Government, Risk and Technology - Cyber Security Informer

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

Australia recently enacted legislation to ban children under 16 from using social media a policy that the Australian government plans to enforce through the use of untested age-verification technology.

Media

Media Risk Artificial Intelligence Government

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The US government deserves considerable blame, of course, for its inadequate cyberdefense. Who is at fault?

Risk

Risk Government Marketing Software

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk

Risk Artificial Intelligence Technology Internet

AI Risks

Schneier on Security

OCTOBER 9, 2023

Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. Some are concerned about far-future risks that sound like science fiction. AI could destroy humanity or pose a risk on par with nukes.

Risk

Risk Artificial Intelligence Technology Surveillance

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. .” broadband providers.

Government

Government Telecommunications Surveillance Risk

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

SecureWorld News

FEBRUARY 6, 2025

Representatives Josh Gottheimer (D-NJ) and Darin LaHood (R-IL) introduced the bipartisan No DeepSeek on Government Devices Act, seeking to prohibit federal employees from using the AI-powered application DeepSeek on government-issued devices. Federal Communications Commission (FCC) for security concerns. For the U.S. For the U.S.

Government

Government Artificial Intelligence Data privacy Mobile

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government

Government Cybersecurity Risk CISO

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. .” broadband providers.

Government

Government Telecommunications Surveillance Risk

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Responsible Cyber

NOVEMBER 23, 2024

However, with every partnership comes potential risk. As networks expand to include third, fourth, and even fifth parties, the complexities of managing these risks multiply. For CCEOs and senior leaders, effective third-party risk management (TPRM) is not just a necessity—it’s a strategic imperative.

Risk

Risk Government Education Technology

Best Practices for Hospitals To Manage Risks To CyberSecurity Created By Medical Technology And Information Systems: A Webinar With The CIA’s Former CyberSecurity Director And The Top CyberSecurity Columnist

Joseph Steinberg

OCTOBER 12, 2022

Join Bonnie Stith, former Director of the CIA’s Center for Cyber Intelligence , and and Joseph Steinberg, renowned cybersecurity expert witness and columnist , for a special, free educational webinar, Best Practices for Asset Risk Management in Hospitals. The discussion will cover: * How IT asset risks have evolved.

Cybersecurity

Cybersecurity Technology Risk Artificial Intelligence

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

JULY 20, 2022

And, while today’s commercially-created quantum machines are nowhere near powerful enough to approach quantum supremacy, absolutely nobody knows the true extent of the quantum capabilities of all of the technologically-advanced governments around the world. Clearly, there is a need to act in advance – and acting takes time.

Risk

Risk Encryption Government Artificial Intelligence

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. As compute costs decrease, autonomous operations and AI-discovered zero-day exploits loom.

Risk

Risk Threat Detection Technology Phishing

A Deep Dive into the Texas Responsible AI Governance Act

SecureWorld News

NOVEMBER 4, 2024

Enter the Texas Responsible AI Governance Act, or TRAIGA, with Texas's unique style of doing business—balancing innovation with accountability, consumer empowerment, and a good ol' dash of no-nonsense enforcement. These are labeled "High-Risk AI Systems" (HRAIS). if they (1) put their name or trademark on a high-risk AI system.(2)

Artificial Intelligence

Artificial Intelligence Government Small Business Risk

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Its a question of how much risk your organization is willing to take, based on the data you must protect and its long-term value. We recommend using Dr. Michele Moscas theorem of quantum risk against an optimistic vs. pessimistic probability analysis. This is where the concern of harvest now, decrypt later attacks apply.

Encryption

Encryption Financial Services Technology Risk

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

As technology advances, so do the methods and motivations of those who seek to disrupt global stability. Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure.

Technology

Technology Cyber Attacks Government Social Engineering

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

For us in cyber, how do we navigate these new digital threats especially when we layer in the rise of AI and deepfake technologies, and the stakes grow even higher? Deepfake Technology Amplifying Risks: The evolution and democratisation of deepfake technology have blurred the line between reality and fabrication.

Cybersecurity

Cybersecurity Technology Scams Risk

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

If there is one statistic that sums up the increasing pace of technological change, it might well be this. This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. The Data Governance Act creates a framework to facilitate trustworthy data sharing across the EU.

Government

Government Artificial Intelligence Risk Digital transformation

Another Event-Related Spyware App

Schneier on Security

NOVEMBER 15, 2022

But it risks giving the Egyptian government permission to read users’ emails and messages. The app also provides Egypt’s Ministry of Communications and Information Technology, which created it, with other so-called backdoor privileges, or the ability to scan people’s devices.

