Dark Reading’s Post

The European Commission has announced that the European Parliament and Council have reached a political agreement on the Cyber Solidarity Act. The new legislation, proposing the establishment of a European Cybersecurity Alert System, is pivotal for the EU, with current geopolitical events impacting cybersecurity. The provisional agreement will complement the cybersecurity measures already in place (such as the Network Information Systems - NIS2 - directive) and will comprise, among others, a network of National and Cross-border Cyber Hubs, utilising cutting-edge technologies, including artificial intelligence (AI) and advanced data analytics. The importance of supporting SMEs is also recognized in light of the new act, and in particular with regards to the need for more financial and technical support to European enterpreneurial ecosystems’ actors, and of reinforced actions to close the existing skills gap.

Our latest issue of the Journal of Cyber Policy is out. Volume 8 number 1 brings together a group of unsolicited manuscripts which we have arranged around the theme of states, net states and network security. Three articles discuss different aspects of cybersecurity from the perspective of states. Harriet Moynihan provides an analysis of the concept of due diligence in cyberspace. The evolution of the national cybersecurity strategies of Canada, the United Kingdom and Australia are assessed by W. Alec Cram and Jonathan Yuan. With a deep dive on US President Obama’s pivot in relation to China, Sally Burt argues that cyber strategy needs to be understood in the context of Grand Strategy. The exercise of state-like power by non-state actors is examined by Callum Harvey and Christopher Moore, through a case study of Meta Platforms Inc. Improving the cybersecurity of critical infrastructure is often a key focus for national cybersecurity strategies. The final two papers in this collection consider some of the challenges. Éireann Leverett and Andrew Cormack provide an interdisciplinary examination of vulnerability patching, to understand what kinds of regulation are most effective in driving the changes needed. Rather than the usual focus on hostile actors, Sarah Backman considers the impact of cyber accidents in the cybersecurity of critical infrastructure. The volume concludes with two book reviews. https://lnkd.in/dgQ35m8n

The rise of artificial intelligence (AI) has spawned a new generation of cyber threats, with readily available deepfake creation tools posing a significant risk to businesses and individuals, according to cybersecurity firm Kaspersky. Deepfakes, which are manipulated media like videos or audio recordings designed to appear genuine, are becoming increasingly sophisticated and easier to create. Kaspersky’s research found deepfake video generation services available on darknet marketplaces for as little as $300 per minute, raising concerns about their potential use in fraud, blackmail, and data theft. #gdnonline #gdnmedia #bahrainnews #bahrain #deepfake

Video No.107 summarises Noting Paper 345 - Capability, Consultation Processes and Operating Model.   https://lnkd.in/gRiEVMnq   #ConsumerDataStandards #ConsumerDataRight #CyberSecurity

From the Breton-Mayorkas Joint Statement on cyber resilience: 'Work together to align, to the fullest extent possible, the requirements and guidelines we issue to drive cybersecurity and reduce the compliance burden to businesses. 'Work bilaterally and with interagency partners to better prepare our collective responses to cyber incidents, including those that warrant rapid and effective support to like-minded countries. 'Jointly advance the cybersecurity of software and hardware in critical cyber policy fields so as to best prepare public administration, businesses, and critical infrastructures for evolving future threats. [YES YES YES] 'This includes creating or formalising regular exchanges on open-source security, Software Bills of Materials (SBOM), and Secure-by-Design for software frameworks including as they align to efforts under the EU's Cyber Resilience Act and broader international cooperation...' [YES YES YES] https://lnkd.in/gJCrhvwP

In an age where data is a powerful currency, safeguarding an organization against the ever-looming threat of data loss requires a proactive mindset. It's not just about firewalls and encryption; it's about fostering a culture of data consciousness. Equip your personnel with the knowledge and tools to understand the value of the information they handle, turning every employee into a guardian of the digital fortress. After all, the strongest defense against data leaks is not just in the codes we write but in the minds we shape within our organization. How do you build a culture where every click, every share, and every decision is a conscious step towards data resilience?

07.01.24. The new #Cybersecurity #Regulation laying down measures for a high common level of cybersecurity at the institutions, bodies, offices and agencies of the EU entered into force. The Regulation lays down measures for the establishment of an internal cybersecurity risk management, governance and control framework for each Union entity, and sets up a new Interinstitutional Cybersecurity Board (#IICB) to monitor and support its implementation by Union entities. It provides an extended mandate of the Computer Emergency Response Team for the EU institutions, bodies, offices and agencies (#CERT-EU), as a threat intelligence, information exchange and incident response coordination hub, a central advisory body, and a service provider. In line with its mandate, CERT-EU is renamed to Cybersecurity Service for the Union institutions, bodies, offices and agencies, but it retains the short name “CERT-EU”. We will be hearing much more about #cybersecurity and #cyberresilience in the months to come. https://lnkd.in/dRAwDPB8

The draft European Union Cyber Resilience Act (CRA) is progressing: 

🔒 Data Protection Day - A Vital Reminder 🔒 📅 Today marks an important occasion for privacy professionals, businesses, and internet users alike - Data Protection Day! Held annually on January 28th, this day serves as a keystone event for raising awareness about the importance of protecting personal data. 💡 Data Protection Day commemorates the signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. It's a day to reflect on the rights we have been granted to safeguard our personal information and the ongoing efforts to protect these rights in the digital age. 🌐 As our lives become increasingly online, the significance of data privacy and security cannot be overstated. From personal details shared on social media to sensitive information provided to online services, the digital trails we leave behind are vast and vulnerable. 🛡️ Here are some thoughts on how we can all contribute to better data protection: 1. Awareness is Key - Educate yourself and others about data privacy rights and the tools available for data protection. 2. Advocate for Transparency - Encourage organizations to be clear about how they collect, use, and share personal data. 3. Implement Strong Policies - For businesses, establishing and enforcing robust data protection policies is non-negotiable. 4. Regular Audits - Conduct regular assessments of data practices to ensure compliance with privacy laws and regulations. 5. Promote a Culture of Security - Make data protection a core value in your professional and personal life. 🤝 Let's take this opportunity to commit to the principles of data protection and ensure that our personal information, and that of others, is treated with the respect and security it deserves. Sources: https://lnkd.in/dZxaYzXT https://lnkd.in/dqh9934C #DataProtectionDay #PrivacyMatters #CyberSecurity #InformationSecurity #DataPrivacy #Convention108 #PersonalData