Security researchers have detected a vulnerability in YubiKey two-factor authentication tokens that enables attackers to clone the device, its manufacturer Yubico announced this week.
“AI allows us to upskill our entire team”
By implementing AI and automation tools in the right way, a significant opportunity arises to drive career growth in security teams, according to Ian Stacey, Group Head of Information Security at Novuna and Callum Taylor, Cybersecurity Product Owner at Novuna.
Quishing: an evolving threat
The ongoing changes in QR code phishing, or quishing, show us that it is important to be observant and to not heavily rely on our email security systems.
“NIS2 challenges us CISOs to concretize our work”
By making security concrete and tangible, the implementation of NIS2 will create more understanding for the role of CISO, says Justin Broeders, concern-level CISO at the Ministry of Finance.
What’s the cost of downtime?
What happens when a large organization faces DDoS attacks, software failures, or even a company-wide hack? While the direct costs of unplanned downtime are easily visible, organizations should not underestimate the indirect, or hidden costs of digital failures.
“Building collaboration in the Dutch security ecosystem is key to protecting our country”
As CISOs, we have a responsibility to drive collaboration and technological innovation within the Netherlands, says Mahdi Abdulrazak, Group Information Security and Risk Officer at SHV Energy, a leading global distributor of off-grid energy.
“Become the enabler, not the blocker”
A great CISO is one who can embrace innovation and new business goals, but at the same time, knows how to create awareness about security risks, says Luisella ten Pierik, CISO of regional grid operator for electricity and gas Stedin and manager of their CIO Office.
Are you ready for NIS2?
Although the Dutch legislation for NIS2 is running behind, the Dutch business sector should start getting their things in order, especially if they are dependent on international customers and suppliers.
Offensive cyber ops continue to increase, MIVD calls for adequate mandate, legal revisions
The Netherlands remains an important target for Russian cyberoperations, and threats are only increasing, the Dutch Military Intelligence and Security Service (MIVD) mentioned in its yearly report. The Service calls for an adequate mandate so it can effectively carry out the necessary investigations against these offensive cyber programs.
Open-source software supply chain attacks are on the rise – but they’re mainly our own fault
The recently discovered XZ Utils backdoor has highlighted the vulnerabilities in open-source software. However, although open-source software supply chain attacks have tripled since 2019, most of them are easily preventable.
The Great Reset – Why we haven’t yet seen the end of the Big Tech layoffs
After seeing two years of post-pandemic economic downturn and massive layoffs in the tech sector, recovery seemed to be on the radar for 2024. However, jobs continue to be impacted. But in the cybersecurity industry the shift to AI and low interest rates, that facilitate finding capital, have led to an increase in hiring.
Your vote, your voice?
Attempts to meddle in election processes through cyberattacks have increased drastically, and the methods with which hostile actors try to infiltrate society are continually evolving. Cybersecurity professionals have a role to play in this trend by educating the general public about these risks so that more stakeholders can act as a defense against hostile state actors.
A hacker’s wishlist for Christmas
Every year, cyberattacks increase dramatically during the holiday season. Criminals know how to take advantage of a busy season in which companies endure chaos and employees are busy, stressed, tired, and ready for a break.
“This is your CEO calling. Can you pay this invoice for me?”
In many companies, artificial intelligence is slowly getting ingrained in work processes. Generative AI tools such as ChatGPT make it easy to replace time-costly processes such as generating summaries, creating marketing content, and automating customer service.
Yet, AI evolves at high speed, and the business sector needs to wake up. Looking at the biggest cyber security trends in 2024 that everyone must prepare for, generative AI is on top of the list, according to Forbes. Cybercriminals are increasingly incorporating AI in their attacks, ranging from deepfake social engineering attempts to automated malware.
Fighting cybercrime in a more targeted way with “Melissa”
On October 3, the “Melissa” covenant was signed by The Public Prosecution Service (OM), the police, the NCSC, Cyberveilig Nederland, and ten private parties. In this partnership, the groups join forces to fight cybercrime in a more targeted way, to increase the chances of catching cybercriminals, and to reduce the chance of impact for victims.
The threat landscape evolves: CISOs need to advocate for better cyberresilience
While the threat landscape is continuously evolving, our attack surface is growing too, says Dimitri van Zantvliet, Director Cybersecurity & CISO at NS and one of the initiators of the CISO community. CISOs have a vital role in convincing boards to act now. In...
Moving toward a decentralized digital identity – what’s changing?
In the next few years, the EU expects 80% of citizens to use digital identity for public services. While moving to a decentralized digital identity framework will provide opportunities for every industry, companies must anticipate the changes.
“CISOs should have a prominent place on the board – and beyond”
The CISO will be an important stakeholder in the coming years, according to Rob Beijleveld, one of the initiators of the CISO community. CISOs have to take steps to develop their role, increase cybersecurity awareness, advocate for changes, and show that they deserve that seat at the table.