Risk and Technology - Cyber Security Informer

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

OCTOBER 10, 2024

It powers rapid analysis of identity exposures across organizations, VIPs and supply chains, pattern of life analysis, threat actor attribution, insider risk analysis, financial crimes research, and more. To learn more and see insights on your company’s exposed data, users can visit spycloud.com.

Risk

Risk Cybercrime Identity Theft Phishing

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

Australia recently enacted legislation to ban children under 16 from using social media a policy that the Australian government plans to enforce through the use of untested age-verification technology.

Media

Media Risk Artificial Intelligence Government

FBI Raids Chinese Point-of-Sale Giant PAX Technology

Krebs on Security

OCTOBER 26, 2021

federal investigators today raided the Florida offices of PAX Technology , a Chinese provider of point-of-sale devices used by millions of businesses and retailers globally. FBI agents entering PAX Technology offices in Jacksonville today. Headquartered in Shenzhen, China, PAX Technology Inc. organizations. Source: WOKV.com.

Technology

Technology Retail Computers and Electronics Malware

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk

Risk Artificial Intelligence Technology Internet

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

The Last Watchdog

JANUARY 7, 2025

Security Risk Advisors (SRA) is a leading cybersecurity firm dedicated to providing comprehensive security solutions to businesses worldwide. Security Risk Advisors SCALR XDR is both a platform, built on Microsoft Azure and a 247 monitoring service with Microsoft Sentinel. Philadelphia, Pa., Philadelphia, Pa., To learn more: [link].

Risk

Risk Penetration Testing Marketing Technology

News alert: Knocknoc raises seed funding to scale its just-in-time network access control technology

The Last Watchdog

MARCH 19, 2025

” Knocknoc orchestrates network infrastructure to remove risk exposure by tying users’ network access to their SSO authentication status. The post News alert: Knocknoc raises seed funding to scale its just-in-time network access control technology first appeared on The Last Watchdog.

Technology

Technology Media Telecommunications Authentication

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. So, how can you conduct a DLP risk assessment? What is a DLP Risk Assessment? Why Conduct a DLP Risk Assessment? Protecting sensitive data is what cybersecurity is all about.

Risk

Risk Cybersecurity Data breaches Cyber threats

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

The Last Watchdog

MARCH 12, 2025

This new agentic AI solution leverages semantic reasoning to analyze application code and logic in real time, delivering deterministic vulnerability detection, contextual risk prioritization, and automated remediation. Aptoris AI-driven approach goes beyond traditional static analysis. Explore the details at the Aptori AI Security Center.

Risk

Risk Engineering Digital transformation Technology

Existential Risk and the Fermi Paradox

Schneier on Security

DECEMBER 2, 2022

Technology changes the amplitude of the noise. The risks we face today are existential in a way they never have been before. The magnifying effects of technology enable short-term damage to cause long-term planet-wide systemic damage. It’s a “noisy” process. We can’t be sure of that anymore.

Risk

Risk Technology Hacking

Chinese-Made LiDAR Systems a National Security Risk, Think Tank Says

Security Boulevard

DECEMBER 4, 2024

China's growing presence in the global market for LiDAR, a remote sensing technology widely used in defense and commercial system, presents a national security risk for the United States, which already is dealing with intrusions into critical infrastructure networks by China-backed threat groups, according to a reporte.

Risk

Risk Marketing Technology Malware

DORA Compliance: A Practical Guide to Effective Third-Party Risk Management

Responsible Cyber

NOVEMBER 25, 2024

Effective from January 2025, DORA mandates that financial institutions implement robust measures to manage Information and Communication Technology (ICT) risks, with a significant emphasis on Third-Party Risk Management (TPRM).

Risk

Risk Cyber threats Technology Software

Ted Chiang on the Risks of AI

Schneier on Security

MAY 12, 2023

as a broad set of technologies being marketed to companies to help them cut their costs, the question becomes: how do we keep those technologies from working as “capital’s willing executioners”? The question is worth considering across different meanings of the term “A.I.” If you think of A.I. Alternatively, if you imagine A.I.