Spyware

Spyware Technology Encryption Government

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Among the key findings: Widespread vulnerabilities: The OIG's passive assessment revealed critical or high-risk vulnerabilities in 97 drinking water systems serving more than 26.6 Invest in security technology: Utilize advanced security technologies to protect critical infrastructure and data. million people.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

JULY 8, 2021

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage. Cyberattacks can even kill businesses.

Insurance

Insurance Cyber Insurance Cybersecurity Small Business

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

An analysis of their technology infrastructure shows that all of these exchanges use Russian email providers, and most are directly hosted in Russia or by Russia-backed ISPs with infrastructure in Europe (e.g. A machine-translated version of Flymoney, one of dozens of cryptocurrency exchanges apparently nested at Cryptomus.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

AI tool GeoSpy analyzes images and identifies locations in seconds

Malwarebytes

JANUARY 21, 2025

Graylark Technologies who makes GeoSpy says its been developed for government and law enforcement. But the investigative journalists from 404 Media report thatthe tool has also been used for months by members of the public, with many making videos marveling at the technology, and some asking for help with stalking specific women.

Media

Media Artificial Intelligence Identity Theft Surveillance

EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future

eSecurity Planet

APRIL 3, 2025

This platform will allow European manufacturers to securely report cyber vulnerabilities, helping governments and businesses respond quickly to threats before they become full-blown attacks. Tech sovereignty: Reducing dependence on external players A major motivation behind this investment is to reduce Europes reliance on foreign technology.

Cybersecurity

Cybersecurity Artificial Intelligence Government Technology

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. National Institute of Standards and Technology (NIST) guidelines.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. There was another warning from the U.S.

Software

Software Risk Artificial Intelligence Cyber Attacks

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

Joseph Steinberg

NOVEMBER 17, 2021

He is also the inventor of several information-security technologies widely used today; his work is cited in over 500 published patents. He frequently serves as a cybersecurity expert witness , advises businesses and governments on information security matters, and has amassed millions of readers as a regular columnist for Forbes and Inc.

Cybersecurity

Cybersecurity Artificial Intelligence Government Information Security

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Malwarebytes

APRIL 3, 2025

Chinese company 360 Security Technology, also known as Qihoo 360, purchased Lemon Seed, according to its 2019 annual report. The Entity List identifies entities that the US believes pose a risk to its national security. Both use language lifted directly from Chinese privacy regulations.

VPN

VPN Mobile Government Technology

TikTok ordered to close Canada offices following “national security review”

Malwarebytes

NOVEMBER 8, 2024

The Government of Canada ordered the TikTok Technology Canada Inc. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s s operations in Canada through the establishment of TikTok Technology Canada, Inc.

Media

Media Identity Theft Government Technology

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

SecureWorld News

JANUARY 8, 2025

From baby monitors to home security systems, these IoT products have become integral to daily life, yet they also present significant cybersecurity risks. National Institute of Standards and Technology (NIST) and certified by accredited labs. A shield of confidence for consumers The U.S. A model for cybersecurity progress The U.S.

IoT

IoT Manufacturing Government Cybersecurity

Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk”

Penetration Testing

FEBRUARY 23, 2025

The Australian Government has issued a new directive banning the use of Kaspersky Lab products and web services The post Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk” appeared first on Cybersecurity News.

Government

Government Risk Cybersecurity Technology

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. The challenge?

Cybersecurity

Cybersecurity Insurance Cyber Insurance Risk

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “COVID-19 extended the life of these companies and technologies, and that’s unfortunate.”

Risk

Risk VPN Internet Internet

Australia Threatens to Force Companies to Break Encryption

Schneier on Security

SEPTEMBER 9, 2024

In 2018, Australia passed the Assistance and Access Act, which—among other things—gave the government the power to force companies to break their own encryption. The Assistance and Access Act includes key components that outline investigatory powers between government and industry.

Encryption

Encryption Computers and Electronics Government Security Intelligence

How Outsourcing Cybersecurity Crashed the World’s IT: A Webinar With Columbia University Faculty

Joseph Steinberg

JULY 23, 2024

million devices running Microsoft Windows, disrupting air travel, hospitals, governments, and business operations around the world. On July 19th, 2024, a faulty software update issued by the cybersecurity firm, CrowdStrike, took down over 8.5 The discussion will take place via Zoom at Noon US Eastern, tomorrow, Wednesday, July 24th.

