Government and Risk - Cyber Security Informer

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

Australia recently enacted legislation to ban children under 16 from using social media a policy that the Australian government plans to enforce through the use of untested age-verification technology.

Media

Media Risk Artificial Intelligence Government

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

In the span of just weeks, the US government has experienced what may be the most consequential security breach in its history—not through a sophisticated cyberattack or an act of foreign espionage, but through official orders by a billionaire with a poorly defined government role. trillion in annual federal payments.

Government

Government Artificial Intelligence Banking Software

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk

Risk Artificial Intelligence Technology Internet

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

SecureWorld News

FEBRUARY 6, 2025

Representatives Josh Gottheimer (D-NJ) and Darin LaHood (R-IL) introduced the bipartisan No DeepSeek on Government Devices Act, seeking to prohibit federal employees from using the AI-powered application DeepSeek on government-issued devices. Federal Communications Commission (FCC) for security concerns. For the U.S. For the U.S.

Government

Government Artificial Intelligence Data privacy Mobile

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

Advertiser: Revenera

This IDC report addresses several key topics: Risks involved with using open-source software (OSS) How to manage these risks, including OSS license compliance Business benefits to the organization beyond risk mitigation Software supply chain best practices Key trends in industry and government regulation

Risk

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government

Government Cybersecurity Risk CISO

AI Risks

Schneier on Security

OCTOBER 9, 2023

Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. Some are concerned about far-future risks that sound like science fiction. AI could destroy humanity or pose a risk on par with nukes.

Risk

Risk Artificial Intelligence Technology Surveillance

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.

Government

Government Telecommunications Surveillance Risk

Security Risks of AI

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Many AI products are deployed without institutions fully understanding the security risks they pose.

Risk

Risk Government Cybersecurity Engineering

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Banking

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. The security breach poses a major national security risk. A cyberattack tied to the Chinese government penetrated the networks of a swath of U.S. broadband providers.

Government

Government Telecommunications Surveillance Risk

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” The government disclosed the details in a court motion to keep the defendant in custody until he is discharged from the military. ” prosecutors in the case said Wednesday.

Hacking

Hacking Government Identity Theft Accountability

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Unisys, for instance, was found to have framed cyber risks hypothetically even though its systems had already been breached, exfiltrating gigabytes of data. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

Critical Infrastructure Seeing Benefits of Government Program, CISA Says

Security Boulevard

JANUARY 14, 2025

The post Critical Infrastructure Seeing Benefits of Government Program, CISA Says appeared first on Security Boulevard.

Government

Government Security Awareness Risk Malware

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Responsible Cyber

NOVEMBER 23, 2024

However, with every partnership comes potential risk. As networks expand to include third, fourth, and even fifth parties, the complexities of managing these risks multiply. For CCEOs and senior leaders, effective third-party risk management (TPRM) is not just a necessity—it’s a strategic imperative.

Risk

Risk Government Education Technology

The Role of Data Governance in Strengthening Enterprise Cybersecurity

Security Boulevard

JANUARY 24, 2025

With the world being highly data-driven, data is an organizations most valuable asset, so implementing a data governance framework is essential. The post The Role of Data Governance in Strengthening Enterprise Cybersecurity appeared first on Security Boulevard.

Government

Government Cybersecurity Risk

Corporate Layoffs Put Company IP at Risk

Security Boulevard

APRIL 7, 2025

With corporate layoffs and government workforce reductions frequently making headlines, leaders often underestimate the potential for massive data loss and intellectual property liability. The post Corporate Layoffs Put Company IP at Risk appeared first on Security Boulevard.

Risk

Risk Government Backups Security Awareness

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

Security Boulevard

JANUARY 8, 2025

The post Insecure Medical Devices Illumina DNA Sequencer Illuminates Risks appeared first on Security Boulevard. IEI-IEI, Oh: Running an obsolete OS, on obsolete hardware, configured with obsolete settings.

Risk

Risk Social Engineering Internet Internet

A Deep Dive into the Texas Responsible AI Governance Act

SecureWorld News

NOVEMBER 4, 2024

Enter the Texas Responsible AI Governance Act, or TRAIGA, with Texas's unique style of doing business—balancing innovation with accountability, consumer empowerment, and a good ol' dash of no-nonsense enforcement. These are labeled "High-Risk AI Systems" (HRAIS). if they (1) put their name or trademark on a high-risk AI system.(2)

Artificial Intelligence

Artificial Intelligence Government Small Business Risk

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

The Last Watchdog

MARCH 19, 2025

SpyCloud , the leading identity threat protection company, today released its 2025 SpyCloud Annual Identity Exposure Report , highlighting the rise of darknet-exposed identity data as the primary cyber risk facing enterprises today. It requires organizations to rethink the risks posed by employees, consumers, partners and suppliers.

