Government, Risk and Technology - Cyber Security Informer

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

Australia recently enacted legislation to ban children under 16 from using social media a policy that the Australian government plans to enforce through the use of untested age-verification technology.

Media

Media Risk Artificial Intelligence Government

Texas Passes Most Comprehensive AI Governance Bill

SecureWorld News

JULY 2, 2025

Texas is making waves in AI governance. Governor Greg Abbott recently signed House Bill 149 , formally titled the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), on June 22, 2025. Sandbox risks: Looser rules may allow risky AI testing with little oversight. Only the AG can enforce.

Government

Government Artificial Intelligence Risk Technology

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

Early in 2020, cyberspace attackers apparently working for the Russian government compromised a piece of widely used network management software made by a company called SolarWinds. The US government deserves considerable blame, of course, for its inadequate cyberdefense. Who is at fault?

Risk

Risk Government Marketing Software

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Earlier this week, I signed on to a short group statement , coordinated by the Center for AI Safety: Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war. Poses ‘Risk of Extinction,’ Industry Leaders Warn.”

Risk

Risk Artificial Intelligence Technology Internet

AI Risks

Schneier on Security

OCTOBER 9, 2023

Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks—and the steps we need to take to mitigate them. Some are concerned about far-future risks that sound like science fiction. AI could destroy humanity or pose a risk on par with nukes.

Risk

Risk Technology Artificial Intelligence Surveillance

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

SecureWorld News

FEBRUARY 6, 2025

Representatives Josh Gottheimer (D-NJ) and Darin LaHood (R-IL) introduced the bipartisan No DeepSeek on Government Devices Act, seeking to prohibit federal employees from using the AI-powered application DeepSeek on government-issued devices. Federal Communications Commission (FCC) for security concerns. For the U.S. For the U.S.

Government

Government Artificial Intelligence Data privacy Mobile

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Avaya Holdings , Check Point Software Technologies , and Mimecast Limited each minimized or obscured the extent of security breaches linked to the SolarWinds Orion hack, impacting investor trust and highlighting the critical importance of clear, truthful communication.

CISO

CISO CSO Risk Cyber threats

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

SecureWorld News

FEBRUARY 17, 2025

Cybersecurity governance has undergone a dramatic transformation over the past few decades. From its early days, where security was an afterthought to business operations, to the present, where it has become a board-level discussion, governance has had to adapt to an ever-evolving digital landscape.

Government

Government Cybersecurity CISO Risk

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. .” broadband providers.

Government

Government Telecommunications Surveillance Risk

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

government officials. telecoms, compromising networks to steal call records and access private communications, mainly of government and political figures. broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. .” broadband providers.

Government

Government Telecommunications Surveillance Risk

US House Bans WhatsApp on Government Devices Over Security & Transparency Concerns

Penetration Testing

JUNE 23, 2025

House of Representatives has banned WhatsApp on government devices, citing security and transparency concerns. Meta strongly disputes the "high-risk" assessment.

Government

Government Risk Data privacy Encryption

AI-Powered GRC: Revolutionizing Risk Management and Compliance

SecureWorld News

JANUARY 14, 2025

In the rapidly evolving landscape of corporate governance, risk management, and compliance (GRC), artificial intelligence (AI) has emerged as a game-changing force. This technological leap allows organizations to identify patterns, predict potential risks, and automate routine compliance tasks with remarkable efficiency.

Risk

Risk Artificial Intelligence Data privacy Government

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

Responsible Cyber

NOVEMBER 23, 2024

However, with every partnership comes potential risk. As networks expand to include third, fourth, and even fifth parties, the complexities of managing these risks multiply. For CCEOs and senior leaders, effective third-party risk management (TPRM) is not just a necessity—it’s a strategic imperative.

Risk

Risk Government Education Technology

AI-Generated Law

Schneier on Security

MAY 15, 2025

A new Regulatory Intelligence Office would use the technology to “regularly suggest updates” to the law and “accelerate the issuance of legislation by up to 70%.” The UAE has promised to spend more than $3 billion to transform into an “ AI-native ” government by 2027. In 2020, the U.S.

