Study Concludes Cybersecurity Training Doesn’t Work
UC San Diego study finds cybersecurity training ineffective; trained employees still click on phishing attacks. Research suggests enhancing system defenses rather than relying on training.
cybersecurity
The Secret to Audit Success? Think Like Your Auditor
CISO Doug Kersten shares audit preparation tips in a Help Net Security video, emphasizing organization, communication, and team training to avoid common mistakes, improve auditor relations, and enhance security practices.
https://www.helpnetsecurity.com/2025/10/31/ciso-audit-preparation-video/
Top 10 Cybersecurity Frameworks Every CISO Should Know
CISOs should focus on top cybersecurity frameworks: NIST CSF 2.0 for strategy, ISO 27001 for ISMS, CIS Controls v8.1 for safeguards, NIST 800-53 for controls, SOC 2 for assurance, PCI DSS v4.0.1 for cardholder data, MITRE ATT&CK for threat defense, CSA CCM v4 for cloud, IEC 62443 for OT, and NERC CIP for the power grid. Current frameworks ensure compliance and preparedness against regulations, improving overall security postures.
https://programminginsider.com/top-10-cybersecurity-frameworks-every-ciso-should-know/
Why Password Controls Still Matter in Cybersecurity
Passwords remain critical in cybersecurity, often being the weakest link despite advanced protections. Common vulnerabilities include forgotten accounts and user fatigue, leading to predictable password patterns. To enhance security, organizations must implement robust password controls, such as intelligent banned password lists, nuanced rotation strategies, and prioritizing length over complexity. A staged approach to policing passwords, including user education and ongoing monitoring, helps in creating a dynamic security strategy that adapts to evolving threats. Ultimately, effective password management transforms a persistent challenge into a resilient defense mechanism.
https://www.bleepingcomputer.com/news/security/why-password-controls-still-matter-in-cybersecurity/
What Good Software Supply Chain Security Looks Like
Key points:
Threat Increase: Attacks targeting software supply chains have sharply risen, especially in open source components.
Hardened/Distroless Images: Use minimal, security-hardened containers to cut down vulnerabilities, especially in regulated environments.
Compliance Focus: Follow NIST, STIG, FIPS, and SLSA frameworks for assured compliance and traceability.
Disconnected Readiness: Prepare infrastructure and tooling for air-gapped environments and automated compliance management.
Holistic Security: Integrate security across all stages, not just at the beginning of the development process.
https://thenewstack.io/what-good-software-supply-chain-security-looks-like/
AI Agents Can Leak Company Data Through Simple Web Searches
AI agents can inadvertently leak sensitive company data via web searches. Research shows attackers can manipulate webpages with hidden instructions, leading agents to retrieve and transmit confidential information without users realizing it. The model's normal operations mask the attack, which does not require direct manipulation or special access. Varied success rates across 1,068 attack attempts highlight that training practices matter more than model size. Existing defenses often overlook this indirect method, emphasizing the need for robust security measures and monitoring. Organizations must treat AI agents as risky software and establish strict control over their operations.
https://www.helpnetsecurity.com/2025/10/29/agentic-ai-security-indirect-prompt-injection/
Carding and How Businesses Can Prevent It
- Carding Definition: Carding refers to the illegal use and sale of stolen credit card data, which enables unauthorized purchases and facilitates identity theft.
- Theft & Fraud Tactics: Common methods include phishing, hacking, skimming, and bot-based attacks; dark web markets play a central role.
- Business Defenses: Effective prevention uses AI fraud detection, encryption, transaction monitoring, and customer alerts.
- Business & Customer Impact: Carding results in financial losses, reputational damage, increased costs, and emotional distress for victims.
- Tools & Trends: Advancements in fraud and security address evolving tactics with AI and industry best practices.
How Do We Measure Our Defenses Against Social Engineering Attacks?
CISO Series discusses measuring defenses against social engineering attacks, particularly phishing. Hosts David Spark and Mike Johnson question the effectiveness of using phishing click rates as a metric, suggesting they are easily influenced and insufficient. Experts emphasize the need for a holistic approach, focusing on response actions post-click and measuring susceptibility across various channels, not just email. They highlight the importance of a layered security strategy and the evolving sophistication of attacks facilitated by advances like AI. Recommendations include enhancing awareness training and developing contextual metrics to better assess organizational security.
https://cisoseries.com/how-do-we-measure-our-defenses-against-social-engineering-attacks/
The One Cybersecurity Shift Every Business Needs to Make Right Now
As remote work and cloud platforms have dissolved traditional network perimeters, businesses must shift cybersecurity strategies from guarding networks to focusing on user identity, visibility, and smarter authentication. Relying on Zero Trust models and strong authentication methods is essential, while managing risk by controlling devices and allowing productivity tools under specific safeguards. Security now revolves around controlling who has access, not simply defending the network itself.
Ransomware Hackers Look for New Tactics Amid Falling Profits
Ransomware profits are falling, forcing cybercriminals to adopt new tactics and target different victims.
- The percentage of victims paying ransoms dropped below 25% for the first time, and ransom amounts decreased sharply.
- Larger organizations are less likely to pay ransoms, leading to fragmentation of the ransomware landscape and more attacks on midsize organizations.
- New tactics include:
- Recruiting or bribing insiders, especially at large, high-value organizations.
- Social engineering helps desks and launches supply chain attacks.
- Callback phishing, manipulating victims through real-time phone negotiation.
- Sending personalized ransom demands using compromised or fake email accounts.
- Smaller ransomware groups are more active, resulting in unpredictable targets, including regions and sectors previously less affected.
- Enterprises are urged to strengthen their insider threat programs amid increasing efforts by hackers to recruit insiders.
https://www.databreachtoday.com/ransomware-hackers-look-for-new-tactics-amid-falling-profits-a-29867