Cybersecurity - Cyber Security Informer

Roger Grimes on Prioritizing Cybersecurity Advice

Schneier on Security

OCTOBER 31, 2024

For example, we are often given a cybersecurity guideline (e.g., The catch is: There are two recommendations that WILL DO MORE THAN ALL THE REST ADDED TOGETHER TO REDUCE CYBERSECURITY RISK most efficiently: patching and using multifactor authentication (MFA). PCI-DSS, HIPAA, SOX, NIST, etc.) with hundreds of recommendations.

Cybersecurity

Cybersecurity Risk Authentication

Women in Cybersecurity & IWD: Why I’m Done!

Jane Frankland

MARCH 8, 2025

For nearly a decade, we’ve heard the same discussion in cybersecurity circles about the gender diversity problem. Yet here we are, in 2025, and the percentage of women in cybersecurity remains stagnantor worse, is backtracking. Meanwhile, cybersecurity job vacancies are skyrocketing. It’s utter madness.

Cybersecurity

Cybersecurity Penetration Testing Accountability Cyber Risk

CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025

Joseph Steinberg

MARCH 11, 2025

During the upcoming Summer 2025 semester, cybersecurity expert Joseph Steinberg will once again lecture at Columbia University. The post CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025 appeared first on Joseph Steinberg: CyberSecurity Expert Witness, Privacy, Artificial Intelligence (AI) Advisor.

Artificial Intelligence

Artificial Intelligence Cybersecurity Technology

BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From “Me” In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States

Joseph Steinberg

JANUARY 31, 2025

The post BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From Me In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States appeared first on Joseph Steinberg: CyberSecurity Expert Witness, Privacy, Artificial Intelligence (AI) Advisor.

Artificial Intelligence

Artificial Intelligence Cybersecurity Scams

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely.

Cybersecurity

Cybersecurity Lessons from Covid19

Adam Shostack

JANUARY 2, 2025

What can Cybersecurity learn from the covid pandemic? COVID-19 offers an opportunity and call to action for cybersecurity professionals, policy makers, and the public to think about preparation and response to catastrophic digital threats. Join us for a provocative exploration on Thursday!

Cybersecurity

Cybersecurity Cyber threats Technology

Lessons for Cybersecurity from the American Public Health System

Adam Shostack

JANUARY 16, 2025

The white papers attempt to portray a comprehensive picture of the computing research field detailing potential research directions, challenges, and recommendations.

Cybersecurity

Cybersecurity Government

Cybersecurity Resolutions for 2025

IT Security Guru

JANUARY 9, 2025

Resolution #1: Adopt a Proactive Approach to Cybersecurity to Combat AI-Driven Attacks Adopt a proactive approach to cybersecurity that integrates advanced defence mechanisms with fundamental best practices to mitigate and combat AI-driven attacks. This will require expertise in cryptography, IT infrastructure and cybersecurity.

Cybersecurity

Cybersecurity Cyber threats Architecture Digital transformation

Is Cybersecurity Awareness Month Worth the Money?

Adam Shostack

JANUARY 2, 2025

As we wrap up another cybersecurity awareness month, Id like to ask: Is it worth the money and effort? Cybersecurity awareness month was invented by Microsofts marketing department, and it now absorbs a huge amount of time and energy: Time from corporate cybersecurity teams to create and execute marketing campaigns.

Cybersecurity

Cybersecurity Marketing Information Security

IT Leadership Agrees AI is Here, but Now What?

As AI evolves, enhanced cybersecurity and hiring challenges grow. IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

How to Build Your Cybersecurity Talent Stack

SecureWorld News

JANUARY 13, 2025

A career in cybersecurity isn't about mastering one skillit's about layering complementary skills that make you versatile and invaluable. In cybersecurity, that means layering foundational knowledge with technical expertise, soft skills, and specialized abilities that align with your career goals. That's the power of a talent stack.

Cybersecurity

Cybersecurity DNS Threat Detection Software

American Water Shuts Down Services After Cybersecurity Breach

eSecurity Planet

OCTOBER 15, 2024

The American Water cyber breach has sparked conversations about the importance of cybersecurity in safeguarding essential services and the growing frequency of cyber threats targeting public utilities. Train Employees in Cybersecurity Best Practices Phishing awareness: Many cyberattacks begin with phishing emails.