Risk

Risk Software Technology Marketing

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

MARCH 24, 2025

Expert analysis and the broader cybersecurity context Cybersecurity analysts have long warned that the rapid adoption of cloud technologies can outpace the implementation of necessary security frameworks. Beyond mass data exposure, there are heightened risks of credential compromise, corporate espionage, and potential extortion.

Risk

Risk Passwords Hacking Encryption

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Responsible Cyber

NOVEMBER 23, 2024

However, with every partnership comes potential risk. As networks expand to include third, fourth, and even fifth parties, the complexities of managing these risks multiply. For CCEOs and senior leaders, effective third-party risk management (TPRM) is not just a necessity—it’s a strategic imperative.

Risk

Risk Government Education Technology

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

JULY 20, 2022

And, while today’s commercially-created quantum machines are nowhere near powerful enough to approach quantum supremacy, absolutely nobody knows the true extent of the quantum capabilities of all of the technologically-advanced governments around the world. Clearly, there is a need to act in advance – and acting takes time.

Risk

Risk Encryption Government Artificial Intelligence

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Organizations face rising risks of AI-driven social engineering and personal device breaches. As compute costs decrease, autonomous operations and AI-discovered zero-day exploits loom.

Risk

Risk Threat Detection Technology Phishing

Over-the-Air Vulnerabilities in Advantech EKI Access Points Put Industrial Networks at Risk

Penetration Testing

NOVEMBER 30, 2024

Industrial environments are increasingly relying on wireless technologies to power critical operations.

Risk

Risk Wireless Technology Cybersecurity

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world. Related: Is the Metaverse truly secure?

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Businesses must adopt tools and automation capable of invoking immediate action, even at the risk of false positives. Raising security baselines across industries is essential, with risk mitigationnot acceptancebecoming the standard. Security teams will need to address the unique risks posed using LLMs in mission critical environments.

Cyber threats

Cyber threats CISO IoT Phishing

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Joseph Steinberg

MAY 23, 2024

To read the piece, please see Oversight of the Management of Cybersecurity Risks: The Skill Most Corporate Boards Need, But Don’t Have on Newsweek.com. Earlier today, Newsweek published an op-ed that I wrote on this important topic.

Risk

Risk Cyber Risk Cybersecurity Artificial Intelligence

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

For us in cyber, how do we navigate these new digital threats especially when we layer in the rise of AI and deepfake technologies, and the stakes grow even higher? Deepfake Technology Amplifying Risks: The evolution and democratisation of deepfake technology have blurred the line between reality and fabrication.

Cybersecurity

Cybersecurity Technology Scams Risk

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

IT Security Guru

JANUARY 30, 2025

This heavy reliance on technology, however, makes it an attractive target for hackers seeking to exploit vulnerabilities in trading systems and platforms. So, lets explore how spread betting platforms are rising to this challenge and ensuring that their platforms are cyber risk-free.

Cyber Risk

Cyber Risk Risk Penetration Testing Accountability

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Its a question of how much risk your organization is willing to take, based on the data you must protect and its long-term value. We recommend using Dr. Michele Moscas theorem of quantum risk against an optimistic vs. pessimistic probability analysis. This is where the concern of harvest now, decrypt later attacks apply.

Encryption

Encryption Financial Services Technology Risk

ChatGPT: Hopes, Dreams, Cheating and Cybersecurity

Lohrman on Security

JANUARY 29, 2023

So what are the opportunities and risks with using this technology across different domains? ChatGPT is an AI-powered chatbot created by OpenAI.

Cybersecurity

Cybersecurity Technology Risk

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

JULY 8, 2021

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage.

Insurance

Insurance Cyber Insurance Cybersecurity Small Business

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. There was another warning from the U.S.

