Tag: cybersecurity
-
Securing the AI-Enabled Enterprise
AI-Driven Security Threats: Moving Beyond the Hype Security does a great job of sensationalizing attacks. This trend was set from a perspective of awareness and edge cases which the industry deals with as attacks and realized perspectives. While this approach leads to discussions around AI-driven cybersecurity threats the risks are hard to comprehend but certain..…
-
Google Warns of AI-Driven Threat Escalation in 2026
Google’s 2026 forecast warns that AI has become both the hacker’s greatest weapon and cybersecurity’s most vital defense. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/google-warns-of-ai-driven-threat-escalation-in-2026/
-
Securing the AI-Enabled Enterprise
AI-Driven Security Threats: Moving Beyond the Hype Security does a great job of sensationalizing attacks. This trend was set from a perspective of awareness and edge cases which the industry deals with as attacks and realized perspectives. While this approach leads to discussions around AI-driven cybersecurity threats the risks are hard to comprehend but certain..…
-
Google Warns of AI-Driven Threat Escalation in 2026
Google’s 2026 forecast warns that AI has become both the hacker’s greatest weapon and cybersecurity’s most vital defense. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/google-warns-of-ai-driven-threat-escalation-in-2026/
-
ID verification laws are fueling the next wave of breaches
ID laws are forcing companies to store massive amounts of sensitive data, turning compliance into a security risk. Acronis explains how integrated backup and cybersecurity platforms help MSPs reduce complexity and close the gaps attackers exploit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/id-verification-laws-are-fueling-the-next-wave-of-breaches/
-
ID verification laws are fueling the next wave of breaches
ID laws are forcing companies to store massive amounts of sensitive data, turning compliance into a security risk. Acronis explains how integrated backup and cybersecurity platforms help MSPs reduce complexity and close the gaps attackers exploit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/id-verification-laws-are-fueling-the-next-wave-of-breaches/
-
The quiet revolution: How regulation is forcing cybersecurity accountability
The most important story in cybersecurity today is not about the next breach, but how organizations respond and evolve in light of accountability. First seen on cyberscoop.com Jump to article: cyberscoop.com/how-cybersecurity-regulation-is-driving-accountability/
-
The quiet revolution: How regulation is forcing cybersecurity accountability
The most important story in cybersecurity today is not about the next breach, but how organizations respond and evolve in light of accountability. First seen on cyberscoop.com Jump to article: cyberscoop.com/how-cybersecurity-regulation-is-driving-accountability/
-
Threat Actors Use Stolen RDP Credentials to Deploy Cephalus Ransomware
A new ransomware group, Cephalus, has emerged in the cybersecurity threat landscape, targeting organizations through compromised Remote Desktop Protocol (RDP) accounts. First detected in mid-June 2025, this group represents a growing threat to businesses that have not implemented proper security measures on their remote access systems. How Cephalus Operates The Cephalus ransomware group employs a…
-
How to trade your $214,000 cybersecurity job for a jail cell
Ransomware doesn’t pay what it used to. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/fbi-arrests-ransomware-clean-up-experts-for-planting-ransomware/
-
Business continuity and cybersecurity: Two sides of the same coin
Tags: access, ai, attack, backup, breach, business, cloud, control, corporate, credentials, cyber, cybercrime, cybersecurity, data, data-breach, detection, email, finance, framework, google, incident response, infrastructure, intelligence, Internet, network, nist, ransomware, RedTeam, resilience, risk, sans, service, strategy, tactics, threat, tool, training, veeam, vulnerability, zero-trustWhy traditional business continuity plans fail against modern threats: I’ve implemented change management processes in environments requiring 99.99% uptime and I can tell you that most business continuity plans were designed for a different era. They assume that your backup systems, communication channels and recovery procedures will be available when you need them. Today’s threat…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
How to trade your $214,000 cybersecurity job for a jail cell
Ransomware doesn’t pay what it used to. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/11/fbi-arrests-ransomware-clean-up-experts-for-planting-ransomware/
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Business continuity and cybersecurity: Two sides of the same coin
Tags: access, ai, attack, backup, breach, business, cloud, control, corporate, credentials, cyber, cybercrime, cybersecurity, data, data-breach, detection, email, finance, framework, google, incident response, infrastructure, intelligence, Internet, network, nist, ransomware, RedTeam, resilience, risk, sans, service, strategy, tactics, threat, tool, training, veeam, vulnerability, zero-trustWhy traditional business continuity plans fail against modern threats: I’ve implemented change management processes in environments requiring 99.99% uptime and I can tell you that most business continuity plans were designed for a different era. They assume that your backup systems, communication channels and recovery procedures will be available when you need them. Today’s threat…