Cybersecurity

Cybersecurity Penetration Testing Cyber threats Firewall

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

NOVEMBER 11, 2024

However, before we get too carried away, it is crucial to explore the symbiotic relationship between AR and cybersecurity. This is primarily because AR is still relatively new and a rapidly evolving technology, which ultimately means that it is bound to bring about unprecedented opportunities, challenges, and even risks to cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Technology Threat Detection

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

SecureWorld News

JANUARY 7, 2025

Cybersecurity in today's world is akin to the enchanted realms of fairy tales, where threats lurk in dark digital forests and heroes wield keyboards instead of swords. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity. Welcome to SecureWorld's theme for 2025: Once Upon a Time in Cybersecurity.

Cybersecurity

Cybersecurity Social Engineering Phishing Engineering

Zero Trust Mandate: The Realities, Requirements and Roadmap

and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines. Join us and learn how to better advise your agency clients on strategy, architect Zero Trust solutions, and win more cybersecurity business!

Cybersecurity

How Cybersecurity Training Must Adapt to a New Era of Threats

Security Boulevard

NOVEMBER 5, 2024

The post How Cybersecurity Training Must Adapt to a New Era of Threats appeared first on Security Boulevard. We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever.

Cybersecurity

Cybersecurity Security Awareness

From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions

Security Boulevard

JANUARY 9, 2025

Here are some likely predictions across cybersecurity, GenAI and innovation, and defensive cyber. The post From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions appeared first on Security Boulevard. What to expect in 2025 and beyond, into the future.

Cybersecurity

Cybersecurity Threat Detection Security Awareness Risk

How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast

Adam Shostack

FEBRUARY 20, 2025

Adam was on the Medical Device Cybersecurity podcast Im excited to share that I recently spoke with the Cyber Doctor on the Medical Device Cybersecurity podcast! Whether youre an engineer, security professional, or product leader, this discussion may help you refine your approach to building secure systems efficiently.

Cybersecurity

Cybersecurity Engineering

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

While this might protect our mental bandwidth, and in some cases help us avoid hacking attempts via exhaustion tactics, it also has unintended consequenceswhen it comes to cybersecurity. While skepticism is healthy, excessive distrust can lead to the dismissal of genuine outreach or important instructionsundermining cybersecurity efforts.

Cybersecurity

Cybersecurity Technology Scams Risk

5 Key Findings From the 2023 FBI Internet Crime Report

In this eBook, we will look at the 2023 report and explore the most important cybersecurity stats and how to prevent them. The annual FBI Crime Report provides detailed statistics on crime at the national, state, and local levels.

Identity Theft

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

SecureWorld News

DECEMBER 5, 2024

billion signals a significant shift in how global financial institutions are approaching cybersecurity. Thus, it's clear that even the traditional "big players" are paying attention to AI, its effect on cybersecurity, and the changing security landscape. MasterCard's September 2024 acquisition of Recorded Future for $2.65

Cybersecurity

Cybersecurity Threat Detection Financial Services Cyber threats

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

OT Cybersecurity and the Evolving Role of Controls Engineers

SecureWorld News

JANUARY 23, 2025

Industrial automation and operational technology (OT) are at a critical intersection where cybersecurity is not a "nice to have" but an essential component of system design and implementation. On the other hand, many believe that a foundational understanding of controls engineering is essential to being a competent OT cybersecurity engineer.

Engineering

Engineering Cybersecurity Manufacturing Firewall

4 Tips to Fortify the Human Element in Your Cybersecurity Posture

Security Boulevard

JANUARY 6, 2025

Four actionable tips that will enable you to enhance the human element of your cybersecurity posture, transforming potential vulnerabilities into robust defenses. The post 4 Tips to Fortify the Human Element in Your Cybersecurity Posture appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Cyber threats Security Awareness

Cybersecurity Predictions for 2024

We’ve recently looked back at what happened within cybersecurity in 2023. In this eBook—with some guidance from the Google Cloud Cybersecurity Forecast 2024—we will delve into some of the most anticipated trends, threats, and cutting-edge solutions that are set to define the cybersecurity landscape in the months ahead.

