Discovering a cyberattack requires combining people, processes, and technology. A proper detection system is needed to sound the alarm, but people with the right skills must react to the emergency.
Read more...
The EU's Digital Operational Resiliency Act (DORA) went live in January. This legislation's goals seem to conflict with the US administration’s willingness to ignore technology security standards. The question is: Who will stand up to protect corporate and consumer data?
DORA is highly targeted at the stability and resilience of the financial services sector. It ensures financial institutions can respond to, withstand, and recover from ICT-related threats and disruptions. It also requires robust strategies and policies to manage ICT risks in financial institutions.
Arnaud Treps, chief information security officer at Odaseva, said, “DORA is very different from previous regulation where you have to change where you operate. DORA is about having proper backups, the capability to restore quickly, and building redundancy.”
Europe takes the lead
But does the US rejecting data privacy regulation mean walling America off from the rest of the world? Meta has threatened to potentially limit
You must be a Free member to access this content.
An independent threat intelligence team warned the Treasury Department that representatives of Elon Musk's Department of Government Efficiency was a significant “insider threat.” The warning made the problem of insider threats a new worry for US citizens, sparking multiple discussions on social media. It also made a new case for technology that defended against the threat.
Insider threats are not the most common form of security weakness, but they are the hardest to defend against. Even if a company successfully screens out potential bad actors in the hiring process, they have to make sure who they hired is who shows up to get their security badge. And if they get past those two processes, there’s always the possibility of an unbalanced or angry employee bringing a firearm into the office to commit mayhem. Luckily there are technologies in place, such as advanced detection and response, identification validation, and AI-driven weapons detection available in the market.
Identifying the threat
According to the Verizon Data Breach Investigation report for 2024, 80 percent of breaches are based on social engineering and phishing making them the top attack vectors. However, the report said that 32 percent of breaches involving an insider are considered malicious. That is a cause for significant concern when hiring new workers. Identifying a potential threat is easier than repairing the damage it causes later.
MFA technologies are now under significant pressure from threat actors, who are using highly sophisticated – and successful – strategies to circumvent what was once considered to be effective protection. Here's what you can do.
You must be a Free member to access this content.
With the Internet of Things (IoT) expected to reach 55.7 billion devices next year, the scale and complexity of cyber threats have grown at an alarming rate. Many of these environments rely on outdated operational technology (OT) and devices with minimal defenses, making them highly vulnerable to attack and infiltration.
You must be a Free member to access this content.
Significant transformations in the use of AI in threat detection, threat intelligence, and automated response/remediation will reshape the tools, strategies, and collaborative efforts used in combating sophisticated threat actors and their AI-powered attacks.
Read more...
Quantum computing could potentially break current encryption methods, leading to a surge in research into quantum-safe cryptography, but will theymore
Read more...
Alert fatigue poses a risk. It sees the security analyst overwhelmed with incidents, on top of which they’re expected to………more...
You must be a Free member to access this content.
Generative artificial intelligence (GenAI) represents the latest technological shift, with significant implications for cybersecurity. However, 96% of executives believe that integrating GenAI increases the risk of a security breach within the next three years.
There has been a lot of debate regarding the imposition of moderation on social media and whether that constitutes censorship and violations of the right to free speech. That argument is specious at best. Offending content on commercial social media is removed only when it negates profitability.
Most humans moderate their speech. Sometimes we think about impulsively speaking in reaction to something that incites strong emotions. People who do not react have what is called, “self-control”. Some people don’t have that filter (I’m looking at you, Elon) and blurt out offensive, nonfactual, or dishonest responses. Sometimes they aren’t atypical, they are just selfish people without manners (still looking at you Elon). Moderation of your speech is just a civilized attitude.
Profit motive
When it comes to social media, however, especially for-profit social media, the primary factor is profit. That has been the guiding principle of all social media moderation.
Read more...