Infosecurity Magazine

As AI becomes an integral part of organisational operations, the challenges of managing associated risks are growing exponentially. Our upcoming webinar with AuditBoard will explore the evolving risk landscape of AI, focusing on key concerns such as ethics, compliance, and vulnerabilities, with a specific emphasis on European organisations Join us on January 23rd to learn strategies for evaluating AI-driven risks and implementing robust governance practices: https://bit.ly/3ZssHuz

As AI becomes central to operations, managing its risks is increasingly complex. With vulnerabilities in AI systems and software dependencies, effective auditing is essential for IT and compliance leaders. With the EU AI Act and other regulations shaping AI governance, businesses must adapt their compliance frameworks. Register for AuditBoard's webinar on January 23 to learn how to audit AI systems, ensure compliance, and mitigate risks: https://bit.ly/3ZssHuz

Ransomware attacks, data breaches, supply chain vulnerabilities and news from the US Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology (NIST). Discover the 10 most read stories on Infosecurity Magazine last year. Spoiler alert : North Korean IT Workers and Nigerian 'Yahoo Boys' also made the list. 🔗 https://bit.ly/3DnpsvT

Happy New Year from the Infosecurity team! 🎉 Here's to a successful and secure 2025! We look forward to continuing to bring you the latest insights and updates in the year ahead

Is 2025 the Year of Mandatory MFA? 🤔 With companies like Snowflake, Microsoft Azure and Google Cloud making MFA mandatory and others addressing critical MFA flaws, the push for stronger security measures is clear. As we move into 2025, will we see a widespread adoption of mandatory MFA across industries? Read more about recent developments: ▪️ Snowflake Makes MFA Mandatory: https://bit.ly/4gZA4zF ▪️ Microsoft Azure MFA Flaw: https://bit.ly/3Dh6wyE #MFA #2FA #Google #GoogleCloud #Microsoft #Azure #Snowflake #authentication #IAM #SSO #passkeys #passwords

What if a single mistake at home could jeopardize your entire company’s security? For millions of remote workers, this is a daily reality in today’s digital-first world. While remote work has revolutionized collaboration, the cost of this convenience is becoming increasingly clear. A recent report by Checkpoint found a 38% increase in cyberattacks in 2022, with remote work playing a significant role. Learn more about the risks and how to manage them in this insightful article by PureVPN: https://bit.ly/4fmRp45

Third-party risk management is becoming more challenging as organizations work with an increasing number of external vendors and partners. This growth brings heightened risks, from compliance gaps to potential security vulnerabilities. Watch our full video interview with Dave Stapleton from ProcessUnity Unity to learn how a data-first approach can revolutionize the process of of third-party risk management: https://bit.ly/3P4ilLa

Lookout has discovered three new surveillance tools developed and deployed by Russia and China. BoneSpy and PlainGnome are Android spyware implants developed by Gamaredon, an APT group associated with the FSB. They have been active since 2021 and 2024, respectively. EagleMsgSpy is a lawful surveillance tool likely developed by Wuhan Chinasoft Token Information Technology and used by many government agencies in mainland China since at least 2017. Find out more about these newly discovered surveillance tools here: https://bit.ly/4fFUXih #spyware #surveillance #mobile #Android #iOS #Gamaredon #FSB #APT #APTgroup #BoneSpy #PlainGnome #EagleMsgSpy #Russia #China #cyberespionage #espionage

The Infosecurity team wishes you a very merry Christmas and happy holidays! May your season be filled with joy, warmth, and cherished moments with loved ones. Thank you for being a part of our community—we look forward to connecting with you in the new year!

Leadership training and skills are severely lacking in the cybersecurity industry, especially as cybersecurity continues to evolve as a critical business issue. Findings from ISC2’s latest Cybersecurity Leadership Survey are concerning, according to the accreditation body’s CISO, Jon France CISSP, ChCSP. Only 63% of cybersecurity professionals have received formal leadership training, and 81% primarily learn by observing other leaders. Read our article to discover how these gaps in leadership skills could impact the future of cybersecurity: https://bit.ly/41Fhvw8 #cybersecurity #skills #skillsgap #talentgap #ISC2 #certification #CISO #CISOs #workforce #leadership #survey