Cybersecurity

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

Richard Staynings is a renowned thought leader, author, public speaker, and advocate for improved cybersecurity across the Healthcare and Life Sciences industry. He has served on various industry and international cybersecurity committees and presented or lectured on cybersecurity themes or concerns all over the world.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

The Last Watchdog

DECEMBER 4, 2024

4, 2024 –A majority of senior cybersecurity professionals at the UK’s largest organisations struggle with feelings of helplessness and professional despair, new research by Green Raven Limited indicates. Cheltenham, England, Dec. Almost three-quarters say they would consider a major breach as a personal failure. •59%

Cybersecurity

Cybersecurity Cyber threats Risk CISO

Google's AI Trends Report: Key Insights and Cybersecurity Implications

SecureWorld News

FEBRUARY 25, 2025

Artificial intelligence (AI) is transforming industries at an unprecedented pace, and its impact on cybersecurity is no exception. From automating cybersecurity defenses to combatting adversarial AI threats, the report underscores both the power and pitfalls of AI-driven security.

Cybersecurity

Cybersecurity Social Engineering Artificial Intelligence Cyber threats

Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025

Security Boulevard

JANUARY 10, 2025

The post Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025 appeared first on Security Boulevard. According to a Netskope report, phishing attacks surged in 2024, with enterprise employees clicking on phishing links at a rate nearly three times higher than in 2023. The study found phishing campaigns have evolved.

Phishing

Phishing Risk Cybersecurity Security Awareness

Bringing the Cybersecurity Imperative Into Focus

This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Tech leaders today are facing shrinking budgets and investment concerns. Download today to learn more!

Cybersecurity

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

Cybersecurity threats against federal contractors are escalating, with adversaries continuously seeking vulnerabilities within governmental supply chains. This legislation, which has garnered strong bipartisan support, represents a crucial step in reinforcing the nation's cybersecurity posture. government. government.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

AI Cybersecurity Firm Raises $100 Million to Strengthen National Security

eSecurity Planet

FEBRUARY 18, 2025

Dream, an AI cybersecurity startup, has raised $100 million in a Series B funding round led by Bain Capital Ventures to bolster its mission of defending nations and critical infrastructure from cyber threats. The post AI Cybersecurity Firm Raises $100 Million to Strengthen National Security appeared first on eSecurity Planet.

Cybersecurity

Cybersecurity Cyber threats Government Data privacy

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

SecureWorld News

MARCH 13, 2025

The rapid advancement of generative AI has brought both innovation and concern to the cybersecurity landscape. The report concludes that "while DeepSeek R1 does not instantly generate fully functional malware, its ability to produce semi-functional code should be a wake-up call for the cybersecurity industry."

Malware

Malware Cybersecurity Cyber threats Threat Detection

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Security Affairs

OCTOBER 28, 2024

If you want a digital presence that will be around for the next ten years, scalability, growth, and digitization need to be tempered with a healthy dose of credential-centered cybersecurity. Zero Trust is a comprehensive security framework that fundamentally changes how organizations approach cybersecurity.

B2B

B2B Cybersecurity Risk Identity Theft

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Today’s technology leaders play a more strategic role in establishing cybersecurity strategy for their organizations. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?”

Cybersecurity

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury’s OFAC sanctioned a Chinese cybersecurity firm and a Shanghai cyber actor for ties to Salt Typhoon and a federal agency breach. Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. telecommunication and internet service providers.

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

If I Had to Start Over in Cybersecurity, Here's What I'd Do Differently

SecureWorld News

MARCH 11, 2025

I didn't take the "traditional" path into cybersecurity, because when I started, there wasn't one. What I'd do differently Define my long-term cybersecurity career path early (offensive, defensive, leadership?) Skip the degree (unless you absolutely need it) I have a degree, but let me be blunt: it didn't get me into cybersecurity.

Cybersecurity

Cybersecurity CISO Risk Government

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities. The utility of these vulnerabilities declines over time as more systems are patched or replaced.

Cybersecurity

Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help

Webroot

JANUARY 13, 2025

For Managed Service Providers (MSPs), offering customers 24/7 cybersecurity protection and response isnt just a competitive advantageits an essential service for business continuity, customer trust, and staying ahead of attackers. Providing 24/7 cybersecurity protection is no easy task for MSPs.

