don’t just report on threats – we help safeguard your entire digital identity Cybersecurity risks should never spread beyond a headline. Google originally closed the report as ‘Working as Intended,’ but later Google got back to him and said it had reconsidered the matter and it will fix the OAuth bug.

Risk

Risk Accountability Scams Phishing

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Environmental Protection Agency (EPA) Office of Inspector General (OIG) has highlighted significant cybersecurity vulnerabilities in the nation's drinking water systems. The findings revealed exploitable cybersecurity weaknesses that could disrupt service, cause data loss, or lead to information theft. A recent report from the U.S.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

Cybersecurity Resolutions for 2025

IT Security Guru

JANUARY 9, 2025

Resolution #1: Adopt a Proactive Approach to Cybersecurity to Combat AI-Driven Attacks Adopt a proactive approach to cybersecurity that integrates advanced defence mechanisms with fundamental best practices to mitigate and combat AI-driven attacks. This will require expertise in cryptography, IT infrastructure and cybersecurity.

Cybersecurity

Cybersecurity Cyber threats Architecture Digital transformation

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

MARCH 24, 2025

Expert analysis and the broader cybersecurity context Cybersecurity analysts have long warned that the rapid adoption of cloud technologies can outpace the implementation of necessary security frameworks. Beyond mass data exposure, there are heightened risks of credential compromise, corporate espionage, and potential extortion.

Risk

Risk Passwords Hacking Encryption

IT Leadership Agrees AI is Here, but Now What?

As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success. IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty.

Cybersecurity

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. While skepticism is healthy, excessive distrust can lead to the dismissal of genuine outreach or important instructionsundermining cybersecurity efforts.

Cybersecurity

Cybersecurity Technology Scams Risk

Most CEOs Agree: Business Growth Hinges on Cybersecurity

eSecurity Planet

APRIL 23, 2025

CEOs worldwide are no longer treating cybersecurity as simply a defensive measure. According to a new survey by Gartner, a staggering 85% of top executives believe strong cybersecurity is critical for their companys expansion. However, as AI adoption grows, so does the need for stronger cybersecurity.

Cybersecurity

Cybersecurity Data breaches Cyber threats Technology

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

OCTOBER 15, 2024

The American Water cyber breach has sparked conversations about the importance of cybersecurity in safeguarding essential services and the growing frequency of cyber threats targeting public utilities. 7 How To Avoid Such Cyberattacks Utility companies, like American Water, face increasing risks from cybercriminals.

Cybersecurity

Cybersecurity Penetration Testing Cyber threats Firewall

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Alkove Jim Alkove , CEO, Oleria Identity is cybersecurity’s biggest challenge.

Cyber threats

Cyber threats CISO IoT Phishing

Healthcare Cybersecurity Market Soars: Key Trends and Insights

SecureWorld News

MAY 2, 2025

Healthcare cybersecurity is undergoing explosive growth, reflecting both escalating threats and urgent investments to protect patient data and systems. According to a new report, the global healthcare cybersecurity market was valued at US $21.25 billion in 2024 and is projected to reach $82.90 billion by 2033, at a robust 18.55% CAGR.

Healthcare

Healthcare Marketing Cybersecurity CISO

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. Joe Nicastro , Field CTO, Legit Security Nicastro Transparency in cybersecurity remains a complex balancing act.

CISO

CISO CSO Risk Cyber threats

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

MARCH 8, 2025

For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem. Yet here we are, in 2025, and the percentage of women in cybersecurity remains stagnantor worse, is backtracking. Meanwhile, cybersecurity job vacancies are skyrocketing. It’s utter madness.

Cybersecurity

Cybersecurity Penetration Testing Accountability Cyber Risk

Empowering Boards for Cybersecurity Incidents

SecureWorld News

JANUARY 12, 2025

A 2022 PwC study found that 59% of directors admitted their board is not very effective in understanding the drivers and impacts of cyber risks for their organization, emphasizing the critical role of board members in these moments. For example, consider whether the risk committee or an ad hoc task force is best suited to manage the incident.

Cybersecurity

Cybersecurity Ransomware Data breaches Government

Don’t Be Robotic About Your Robots’ Cybersecurity

Security Boulevard

APRIL 14, 2025

If AI-powered robotics companies do not increase their investment in privacy and cybersecurity, they risk the promise of their innovations. The post Dont Be Robotic About Your Robots Cybersecurity appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Risk Security Awareness

How to Build Your Cybersecurity Talent Stack

SecureWorld News

JANUARY 13, 2025

A career in cybersecurity isn't about mastering one skillit's about layering complementary skills that make you versatile and invaluable. In cybersecurity, that means layering foundational knowledge with technical expertise, soft skills, and specialized abilities that align with your career goals. That's the power of a talent stack.

Cybersecurity

Cybersecurity DNS Threat Detection Software

Google announces Sec-Gemini v1, a new experimental cybersecurity model

Google Security

APRIL 4, 2025

Posted by Elie Burzstein and Marianna Tishchenko, Sec-Gemini team Today, were announcing Sec-Gemini v1, a new experimental AI model focused on advancing cybersecurity AI frontiers. Effectively powering SecOps workflows requires state-of-the-art reasoning capabilities and extensive current cybersecurity knowledge.