Software

Software Risk Artificial Intelligence Cyber Attacks

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

As small businesses increasingly depend on digital technologies to operate and grow, the risks associated with cyber threats also escalate. INE Security recommends establishing a routine for updating and patching software, which can significantly reduce the risk of a breach. Cary, NC, Oct.

Small Business

Small Business Data breaches Backups Passwords

News alert: SecPod launches ‘Saner Cloud’ — CNAPP platform for real-time, automated security

The Last Watchdog

MARCH 19, 2025

Saner Cloud is designed to address these challenges by providing a unified security platform that continuously detects, prioritizes, and remediates vulnerabilities, misconfigurations, identity risks, and compliance violationsautomatically and in real time. Cloud security has long been reactivedetecting risks but failing to fix them.

Cyber threats

Cyber threats Risk Technology Media

PwC Survey Surfaces Lack of Focus on Cyber Resiliency

Security Boulevard

OCTOBER 28, 2024

A global survey of 4,042 business and technology executives suggests that much work remains to be done to ensure the cyber resiliency of organizations and prioritize how resources are allocated based on the actual risk cybersecurity threats represent.

Technology

Technology Risk Cybersecurity Security Awareness

Top Cybersecurity Trends to Watch Out For in 2025

Centraleyes

DECEMBER 16, 2024

As we approach 2025, the cybersecurity landscape is evolving rapidly, shaped by technological advancements, regulatory shifts, and emerging threats. Tools like ChatGPT and Bard, powered by large language models, showcase how generative AI transforms business processesbut they also pose new risks. The challenge?

Cybersecurity

Cybersecurity Insurance Cyber Insurance Technology

Obligatory ChatGPT Post

Schneier on Security

DECEMBER 13, 2022

As with any new technology, the development and deployment of ChatGPT is likely to have a significant impact on the field of cybersecurity. In many ways, ChatGPT and other AI technologies hold great promise for improving the ability of organizations and individuals to defend against cyber threats.

Cyber threats

Cyber threats Technology Risk Cybersecurity

AI tool GeoSpy analyzes images and identifies locations in seconds

Malwarebytes

JANUARY 21, 2025

Graylark Technologies who makes GeoSpy says its been developed for government and law enforcement. But the investigative journalists from 404 Media report thatthe tool has also been used for months by members of the public, with many making videos marveling at the technology, and some asking for help with stalking specific women.

Media

Media Artificial Intelligence Identity Theft Surveillance

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

As technology advances, so do the methods and motivations of those who seek to disrupt global stability. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure. In today’s interconnected world, national security concerns have evolved beyond traditional military threats.

Technology

Technology Cyber Attacks Government Social Engineering

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Among the key findings: Widespread vulnerabilities: The OIG's passive assessment revealed critical or high-risk vulnerabilities in 97 drinking water systems serving more than 26.6 Invest in security technology: Utilize advanced security technologies to protect critical infrastructure and data. million people.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

Another Event-Related Spyware App

Schneier on Security

NOVEMBER 15, 2022

But it risks giving the Egyptian government permission to read users’ emails and messages. The app also provides Egypt’s Ministry of Communications and Information Technology, which created it, with other so-called backdoor privileges, or the ability to scan people’s devices.

Spyware

Spyware Technology Encryption Government

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

A long supply chain adds third-party risks, as each partner’s security affects your own, making identity and access management more challenging. And therein lies the problem: Your enterprise could be at risk if their credentials are unsafe. So, what’s a bit of increased risk where usernames and passwords are concerned?

B2B

B2B Cybersecurity Risk Identity Theft

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

SecureWorld News

OCTOBER 23, 2024

Check Point Software Technologies Ltd., The SEC charged the companies with "materially misleading disclosures regarding cybersecurity risks and intrusions." The SEC further noted that Unisys lacked proper internal controls to ensure accurate and timely reporting of such high-risk incidents. Check Point Software Technologies Ltd.