Cybersecurity

Cybersecurity Cyber threats Artificial Intelligence Cybercrime

Beware of Pixels & Trackers on U.S. Healthcare Websites

This report offers insights for cybersecurity, compliance, and privacy executives at healthcare organizations, as well as for policymakers and auditors.

Healthcare

Best WordPress Plugins for Cybersecurity 2025

IT Security Guru

MARCH 14, 2025

Wordfence Security Wordfence Security is one of the most popular cybersecurity plugins for WordPress. The post Best WordPress Plugins for Cybersecurity 2025 appeared first on IT Security Guru. It provides a firewall that blocks malicious traffic before it reaches your website.

Cybersecurity

Cybersecurity Firewall Cyber Attacks Passwords

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

INE Security , a leading provider of cybersecurity training and certifications, today shared its cybersecurity training for cyber hygiene practices for small businesses, underscoring the critical role of continuous education in safeguarding digital assets. INE Security emphasizes the importance of regular training forall employees.

Small Business

Small Business Data breaches Backups Passwords

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Alkove Jim Alkove , CEO, Oleria Identity is cybersecurity’s biggest challenge. Sundaresan Bindu Sundaresan , Cybersecurity Director, LevelBlue In 2025, cybercriminals will exploit supply chain vulnerabilities, ransomware, IoT botnets, and AI-driven phishing. Attackers arent hacking in theyre logging in.

Cyber threats

Cyber threats CISO IoT Phishing

IronNet Has Shut Down

Schneier on Security

OCTOBER 11, 2024

After retiring in 2014 from an uncharacteristically long tenure running the NSA (and US CyberCommand), Keith Alexander founded a cybersecurity company called IronNet. At the time, he claimed that it was based on IP he developed on his own time while still in the military. That always troubled me.

Technology

Technology Cybersecurity

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device.

Passwords

Roger Grimes on Prioritizing Cybersecurity Advice

Women in Cybersecurity & IWD: Why I’m Done!

Trending Sources

CyberSecurity Expert Joseph Steinberg To Lecture At Columbia University During Summer 2025

BEWARE: Criminals Are Selling Fraudulent Expert Opinion Letters From “Me” In Support of CyberSecurity Professionals Seeking Immigration Visas to The United States

The Importance of User Roles and Permissions in Cybersecurity Software

Cybersecurity Lessons from Covid19

Lessons for Cybersecurity from the American Public Health System

Cybersecurity Resolutions for 2025

Is Cybersecurity Awareness Month Worth the Money?

IT Leadership Agrees AI is Here, but Now What?

How to Build Your Cybersecurity Talent Stack

American Water Shuts Down Services After Cybersecurity Breach

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

2025 SecureWorld Theme: Once Upon a Time in Cybersecurity

Zero Trust Mandate: The Realities, Requirements and Roadmap

How Cybersecurity Training Must Adapt to a New Era of Threats

From Cybersecurity Consolidation to GenAI and Innovation – What to Expect: 2025 Predictions

How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

5 Key Findings From the 2023 FBI Internet Crime Report

MasterCard Buys Recorded Future for $2.6B: What It Means for AI Cybersecurity

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

OT Cybersecurity and the Evolving Role of Controls Engineers

4 Tips to Fortify the Human Element in Your Cybersecurity Posture

Cybersecurity Predictions for 2024

Spotlight on Cybersecurity Leaders: Richard Staynings

News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget

Google's AI Trends Report: Key Insights and Cybersecurity Implications

Phishing Threats, GenAI Among Top Cybersecurity Risks in 2025

Bringing the Cybersecurity Imperative Into Focus

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

AI Cybersecurity Firm Raises $100 Million to Strengthen National Security

DeepSeek and AI-Generated Malware Pose New Danger for Cybersecurity

Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain

Software Composition Analysis: The New Armor for Your Cybersecurity

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

If I Had to Start Over in Cybersecurity, Here's What I'd Do Differently

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Why MSPs must offer 24/7 cybersecurity protection and response — and how OpenText MDR can help

Beware of Pixels & Trackers on U.S. Healthcare Websites

Best WordPress Plugins for Cybersecurity 2025

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

IronNet Has Shut Down

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Stay Connected