By Joe Fay  Workers told to make more use of cyber ranges, conferences and webinars as skills gap just gets bigger. The US Department of Defense (DoD) is overhauling the recruitment and training of its cyberspace workforce, providing a template for other public and private sector organizations battling both a growing cyber threat and widening skills gap.  The DoD’s Cyber Workforce Strategy stands as a potential model for how other public and private sector organizations should be reshaping their cybersecurity teams and nurturing talent.  When the US-based Bipartisan Policy Centre detailed the “Top Risks in Cybersecurity 2023”, it highlighted the impact of geopolitical uncertainty, an accelerating cyber arms race, an erratic regulation environment and economic headwinds that are likely to

As geopolitical tensions continue, cyberwarfare has taken its toll on the world. Last July, the FBI, CISA and the Department of the Treasury issued a joint advisory about North Korean hackers targeting U.S.  healthcare systems. Another warning was issued about Russian state-sponsored CNI attacks aimed against Ukraine or organizations providing materiel support. Alarmingly, the last few years have seen cyberattacks on oil and gas (Colonial Pipeline), nuclear operations (Iranian nuclear facility, Kansas nuclear plant, Stuxnet) and water utilities (Oldsmar, Israeli facilities) among others.  In response, more CNI-geared legislation is on the way. The most game-changing move on this front last year for the U.S. was the Cyber Incident Reporting for Critical Infrastructure Act of 2022. It marks an important milestone

By John E. Dunn  It’s little surprise that many people are skeptical about the rapid encroachment of artificial intelligence (AI) and machine learning (ML) into daily life. However, should cybersecurity professionals be more positive about the benefits for the field?  (ISC)² asked its members and candidates – experienced cybersecurity practitioners as well as those at the beginning of their career – whether or not they were concerned about the growth and adoption of both AI and ML in different scenarios. The results of the straw poll of 126 people revealed a consistently high degree of concern and skepticism about the increasing adoption and integration of AI and ML into all facets of consumer and business technology.  When asked whether they

By Joe Fay Not even a pyramid scheme – they just convince people to give away their money.  A network of crypto scammers has been able to game YouTube’s algorithms to publicize and amplify fraudulent investment apps without triggering the video platform’s safety team, researchers at WithSecure have said.  The network used YouTube to post and boost videos encouraging victims to take part in fraudulent USDT (Tether) cryptocurrency investment schemes. Users were promised lucrative returns when they moved cryptocurrency from their wallets into wallets associated with the “apps” highlighted in the videos.  WithSecure Intelligence Researcher Andy Patel tracked over 700 URLs hosting the suspect apps, although thousands more could be implicated. Patel said his analysis during the latter half of

By Joe Fay  Australia to scrap cybersecurity rules as part of a new regime, ransoms bankroll further ransomware attacks, Dole and PyPi attacked, while the European Commission calls time on TikTok.  Australia to Overhaul Cybersecurity Rules  The Australian government is overhauling its approach to cybersecurity and will create a new agency to coordinate responses to cyberattacks and manage investment. The plans follow publication of a discussion paper on cybersecurity following recent high-profile attacks, including one that affected telco Optus. The minister for home affairs, Clare O’Neil, described the current regime as “bloody useless.”                       AT&T Selling a Cybersecurity Business, Trend Micro Buying One  AT&T plans to offload its cybersecurity division. The