Cybersecurity

Cybersecurity Risk Hacking Software

NIST Is Updating Its Cybersecurity Framework

Schneier on Security

JANUARY 30, 2023

Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)? Do the proposed changes support different use cases in various sectors, types, and sizes of organizations (and with varied capabilities, resources, and technologies)? Are the proposed changes sufficient and appropriate?

Cybersecurity

Cybersecurity Technology Risk

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

“COVID-19 extended the life of these companies and technologies, and that’s unfortunate.” “They sold so many VPNs through the pandemic and this is the hangover,” Gray said.

Risk

Risk VPN Internet Internet

On Robots Killing People

Schneier on Security

SEPTEMBER 11, 2023

It wasn’t until the American Society of Mechanical Engineers demanded risk analysis and transparency that dangers from these huge tanks of boiling water, once considered mystifying, were made easily understandable. Fatalities in the first decades of aviation forced regulation, which required new developments in both law and technology.

Artificial Intelligence

Artificial Intelligence Technology Risk Government

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. As such, analysts are hit with a deluge of low-quality alerts, increasing the risk of missing genuine threats. But it doesn’t have to be this way.

Artificial Intelligence

Artificial Intelligence Data collection Cybersecurity Risk

NSA AI Security Center

Schneier on Security

OCTOBER 2, 2023

The NSA is starting a new artificial intelligence security center: The AI security center’s establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge with immense transformative potential for both good and evil.

Artificial Intelligence

Artificial Intelligence Technology Risk Cybersecurity

AI Mistakes Are Very Different from Human Mistakes

Schneier on Security

JANUARY 21, 2025

Technologies like large language models (LLMs) can perform many cognitive tasks traditionally fulfilled by humans, but they make plenty of mistakes. Much of the friction—and risk—associated with our use of AI arise from that difference. It seems ridiculous when chatbots tell you to eat rocks or add glue to pizza.

Social Engineering

Social Engineering Engineering Technology Risk

Building Trustworthy AI

Schneier on Security

MAY 11, 2023

This means, at a minimum, the technology needs to be transparent. The problem isn’t the technology—that’s advancing faster than even the experts had guessed —it’s who owns it. Today’s AIs are primarily created and run by large technology companies, for their benefit and profit.

Artificial Intelligence

Artificial Intelligence Computers and Electronics Risk Technology

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Trending Sources

FBI Raids Chinese Point-of-Sale Giant PAX Technology

On the Catastrophic Risk of AI

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

News alert: Knocknoc raises seed funding to scale its just-in-time network access control technology

From Risk Assessment to Action: Improving Your DLP Response

News alert: Aptori’s AI-driven platform reduces risk, ensures compliance — now on Google Marketplace

Existential Risk and the Fermi Paradox

Chinese-Made LiDAR Systems a National Security Risk, Think Tank Says

DORA Compliance: A Practical Guide to Effective Third-Party Risk Management

Ted Chiang on the Risks of AI

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

Over-the-Air Vulnerabilities in Advantech EKI Access Points Put Industrial Networks at Risk

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

How Spread Betting Platforms Safeguard Traders Against Cyber Risks

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

ChatGPT: Hopes, Dreams, Cheating and Cybersecurity

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

News alert: SecPod launches ‘Saner Cloud’ — CNAPP platform for real-time, automated security

PwC Survey Surfaces Lack of Focus on Cyber Resiliency

Top Cybersecurity Trends to Watch Out For in 2025

Obligatory ChatGPT Post

AI tool GeoSpy analyzes images and identifies locations in seconds

What are the key Threats to Global National Security?

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

Another Event-Related Spyware App

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

SEC Fines Four Companies $7M for Misleading Cybersecurity Disclosures

NIST Is Updating Its Cybersecurity Framework

CISA Order Highlights Persistent Risk at Network Edge

On Robots Killing People

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

NSA AI Security Center

AI Mistakes Are Very Different from Human Mistakes

Building Trustworthy AI

Stay Connected