While attempting to remove TikTok from U.S. phones, the government is inadvertently hurting small businesses and free speech – key pillars of society. The fate of the popular social media app TikTok is now in the hands of the U.S. Senate as on March 14, the House of Representatives voted 352 to 65 to advance a bill that could ban the app nationwide. If the legislation is enacted, the parent company ByteDance will have six…
The Cybersecurity and Infrastructure Security Agency anticipates receiving a significant volume of reports on hacks, ransomware attacks, and other cyber incidents within the first year of implementing new reporting regulations. CISA has released a 447-page notice of proposed rulemaking for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) today. The proposed rules will be officially published in the Federal Register on April 4, with comments due by June 3. The regulations outline the process…
Combatting Fraud with AI The Treasury Department has identified various challenges in the financial sector related to artificial intelligence (AI). These challenges include the lack of consistency in defining AI across the industry, uncertainty regarding future AI regulation in financial services, and the potential for regulatory fragmentation. The report also emphasizes the impact of AI on fraud prevention within financial institutions. While AI technologies are reshaping fraud, they are also equipping defense teams with tools…
Carillon Point in Kirkland. Image courtesy of Marinas.com. Tanium, a cybersecurity company currently located in Kirkland, recently revealed plans to relocate its headquarters. This decision comes after more than three years since Tanium moved from Emeryville, Calif., to Kirkland in late 2020. The move is a reflection of the company's need to accommodate its growing team. Tanium is now searching for a larger space in Bellevue as a testament to its expansion and commitment to…
On March 26, 2024, the HHS Office of Inspector General (OIG) unveiled a cybersecurity toolkit designed for HHS leaders to effectively plan and implement information systems during disasters and public health emergencies. This toolkit offers crucial questions and considerations based on cybersecurity standards utilized by the OIG in evaluating HHS information systems, which can also be applied to the private sector. It is important to note that this toolkit does not aim to comprehensively cover…
The Impact of Technology Innovation on Cybersecurity: NIST Cybersecurity Framework 2.0 The advancements in technology have revolutionized how we engage with the world. Just a few years ago, the concept of IoT seemed distant. Now, generative AI is reshaping our interactions with the internet. Consequently, cybersecurity threats have also evolved, necessitating agility and continuous adaptation from organizations. Recognizing this reality, the National Institute of Standards and Technology unveiled the highly anticipated NIST Cybersecurity Framework (CSF)…
Gabriela García and David Meléndez presented a compelling talk on technical flaws in railroad networks to a crowd of 1,500 at RootedCON, the largest cybersecurity conference in the Spanish-speaking world, on March 7. The talk shed light on a specific vulnerability in railroad signaling safety. García, a software developer, hacker, and educator, collaborated with Meléndez, an experienced R&D engineer on the Innotec Security hacking team, to deliver the presentation. Following the presentation, which garnered attention…
Open share links Cybersecurity threats remain prevalent, with data breaches increasing by 20% from 2022 to 2023, and a cyberattack in March 2024 on a major U.S. health care billing company causing widespread repercussions. Moreover, artificial intelligence has introduced new potential threats, many of which are still unforeseen. Despite the magnitude of these threats, many companies have grown accustomed to the dangers, while others struggle to determine where to focus their cybersecurity efforts. No company…
Only two percent of organisations possess a “mature” level of cybersecurity readiness, as revealed by Cisco's 2024 Cybersecurity Readiness Index.Presented at this week's Enterprise Connect, this concerning statistic indicates a decline from last year, where 17 percent of organisations were considered mature in cybersecurity readiness. Equally troubling is the fact that the majority of organisations, a staggering 72 percent, fall under Cisco's Beginner or Formative stages of cybersecurity readiness.The Readiness Index captures a period marked…
According to Cisco's 2024 Cybersecurity Readiness Index, only 3% of organizations worldwide have reached the 'Mature' level of readiness for modern cybersecurity risks. The majority of organizations, two-thirds in fact, are still in the 'Beginner' or 'Formative' stages of readiness. The index highlights a significant decrease in readiness compared to the previous year when 15% of companies were classified as 'Mature'. Despite facing various cyber threats such as phishing, ransomware, supply chain attacks, and more,…