Government

Government Artificial Intelligence Technology Accountability

Best Practices for Hospitals To Manage Risks To CyberSecurity Created By Medical Technology And Information Systems: A Webinar With The CIA’s Former CyberSecurity Director And The Top CyberSecurity Columnist

Joseph Steinberg

OCTOBER 12, 2022

Join Bonnie Stith, former Director of the CIA’s Center for Cyber Intelligence , and and Joseph Steinberg, renowned cybersecurity expert witness and columnist , for a special, free educational webinar, Best Practices for Asset Risk Management in Hospitals. The discussion will cover: * How IT asset risks have evolved.

Cybersecurity

Cybersecurity Technology Risk Artificial Intelligence

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

Jane Frankland

MAY 30, 2025

Everyone’s talking about AI aren’t they, and when I gave a keynote on Artificial Intelligence and cybersecurity recently, I relayed how the rise of AI has brought us to a pivotal moment in historya moment brimming with both extraordinary opportunity and unparalleled risk. AI amplifies these risks exponentially.

Risk

Risk Artificial Intelligence Government Technology

The C-Suite Power Shift: Why CIOs, CTOs, and CISOs Must Realign to Survive

Jane Frankland

JUNE 8, 2025

The modern enterprise C-suite is undergoing a seismic shift—not over profits or market share, but over who leads technology, shapes strategy, and ultimately defines the future of the business. The digital era has brought with it not just new technologies, but new power dynamics. But that dominance is fading.

CISO

CISO Digital transformation Technology Risk

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

JULY 20, 2022

And, while today’s commercially-created quantum machines are nowhere near powerful enough to approach quantum supremacy, absolutely nobody knows the true extent of the quantum capabilities of all of the technologically-advanced governments around the world. Clearly, there is a need to act in advance – and acting takes time.

Risk

Risk Encryption Government Backups

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

The Last Watchdog

DECEMBER 18, 2024

To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Enterprises must secure AI agents, adopt proactive data governance, and deploy AI-based security platforms. As compute costs decrease, autonomous operations and AI-discovered zero-day exploits loom.

Risk

Risk Threat Detection Technology Phishing

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

SecureWorld News

MAY 13, 2025

As geopolitical instability, supply chain disruption, and cyber threats continue to escalate, third-party risk management (TPRM) is evolving from a compliance function to a strategic business imperative. According to the EY survey , 87% of organizations have experienced a third-party risk incident in the past three years.

Risk

Risk Cyber Risk Artificial Intelligence Technology

A Deep Dive into the Texas Responsible AI Governance Act

SecureWorld News

NOVEMBER 4, 2024

Enter the Texas Responsible AI Governance Act, or TRAIGA, with Texas's unique style of doing business—balancing innovation with accountability, consumer empowerment, and a good ol' dash of no-nonsense enforcement. These are labeled "High-Risk AI Systems" (HRAIS). if they (1) put their name or trademark on a high-risk AI system.(2)

Government

Government Artificial Intelligence Small Business Risk

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

-funded CVE program, a core cybersecurity tool for tracking vulnerabilities, faces funding expiry Wednesday, risking disruption to global security. government funding for MITRE s CVE program , a key global cybersecurity resource for cataloging vulnerabilities, is set to expire Wednesday, risking disruption.

Government

Government Risk Cybersecurity Media

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

The Last Watchdog

MAY 13, 2025

And now comes the GenAI wave flooding security vendors with new tools, but also disrupting organizational dynamics, blurring responsibility lines, and injecting fresh uncertainty into already fragile governance structures. It reads not as a how-to manual, but as a diagnosis of systemic design failure and a blueprint for recovery.

CISO

CISO Risk Cybersecurity Government

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Russia-linked APT28 targets western logistics entities and technology firms

Security Affairs

MAY 21, 2025

CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing an elevated threat to supply chains Russia-linked cyberespionage group APT28 intensifies its operations against Western logistics and technology companies moving supplies into Ukraine, US CISA warns. ” reads the joint alert.

Technology

Technology Malware Phishing Government

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

The Last Watchdog

MAY 1, 2025

Alcavio: AI-powered deception Anand Akela of Alcavio Technologies offered a provocative take: Deception technology is the only way to detect threats that no one has seen before zero days generated on the fly by LLMs. Theyre totally different tech and governance models. You cant govern what you cant see, Mogull said.