Cyber Risk

Cyber Risk Risk Phishing Cybercrime

IBM Addresses AI, Quantum Security Risks with New Platform

Security Boulevard

OCTOBER 23, 2024

The post IBM Addresses AI, Quantum Security Risks with New Platform appeared first on Security Boulevard. IBM is rolling out Guardian Data Security Center, a framework designed to give enterprises the tools they need to address the emerging cyberthreats that come the ongoing development of generative AI and quantum computing.

Risk

Risk Data privacy Mobile Government

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

JULY 20, 2022

And, while today’s commercially-created quantum machines are nowhere near powerful enough to approach quantum supremacy, absolutely nobody knows the true extent of the quantum capabilities of all of the technologically-advanced governments around the world. Clearly, there is a need to act in advance – and acting takes time.

Risk

Risk Encryption Government Artificial Intelligence

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

Security Affairs

FEBRUARY 3, 2025

Ron Wyden warns of national security risks after Elon Musk s DOGE was given full access to sensitive Treasury systems. Ron Wyden warned of national security risks after Elon Musk s team, Department of Government Efficiency (DOGE), was granted full access to a sensitive U.S. Treasury payments system poses significant risks.

Risk

Risk Surveillance Cyber threats Marketing

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Texas is the first state to ban DeepSeek on government devices

Security Affairs

FEBRUARY 2, 2025

Texas bans DeepSeek and RedNote on government devices to block Chinese data-harvesting AI, citing security risks. Texas and other states banned TikTok on government devices. The AI-powered chatbot, recently launched globally, has rapidly gained popularity reaching millions of users. reads the announcement.

Government

Government Artificial Intelligence Media Data collection

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. In a presentation titled Digital governance for boards and senior executives: AI, cybersecurity, and privacy , she called on her extensive experience advising boards on these areas.

Government

Government Artificial Intelligence Risk Digital transformation

Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together

Security Boulevard

NOVEMBER 25, 2024

A cyber risk assessment is a tool that helps organizations identify and prioritize risks associated with threats that are relevant to their unique environment. The post Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together appeared first on Security Boulevard.

Cyber Risk

Cyber Risk Risk Security Awareness Government

ISACA impressions: AI, risk and resilience feature at the 2025 conference

BH Consulting

APRIL 16, 2025

The ISACA Ireland Chapter Conference on 11 April brought together thought leaders in AI, cybersecurity, auditing, governance, and quantum computing. She spoke passionately about how AI is the most transformative force of our time, reshaping industries, governance models, and the future of cybersecurity.

Risk

Risk Government Ransomware Retail

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

In a nutshell, some criminal groups are exploiting compromised accounts belonging to law enforcement and other government agencies to illicitly forward Emergency Data Requests (EDRs) to major online platforms.

Cybercrime

Cybercrime Social Engineering Accountability Government

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software

Software Risk Artificial Intelligence Cyber Attacks

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

Madhu Shashanka , Chief Data Scientist, Concentric AI Generative AI in 2025 will bring transformative opportunities but heightened cybersecurity risks, including data exposure, AI misuse, and novel threats like prompt injection attacks. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms.

Risk

Risk Threat Detection Technology Phishing

NIST Cybersecurity Framework 2.0

Schneier on Security

MARCH 1, 2024

It also has a new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy. ’s newly added Govern function. . […] The framework’s core is now organized around six key functions: Identify, Protect, Detect, Respond and Recover, along with CSF 2.0’s

Cybersecurity

Cybersecurity Small Business Government Risk

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. government and among the many contractors and vendors that support federal agencies."

Cybersecurity

Cybersecurity Government Marketing Cyber threats

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Its a question of how much risk your organization is willing to take, based on the data you must protect and its long-term value. We recommend using Dr. Michele Moscas theorem of quantum risk against an optimistic vs. pessimistic probability analysis. This is where the concern of harvest now, decrypt later attacks apply.

