Security News

In July 2023, the Association of Southeast Asian Nations officially opened a joint cyber security information sharing and research centre, or Cybersecurity and Information Centre of Excellence, in a bid to increase the region's shared cyber threat defences. At the opening of the ACICE, Singapore's Ministry of Defence said Singapore alone experienced a 174% increase in phishing attempts between 2021 and 2022, while Southeast Asia cyber crime had increased 82%. Recorded Future Chief Information Security Officer Jason Steer told TechRepublic some customers in the region felt digitisation was turning data from gold into uranium due to cyber risk.

Infosec in brief The European Union's Parliament and Council have reached an agreement on the Cyber Resilience Act, setting the long-awaited security regulation on a path to final approval and adoption, along with new rules exempting open source software. The CRA was proposed by the European Commission in September 2022 and imposes mandatory cyber security requirements for all hardware and software products - from baby monitors to routers, as the EU Commission put it.

In their 2024 cybersecurity outlook, WatchGuard researchers forecast headline-stealing hacks involving LLMs, AI-based voice chatbots, modern VR/MR headsets, and more in the coming year. During 2024, the WatchGuard Threat Lab predicts that a smart prompt engineer whether a criminal attacker or researcher will crack the code and manipulate an LLM into leaking private data.

A cybersecurity budget is an allocation of resources, both financial and otherwise, dedicated to protecting an organization's digital assets from cyber threats. A well-structured cybersecurity budget ensures that an organization is adequately prepared to detect, prevent, and respond to potential cyberattacks, thereby minimizing the risk of data breaches and other security incidents.

60% of Australian small businesses don't survive a cyber breach. A recent report by ASIC found that "Medium and large" organisations consistently reported more mature cyber security capabilities than small organisations, which lagged behind in most critical areas: supply chain risk management, data security and consequence management.

Modern security tools continue to improve in their ability to defend organizations’ networks and endpoints against cybercriminals. But the bad actors still occasionally find a way in. Security...

The Cybersecurity and Infrastructure Security Agency has announced a pilot program that aims to offer cybersecurity services to critical infrastructure entities as they have become a common target in cyberattacks. "In alignment with CISA's 'Target Rich, Resource Poor' strategy, our teams are working with critical infrastructure entities in the healthcare, water, and K-12 education sectors in our first phase of deployment. This year, we plan to deliver services to up to 100 entities," said Eric Goldstein, CISA's Executive Assistant Director for Cybersecurity.

Please turn on your JavaScript for this page to function normally. In this Help Net Security video, Graeme Payne, US Advisory Service Leader at Kudelski Security, discusses how, with the incredible number of complex threats facing modern businesses, board members must take an increased role in cybersecurity decisions - or face the consequences.

Despite a 25% increase of the cost of major cyber incidents in 2022 compared to 2021, the new report on cybersecurity investment from ENISA reveals a slight increase of 0,4% of IT budget dedicated to cybersecurity by EU operators in scope of the NIS Directive. The objective of the report was to identify how organization invest in cybersecurity in relation to the objective of meeting the requirements set by the initial NIS Directive.

The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center, in June 2021 to boost his company's business. Vikas Singla, who worked for Securolytics, a network security company that provided services to the healthcare industry, pleaded guilty to hacking into the systems of GMC Northside Hospital hospitals in Duluth and Lawrenceville, as prosecutors said in a June 2021 indictment.