Artificial Intelligence

Artificial Intelligence Cybersecurity Government Technology

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. And therein lies the problem: Your enterprise could be at risk if their credentials are unsafe. So, what’s a bit of increased risk where usernames and passwords are concerned?

B2B

B2B Cybersecurity Risk Identity Theft

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

The Last Watchdog

JANUARY 7, 2025

These technologies bypass signature-based defenses and mimic legitimate behavior, making detection more challenging. This incident highlights three key risks of AI-driven attacks: Sophistication: AI allows attacks to evolve in real-time, rendering static defenses obsolete.

Threat Detection

Threat Detection Engineering Malware Artificial Intelligence

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

SecureList

MARCH 25, 2025

In mid-March 2025, Kaspersky technologies detected a wave of infections by previously unknown and highly sophisticated malware. However, Kaspersky’s exploit detection and protection technologies successfully identified the zero-day exploit that was used to escape Google Chrome’s sandbox.

Malware

Malware Education Technology Media

How threat actors can use generative artificial intelligence?

Security Affairs

DECEMBER 1, 2024

The increasing sophistication of these technologies has made it harder than ever to distinguish real content from fake. A study by the Massachusetts Institute of Technology (MIT) presented in 2019 revealed that deepfakes generated by AI could deceive humans up to 60% of the time. As the technology evolves, so will its misuse.

Artificial Intelligence

Artificial Intelligence Phishing Media Cyber threats

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

Check Point Software Technologies Ltd., The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." The SEC further noted that Unisys lacked proper internal controls to ensure accurate and timely reporting of such high-risk incidents. Check Point Software Technologies Ltd.

Cybersecurity

Cybersecurity Risk Hacking Software

Ten Ways AI Will Change Democracy

Schneier on Security

NOVEMBER 13, 2023

Democracy, and the systems of governance that surround it, will be no exception. Some items on my list are still speculative, but none require science-fictional levels of technological advance. We don’t know how long this will continue, but my bet is on continued major technological advances in the coming years.

Artificial Intelligence

Artificial Intelligence Technology Government Education

Quantum Threats and How to Protect Your Data

SecureWorld News

DECEMBER 8, 2024

It is essential to understand the risks posed by quantum computing, as future advancements could compromise today's encrypted data, opening new opportunities for threat actors. Current efforts to address quantum threats Recognizing these risks, organizations and governments are developing quantum-resistant cryptographic methods.

Encryption

Encryption Firewall Education Firmware

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Security Affairs

DECEMBER 4, 2024

The government agencies released a guide that advises telecom and critical infrastructure defenders on best practices to strengthen network security against PRC-linked and other cyber threats. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures.

Telecommunications

Telecommunications Government Mobile Cyber threats

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

National Security Risks of Late-Stage Capitalism

Trending Sources

On the Catastrophic Risk of AI

AI Risks

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Best Practices for Hospitals To Manage Risks To CyberSecurity Created By Medical Technology And Information Systems: A Webinar With The CIA’s Former CyberSecurity Director And The Top CyberSecurity Columnist

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

A Deep Dive into the Texas Responsible AI Governance Act

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

What are the key Threats to Global National Security?

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

How boards can manage digital governance in the age of AI

Another Event-Related Spyware App

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

How Cryptocurrency Turns to Cash in Russian Banks

AI tool GeoSpy analyzes images and identifies locations in seconds

EU Pumps €1.3 Billion into Cybersecurity, AI, and Digital Skills to Fortify Europe’s Tech Future

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

Popular VPNs are routing traffic via Chinese companies, including one with link to military

TikTok ordered to close Canada offices following “national security review”

Understanding the U.S. Cyber Trust Mark: A New Era for IoT Security

Australia Bans Kaspersky Products from Government Systems, Citing “Unacceptable Security Risk”

Top Cybersecurity Trends to Watch Out For in 2025

CISA Order Highlights Persistent Risk at Network Edge

Australia Threatens to Force Companies to Break Encryption

How Outsourcing Cybersecurity Crashed the World’s IT: A Webinar With Columbia University Faculty

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes

Operation ForumTroll: APT attack with Google Chrome zero-day exploit chain

How threat actors can use generative artificial intelligence?

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

Ten Ways AI Will Change Democracy

Quantum Threats and How to Protect Your Data

Australia, Canada, New Zealand, and the U.S. warn of PRC-linked cyber espionage targeting telecom networks

Stay Connected