-
What past ERP mishaps can teach CISOs about security platformization
Tags: ai, automation, business, cio, ciso, cyber, cybersecurity, data, finance, metric, resilience, service, technology, tool, training5 tips for getting security platformization right: Current trending suggests that in many enterprises, security platform migration is inevitable in the short- or long-term. Given this, CISOs would be well served by carefully studying the mistakes made with ERP and plan accordingly with proven best practices. Based on my research, here are a few suggestions:Get executive…
-
Wie CISOs vom ERP-Leid profitieren
Tags: ai, best-practice, business, cio, cisco, ciso, cloud, crowdstrike, cybersecurity, fortinet, mail, microsoft, network, resilience, service, siem, soar, threat, toolSecurity Platformization ist eine Herausforderung gut, wenn man vorher weiß, worauf es (nicht) ankommt.Studienerkenntnissen zufolge sind in einem durchschnittlichen (Groß-)Unternehmen zwischen 40 und 80 separate Sicherheits-Tools im Einsatz. Wildwuchs dieser Art führt regelmäßig zu:Security-Datensilos,Integrationsproblemen,fortlaufendem Wartungs- und Konfigurationsaufwand, oderAlert-Müdigkeit.Angesichts dieser Herausforderungen (und dem Marktpotenzial für entsprechende Lösungen) haben diverse Security-Anbieter Technologieplattformen aufgebaut etwa Cisco, Crowdstrike, Fortinet,…
-
Wie CISOs vom ERP-Leid profitieren
Tags: ai, best-practice, business, cio, cisco, ciso, cloud, crowdstrike, cybersecurity, fortinet, mail, microsoft, network, resilience, service, siem, soar, threat, toolSecurity Platformization ist eine Herausforderung gut, wenn man vorher weiß, worauf es (nicht) ankommt.Studienerkenntnissen zufolge sind in einem durchschnittlichen (Groß-)Unternehmen zwischen 40 und 80 separate Sicherheits-Tools im Einsatz. Wildwuchs dieser Art führt regelmäßig zu:Security-Datensilos,Integrationsproblemen,fortlaufendem Wartungs- und Konfigurationsaufwand, oderAlert-Müdigkeit.Angesichts dieser Herausforderungen (und dem Marktpotenzial für entsprechende Lösungen) haben diverse Security-Anbieter Technologieplattformen aufgebaut etwa Cisco, Crowdstrike, Fortinet,…
-
What past ERP mishaps can teach CISOs about security platformization
Tags: ai, automation, business, cio, ciso, cyber, cybersecurity, data, finance, metric, resilience, service, technology, tool, training5 tips for getting security platformization right: Current trending suggests that in many enterprises, security platform migration is inevitable in the short- or long-term. Given this, CISOs would be well served by carefully studying the mistakes made with ERP and plan accordingly with proven best practices. Based on my research, here are a few suggestions:Get executive…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Digital health can’t scale if cybersecurity falls behind
Tags: access, ai, attack, breach, cloud, compliance, control, cyber, cyberattack, cybersecurity, data, detection, encryption, endpoint, exploit, framework, GDPR, governance, government, healthcare, HIPAA, identity, infection, intelligence, malicious, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, strategy, technology, threat, training, virus, vulnerability, zero-trustThe unique vulnerabilities of AI systems: Traditional security frameworks are not enough for AI. Attacks on algorithms take subtler forms. I often explain to my clients that when you corrupt data, you corrupt intelligence. Data poisoning occurs when malicious data is inserted into the training process, teaching the AI to make wrong decisions later. Imagine…
-
Why can’t enterprises get a handle on the cloud misconfiguration problem?
Tags: access, ai, authentication, awareness, breach, business, cloud, communications, computing, control, cybersecurity, data, data-breach, encryption, governance, hacker, infrastructure, least-privilege, mfa, monitoring, network, risk, saas, service, technology, tool, training, usa, zero-trustStop. Reassess. Reconfigure: Last year, according to Ayan Roy, EY Americas cybersecurity competency leader, the highest number of breaches were caused by shared cloud repositories. “That’s where we saw the maximum amount of data exfiltration,” he says. “A lot was from shared cloud stores and SaaS applications.” That’s despite the fact that the clients have…
-
Wie CISOs vom ERP-Leid profitieren
Tags: ai, best-practice, business, cio, cisco, ciso, cloud, crowdstrike, cybersecurity, fortinet, mail, microsoft, network, resilience, service, siem, soar, threat, toolSecurity Platformization ist eine Herausforderung gut, wenn man vorher weiß, worauf es (nicht) ankommt.Studienerkenntnissen zufolge sind in einem durchschnittlichen (Groß-)Unternehmen zwischen 40 und 80 separate Sicherheits-Tools im Einsatz. Wildwuchs dieser Art führt regelmäßig zu:Security-Datensilos,Integrationsproblemen,fortlaufendem Wartungs- und Konfigurationsaufwand, oderAlert-Müdigkeit.Angesichts dieser Herausforderungen (und dem Marktpotenzial für entsprechende Lösungen) haben diverse Security-Anbieter Technologieplattformen aufgebaut etwa Cisco, Crowdstrike, Fortinet,…
-
Malicious npm packages contain Vidar infostealer
Typosquatting: One favorite tactic of threat actors trying to infect the open source software supply chain is typosquatting, the creation of packages with names similar to those of legitimate ones to trick unwitting developers searching for a particular library. For example, in 2018 a researcher found that threat actors had created phony libraries in the…