Mobile

Mobile Government CISO Technology

What are the key Threats to Global National Security?

IT Security Guru

NOVEMBER 1, 2024

As technology advances, so do the methods and motivations of those who seek to disrupt global stability. Cyber attacks can compromise critical infrastructure, financial systems, and sensitive government data. The risk posed by these actors continues to grow as nations rely increasingly on interconnected digital infrastructure.

Technology

Technology Cyber Attacks Government Risk

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

For us in cyber, how do we navigate these new digital threats especially when we layer in the rise of AI and deepfake technologies, and the stakes grow even higher? Deepfake Technology Amplifying Risks: The evolution and democratisation of deepfake technology have blurred the line between reality and fabrication.

Cybersecurity

Cybersecurity Scams Technology Risk

How Cryptocurrency Turns to Cash in Russian Banks

Krebs on Security

DECEMBER 11, 2024

An analysis of their technology infrastructure shows that all of these exchanges use Russian email providers, and most are directly hosted in Russia or by Russia-backed ISPs with infrastructure in Europe (e.g. A machine-translated version of Flymoney, one of dozens of cryptocurrency exchanges apparently nested at Cryptomus.

Cryptocurrency

Cryptocurrency Banking Cybercrime Advertising

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

SecureWorld News

MARCH 6, 2025

government. This means that thousands of government contractors will soon be required to implement structured processes for identifying, reporting, and mitigating vulnerabilities, aligning them with U.S. National Institute of Standards and Technology (NIST) guidelines.

Cybersecurity

Cybersecurity Government Marketing Cyber threats

Big Tech’s Mixed Response to U.S. Treasury Sanctions

Krebs on Security

JULY 3, 2025

government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment scam websites reported to the FBI. Department of the Treasury announced economic sanctions against Funnull Technology Inc. , government.” In May 2025, the U.S. On May 29, the U.S.

Scams

Scams Accountability Government Technology

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

The Last Watchdog

MARCH 24, 2025

Its a question of how much risk your organization is willing to take, based on the data you must protect and its long-term value. We recommend using Dr. Michele Moscas theorem of quantum risk against an optimistic vs. pessimistic probability analysis. This is where the concern of harvest now, decrypt later attacks apply.

Encryption

Encryption Financial Services Technology Risk

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

SecureWorld News

NOVEMBER 18, 2024

Among the key findings: Widespread vulnerabilities: The OIG's passive assessment revealed critical or high-risk vulnerabilities in 97 drinking water systems serving more than 26.6 Invest in security technology: Utilize advanced security technologies to protect critical infrastructure and data. million people.

Cybersecurity

Cybersecurity Risk Penetration Testing Technology

Another Event-Related Spyware App

Schneier on Security

NOVEMBER 15, 2022

But it risks giving the Egyptian government permission to read users’ emails and messages. The app also provides Egypt’s Ministry of Communications and Information Technology, which created it, with other so-called backdoor privileges, or the ability to scan people’s devices.

Spyware

Spyware Technology Encryption Government

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

JULY 8, 2021

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage. Cyberattacks can even kill businesses.

Insurance

Insurance Cyber Insurance Cybersecurity Small Business

The Case for AI Centers of Excellence

SecureWorld News

NOVEMBER 1, 2024

From a risk standpoint, they are well-contained. This new wave of technology is profoundly different. Are the efficacy, legal, regulatory, reputation, cyber, and OpEx risks high? Are the risks, including the risks associated with not adopting the tech, measured and managed? Perhaps even existential? That's the why.

Government

Government Risk Architecture Technology

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

Jane Frankland

APRIL 18, 2025

Organisations invest heavily in governance, risk, and compliance (GRC) and risk management efforts while neglecting foundational elements like leadership and culture. Without these foundations, all the technology in the world wont secure your organisation. However, technology alone cannot solve the security puzzle.

Cybersecurity

Cybersecurity Technology Risk Security Awareness

AI tool GeoSpy analyzes images and identifies locations in seconds

Malwarebytes

JANUARY 21, 2025

Graylark Technologies who makes GeoSpy says its been developed for government and law enforcement. But the investigative journalists from 404 Media report thatthe tool has also been used for months by members of the public, with many making videos marveling at the technology, and some asking for help with stalking specific women.