Encryption

Encryption Financial Services Technology Risk

Nation-State Hackers Exploit Windows Shortcut Zero-Day Vulnerability

SecureWorld News

MARCH 20, 2025

A newly discovered Windows zero-day vulnerability is actively being exploited by nation-state threat actors, raising serious cybersecurity concerns across government, financial, and critical infrastructure sectors. lnk) files. Nearly 1,000 malicious.lnk files exploiting ZDI-CAN-25373 have been identified," the report stated. Who is affected?

Cryptocurrency

Cryptocurrency Telecommunications Government Education

New York Increases Cybersecurity Rules for Financial Companies

Schneier on Security

NOVEMBER 3, 2023

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say.

Cybersecurity

Cybersecurity Government Risk Banking

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Among the key findings: Widespread vulnerabilities: The OIG's passive assessment revealed critical or high-risk vulnerabilities in 97 drinking water systems serving more than 26.6 This is in sharp contrast to adversaries that are organized and managed by a government, rather than commercial and government cooperatives.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

-funded CVE program, a core cybersecurity tool for tracking vulnerabilities, faces funding expiry Wednesday, risking disruption to global security. government funding for MITRE s CVE program , a key global cybersecurity resource for cataloging vulnerabilities, is set to expire Wednesday, risking disruption.

Government

Government Risk Cybersecurity Media

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure. Phishing and Social Engineering: These tactics manipulate individuals to disclose sensitive information.

Technology

Technology Cyber Attacks Government Social Engineering

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The charges result from an investigation conducted by the US government into public companies potentially impacted by the supply chain attack on SolarWinds’ Orion software. The federal securities laws prohibit half-truths, and there is no exception for statements in risk-factor disclosures.”

Hacking

Hacking Risk Cybersecurity Government

TikTok ordered to close Canada offices following “national security review”

Malwarebytes

NOVEMBER 8, 2024

The Government of Canada ordered the TikTok Technology Canada Inc. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s We don’t just report on threats – we help protect your social media Cybersecurity risks should never spread beyond a headline.

Media

Media Identity Theft Government Technology

Australia Threatens to Force Companies to Break Encryption

Schneier on Security

SEPTEMBER 9, 2024

In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption. The Assistance and Access Act includes key components that outline investigatory powers between government and industry.

Encryption

Encryption Computers and Electronics Government Security Intelligence

MY TAKE: The CVE program crisis isn’t over — it’s a wake-up call for cybersecurity’s supply chain

The Last Watchdog

APRIL 16, 2025

The system that underpins vulnerability disclosurethe nervous system of cybersecurity risk managementis showing signs of structural fatigue. The CVE program isnt just a list of numbersits a Rosetta Stone that security teams rely on to identify, prioritize, and communicate risk. Far from it. Cipollones response?

Architecture

Architecture Risk Cybersecurity Internet

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Malwarebytes

APRIL 3, 2025

Not only is Qihoo 360 classified as a Chinese military company in the US, in June 2025 the US government also placed Qihoo 360 on its Entity List, which is a list of companies maintained under the US government’s Export Administration Regulations (EAR).

VPN

VPN Mobile Government Technology

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

DOGE as a National Cyberattack

Trending Sources

On the Catastrophic Risk of AI

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

AI Risks

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Risks of AI

ERM Program Fundamentals for Success in the Banking Industry

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Critical Infrastructure Seeing Benefits of Government Program, CISA Says

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

The Role of Data Governance in Strengthening Enterprise Cybersecurity

Corporate Layoffs Put Company IP at Risk

Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks

A Deep Dive into the Texas Responsible AI Governance Act

News alert: SpyCloud study shows Darknet identity exploitation arising to become a primary cyber risk

IBM Addresses AI, Quantum Security Risks with New Platform

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Elon Musk ’s DOGE team granted ‘full access’ to sensitive Treasury systems. What are the risks?

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Texas is the first state to ban DeepSeek on government devices

How boards can manage digital governance in the age of AI

Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together

ISACA impressions: AI, risk and resilience feature at the 2025 conference

EDR-as-a-Service makes the headlines in the cybercrime landscape

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

NIST Cybersecurity Framework 2.0

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

Nation-State Hackers Exploit Windows Shortcut Zero-Day Vulnerability

New York Increases Cybersecurity Rules for Financial Companies

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

What are the key Threats to Global National Security?

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

TikTok ordered to close Canada offices following “national security review”

Australia Threatens to Force Companies to Break Encryption

MY TAKE: The CVE program crisis isn’t over — it’s a wake-up call for cybersecurity’s supply chain

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Stay Connected