Budgetary and resource constraints play a huge role in cyberattacks on smaller organizations. Amidst a strained global economy, many under-resourced organizations like non-profits, local governments, and hospitals struggle to keep their heads above water - they simply don't have the funds to invest in cybersecurity. To make matters worse, cybercriminals see these organizations as easy prey. Although they may not be able to shell out for extortionate ransom demands as big business can, at the end of the day, data is data and is always worth something on the dark web. In many cases, smaller...
Author: Josh Breaker-rolfe
Cybersecurity has always been a complex field. Its adversarial nature means the margins between failure and success are much finer than in other sectors. As technology evolves, those margins get even finer, with attackers and defenders scrambling to exploit them and gain a competitive edge. This is especially true for AI. In February, the World Economic Forum (WEF) published an article entitled " AI and cybersecurity: How to navigate the risks and opportunities ," highlighting AI's existing and potential impacts on cybersecurity. The bottom line? AI benefits both the good and bad guys, so it's...
In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it? Compromises Up, Victims Down However, the Identity Theft Resource Center's (ITRC) Data Breach Report 2023 tells a somewhat more complicated story. The total number of compromises in 2023 rose by 72% since the previous record high in 2021, but the total number of victims fell 16% year-on-year. In the report's executive...
At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU , the computer worm that catapulted cybercrime into the public consciousness, was still five months away. Today, things couldn't be more different. In 2001, six people fell victim to cybercrime an hour. By 2022, that number had risen to 97, an increase of 1517% . At that time, the SolarWinds, Colonial Pipeline, and WannaCry attacks established cybercrime as a potentially...
In late September 2023, the US-based National Institute of Standards and Technology (NIST) published its Cybersecurity Framework Profile for Hybrid Satellite Networks, otherwise known as NIST IR 8441. This blog will explore the reasons behind NIST developing the framework, outline its intentions, and summarize its key points. What is a Hybrid Satellite Network? To understand IR 8441, we must first understand a Hybrid Satellite Network (HSN). NIST defines an HSN as a network that: “[Uses] independently owned and operated terrestrial and space components to realize a space system that may...
A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial services are fairly obvious – potential financial gains, troves of sensitive data, and valuable supply chains, to name a few – the dramatic increase in attacks represents a general failure on the part of service providers to protect client data. In this article, we will...
Application Programming Interfaces (APIs) have profoundly transformed the internet's fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software entities. APIs are the conduits through which software components communicate, interact, and share functionalities; this has led to an environment where applications, platforms, and services seamlessly...
The past half-decade has been a particularly tumultuous one for cybersecurity. It has borne witness to some of the most damaging attacks in history, unprecedentedly high data breach rates, and a staggering number of emerging threat groups. However, a new report from cyber insurance provider Coalition suggests that things are beginning to stabilize. The report , which features data from Coalition’s US and Canada customer base ranging from businesses with less than $25 million in revenue to more than $100 million, has revealed that while claim severity has risen, frequency has fallen in the...
The social media landscape has undergone dramatic change in recent years. Elon Musk bought Twitter and changed its name to "X." Mark Zuckerberg bought Instagram and WhatsApp before launching Threads to capitalize on Twitter's recent PR disasters. TikTok came out of nowhere to become the platform of choice for Gen Z. One thing, however, has stayed the same. Facebook remains, somewhat surprisingly, the most popular social media platform. Zuckerberg's flagship boasts nearly 3 billion users a month, roughly 37% of the world's population. More interesting still, Facebook has almost 800 million more...
South Africa's Protection of Personal Information Act (PoPIA), also known as the PoPI Act, is a comprehensive data protection legislation designed to safeguard the privacy and information of South African citizens. While Jacob Zuma assented to PoPIA in November 2013, the act took effect in July 2020. Parliament granted all South African entities a one-year grace period, expecting them to comply by June 30th, 2020. As part of the act, the South African Parliament formed a new government agency, the Information Regulator, to monitor and enforce PoPIA compliance in the public and private sectors...