Identity Theft

Identity Theft Media Artificial Intelligence Surveillance

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. There was another warning from the U.S.

Software

Software Risk Artificial Intelligence Cyber Attacks

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

Joseph Steinberg

NOVEMBER 17, 2021

He is also the inventor of several information-security technologies widely used today; his work is cited in over 500 published patents. He frequently serves as a cybersecurity expert witness , advises businesses and governments on information security matters, and has amassed millions of readers as a regular columnist for Forbes and Inc.

Cybersecurity

Cybersecurity Artificial Intelligence Government Information Security

TikTok ordered to close Canada offices following “national security review”

Malwarebytes

NOVEMBER 8, 2024

The Government of Canada ordered the TikTok Technology Canada Inc. The government is taking action to address the specific national security risks related to ByteDance Ltd.’s s operations in Canada through the establishment of TikTok Technology Canada, Inc.

Identity Theft

Identity Theft Media Government Technology

How boards can manage digital governance in the age of AI

BH Consulting

MARCH 26, 2025

If there is one statistic that sums up the increasing pace of technological change, it might well be this. This rapid transformation creates a challenge for boards tasked with balancing emerging risks and strategic opportunities. The Data Governance Act creates a framework to facilitate trustworthy data sharing across the EU.

Government

Government Artificial Intelligence Risk Digital transformation

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. “COVID-19 extended the life of these companies and technologies, and that’s unfortunate.”

Risk

Risk VPN Internet Internet

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Malwarebytes

APRIL 3, 2025

Chinese company 360 Security Technology, also known as Qihoo 360, purchased Lemon Seed, according to its 2019 annual report. The Entity List identifies entities that the US believes pose a risk to its national security. Both use language lifted directly from Chinese privacy regulations.

VPN

VPN Mobile Government Technology

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Texas Passes Most Comprehensive AI Governance Bill

Trending Sources

National Security Risks of Late-Stage Capitalism

On the Catastrophic Risk of AI

AI Risks

U.S. Lawmakers Push to Ban DeepSeek from Government Devices

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Cybersecurity Governance: The Road Ahead in an Era of Constant Evolution

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

US House Bans WhatsApp on Government Devices Over Security & Transparency Concerns

AI-Powered GRC: Revolutionizing Risk Management and Compliance

Third-Party Risk Management: Gartner’s Best Practices for CCEOs

AI-Generated Law

Best Practices for Hospitals To Manage Risks To CyberSecurity Created By Medical Technology And Information Systems: A Webinar With The CIA’s Former CyberSecurity Director And The Top CyberSecurity Columnist

The Dangers of AI Acceleration: Why a Deregulatory Stance Threatens Humanity

The C-Suite Power Shift: Why CIOs, CTOs, and CISOs Must Realign to Survive

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

From Compliance to Confidence: How AI Is Reshaping Third-Party Risk

A Deep Dive into the Texas Responsible AI Governance Act

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Author’s Q&A: It’s high time for CISOs to start leading strategically — or risk being scapegoated

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Russia-linked APT28 targets western logistics entities and technology firms

MY TAKE: RSAC 2025 – Conversing with vendors hanging out in the Marriott Marquis mezzanine

What are the key Threats to Global National Security?

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

How Cryptocurrency Turns to Cash in Russian Banks

Federal Contractor Cybersecurity Vulnerability Reduction Act Passes in U.S. House

Big Tech’s Mixed Response to U.S. Treasury Sanctions

SHARED INTEL Q&A: Forrester highlights why companies need to strive for ‘cryptoagility’– today

Report Unveils Cybersecurity Leaks in U.S. Drinking Water Systems

Another Event-Related Spyware App

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

The Case for AI Centers of Excellence

What Maslow’s Hierarchy of Needs Reveals About Cybersecurity Flaws

AI tool GeoSpy analyzes images and identifies locations in seconds

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

TikTok ordered to close Canada offices following “national security review”

How boards can manage digital governance in the age of AI

CISA Order Highlights Persistent Risk at Network Edge

Popular VPNs are routing traffic via Chinese companies, including one with link to military

Stay Connected