Cybersecurity

Cybersecurity Cyber threats Risk

The Cybersecurity Dimensions of Web Accessibility

SecureWorld News

JANUARY 27, 2025

Aside from the obvious gap in accessing data and web-based resources, this shortfall also entails cybersecurity concerns. In that case, users run the risk of misinterpreting key information, making wrong choices, or unwittingly exposing personally identifiable data. Take privacy settings as an example.

Cybersecurity

Cybersecurity Risk Technology Authentication

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

As they do, they create more security vulnerabilities and inherent business, changing the nature of cybersecurity careers. Meanwhile, according to non-profit trade association CompTIA’s Cyberseek tool, nearly half a million cybersecurity jobs were open between May 2023 and April 2024 in the U.S., million workers.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

The Last Watchdog

DECEMBER 4, 2024

4, 2024 –A majority of senior cybersecurity professionals at the UK’s largest organisations struggle with feelings of helplessness and professional despair, new research by Green Raven Limited indicates. Cheltenham, England, Dec. Almost three-quarters say they would consider a major breach as a personal failure. •59%

Cybersecurity

Cybersecurity Cyber threats Risk CISO

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

SecureWorld News

JANUARY 7, 2025

Cybersecurity in today's world is akin to the enchanted realms of fairy tales, where threats lurk in dark digital forests and heroes wield keyboards instead of swords. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Phishing Engineering

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. And therein lies the problem: Your enterprise could be at risk if their credentials are unsafe. So, what’s a bit of increased risk where usernames and passwords are concerned?

B2B

B2B Cybersecurity Risk Identity Theft

The Role and Benefits of AI in Cybersecurity

SecureWorld News

APRIL 13, 2025

In this article, we'll explore how AI enhances cybersecurity, its key benefits, and why businesses are increasingly relying on AI-driven security solutions. How does AI work in cybersecurity? It helps identify anomalies and potential third-party risks in real-time.

Cybersecurity

Cybersecurity Artificial Intelligence Threat Detection Cyber threats

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

SecureWorld News

DECEMBER 5, 2024

billion signals a significant shift in how global financial institutions are approaching cybersecurity. Thus, it's clear that even the traditional "big players" are paying attention to AI, its effect on cybersecurity, and the changing security landscape. MasterCard's September 2024 acquisition of Recorded Future for $2.65

Cybersecurity

Cybersecurity Threat Detection Financial Services Cyber threats

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

Artificial intelligence (AI) is transforming industries at an unprecedented pace, and its impact on cybersecurity is no exception. From automating cybersecurity defenses to combatting adversarial AI threats, the report underscores both the power and pitfalls of AI-driven security.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

Cybersecurity threats against federal contractors are escalating, with adversaries continuously seeking vulnerabilities within governmental supply chains. This legislation, which has garnered strong bipartisan support, represents a crucial step in reinforcing the nation's cybersecurity posture. government. government.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

SpyCloud , the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report , highlighting the rise of darknet-exposed identity data as the primary cyber risk facing enterprises today. It requires organizations to rethink the risks posed by employees, consumers, partners and suppliers.

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

OT Cybersecurity and the Evolving Role of Controls Engineers

SecureWorld News

JANUARY 23, 2025

Industrial automation and operational technology (OT) are at a critical intersection where cybersecurity is not a "nice to have" but an essential component of system design and implementation. On the other hand, many believe that a foundational understanding of controls engineering is essential to being a competent OT cybersecurity engineer.

Engineering

Engineering Cybersecurity Manufacturing Firewall

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

Security Affairs

FEBRUARY 3, 2025

Ron Wyden warns of national security risks after Elon Musk s DOGE was given full access to sensitive Treasury systems. Ron Wyden warned of national security risks after Elon Musk s team, Department of Government Efficiency (DOGE), was granted full access to a sensitive U.S. Treasury payments system poses significant risks.

Risk

Risk Surveillance Cyber threats Marketing

Roger Grimes on Prioritizing Cybersecurity Advice

See No Risk, Hear No Warning, Speak No Breach: The Cybersecurity Trap for Small Businesses

Webinars

Trending Sources

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Webinars

From Risk Assessment to Action: Improving Your DLP Response

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Cyber Risk in U.S. Healthcare: Tackling HIPAA, Vendors, and Human Error – A Free Webinar With Joseph Steinberg and Chip Witt

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

Reducing the Crushing Burden of Cybersecurity, Privacy Laws in the UK

The Biggest Cybersecurity Risk We're Ignoring—And No, It's Not AI

The Importance of User Roles and Permissions in Cybersecurity Software

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Digital nomads and risk associated with the threat of infiltred employees

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

All Gmail users at risk from clever replay attack

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

Cybersecurity Resolutions for 2025

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

IT Leadership Agrees AI is Here, but Now What?

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Most CEOs Agree: Business Growth Hinges on Cybersecurity

American Water Shuts Down Services After Cybersecurity Breach

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Healthcare Cybersecurity Market Soars: Key Trends and Insights

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Women in Cybersecurity & IWD: Why I’m Done!

Empowering Boards for Cybersecurity Incidents

Don’t Be Robotic About Your Robots’ Cybersecurity

How to Build Your Cybersecurity Talent Stack

Google announces Sec-Gemini v1, a new experimental cybersecurity model

The Cybersecurity Dimensions of Web Accessibility

Top 9 Trends In Cybersecurity Careers for 2025

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

The Role and Benefits of AI in Cybersecurity

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

Google's AI Trends Report: Key Insights and Cybersecurity Implications

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

OT Cybersecurity and the Evolving Role of Controls Engineers

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

Stay Connected