cybersecurity

Embedding Threat Intelligence and Practical Training in ICS Cybersecurity Awareness for Frontline Resilience

By / Blog / ,

Rethinking ICS cybersecurity focuses on embedding threat intelligence and practical training into awareness programs for frontline resilience. Traditional IT-centric views are inadequate due to rising state-sponsored threats. Organizations are shifting from mere compliance to a culture of cybersecurity, emphasizing safety, operational continuity, and employee empowerment. Dynamic role-based training, powered by AI, helps counter misinformation and improve real-time threat detection. Engagement, tailored training, and continuous assessment enhance security posture. ICS environments face unique challenges, necessitating specialized knowledge on risks tied to safety and engineering. As cybersecurity threats evolve, fostering a psychologically resilient workforce becomes essential, prioritizing verification and critical thinking to combat AI-driven deception and elevate operational safety.

https://industrialcyber.co/features/embedding-threat-intelligence-and-practical-training-in-ics-cybersecurity-awareness-for-frontline-resilience/

Responding to Cloud Incidents: a Step-by-Step Guide From the 2025 Unit 42 Global Incident Response Report

By / Blog / ,

Cloud incidents are increasing and require specific investigation methods focused on cloud assets, identities, and configurations rather than traditional endpoints. Unit 42’s recommended response process includes the following steps:

Scope and Mindset for Cloud Investigations

  • 29% of incidents in 2024 involved cloud or SaaS environments.
  • Cloud investigations prioritize identities, misconfigurations, and service interactions.

Step 1: Triage and Scoping

  • Establish event timeline and detect abnormal activity.
  • Identify affected assets (VMs, IAM, storage, containers).
  • Address logging gaps—enable and retain logs for at least 90 days.

Step 2: Evidence Collection

  • Collect audit/resource logs, VM/container snapshots.
  • Capture volatile artifacts quickly as cloud environments are ephemeral.

Step 3: Identity and Role Forensics

  • Investigate IAM settings, login patterns, escalation attempts.
  • Watch for identity hopping and privilege misuse.

Step 4: Lateral Movement and Persistence

  • Detect movement across regions/services using existing credentials.
  • Use behavioral baselining to spot anomalies, not just failed logins.

Step 5: Containment, Eradication, Recovery

  • Contain compromised assets quickly without alerting attackers.
  • Remove persistence, rotate credentials, and validate remediation.
  • Restore operations, patch vulnerabilities, and monitor for follow-up attacks.

Recommendations

  • Centralize logs, develop IR playbooks, and prepare forensic sandboxes.
  • Institutionalize lessons learned to improve future incident response.
  • Adopt zero trust principles and use specialized security assessments and retainers for support.

https://unit42.paloaltonetworks.com/responding-to-cloud-incidents/

Employees Regularly Paste Company Secrets Into ChatGPT

By / Blog / ,

TLDR

Employees risk data security by sharing sensitive information with ChatGPT, with 45% using generative AI tools and 22% pasting PII/PCI data. This raises compliance and data leakage concerns, as 82% of data shared is from unmanaged accounts. ChatGPT leads AI adoption in enterprises at 43%, while Microsoft Copilot sees low usage (2%). Security measures like enforced Single Sign-On are essential to mitigate risks.

https://www.theregister.com/2025/10/07/gen_ai_shadow_it_secrets/

Cloud Compliance Requirements: What You Need to Know

By / Blog / ,

Cloud compliance is becoming a strategic necessity for businesses operating in multiple regions and sectors. Major regulations, such as GDPR, HIPAA, and PCI DSS, dictate how data is handled, driving system design and vendor selection. Non-compliance can result in severe fines, delayed launches, reputational damage, or even loss of market access. Certifications such as ISO 27001, SOC 2, and FedRAMP are increasingly prerequisites for customer and partner trust, while frameworks like NIST and CIS help ensure daily operational discipline. To keep pace with evolving laws surrounding privacy, AI risk, digital sovereignty, and industry-specific requirements, organizations must integrate compliance into their core cloud strategy, adopt ongoing monitoring, and ensure leadership remains directly involved. This approach turns compliance from a defensive burden into a competitive advantage and a key proof of enterprise readiness.

https://appinventiv.com/blog/cloud-regulatory-compliances-guide/

Are We Paying Enough Attention to the AI Risks?

By / Blog / ,

KPMG Legal Reimagined outlines the primary legal, regulatory, and ethical risks associated with organizations utilizing AI. Key themes and takeaways:

  • Regulatory Landscape: Laws vary; the EU has the AI Act with strict requirements, while the UK is using decentralized, principle-based oversight.
  • Ethical Considerations: Focus on transparency, explainability, bias, and fairness. Ethics boards are used to oversee these issues.
  • Third-Party Risk: AI risk extends to suppliers; due diligence and contracts are vital.
  • Data Protection: Personal data must always comply with laws like GDPR; clear privacy notices are mandated.
  • AI and Copyright: Tension exists between using AI and creative industries’ rights; guidelines limit how legal data and generative AI can be used.
  • Pace of Change: Rapid AI advancements challenge legal professionals to keep up with new technologies and laws.
  • Opportunities for Legal Teams: AI can improve legal workflows and create new skill needs; leaders should plan for evolving roles and tech adoption.

https://kpmg.com/se/en/insights/newsletters/legal-reimagined/2025/are-we-paying-enough-attention-to-the-ai-risks.html

Finance Sector Most Affected by GDPR Data Breaches

By / Blog / ,

Between 2023 and Q1 2025, the finance sector reported the highest number of GDPR data breaches in the UK, with 3,820 cases. This includes 2,175 reported specifically by finance, insurance, and credit companies. Other sectors with high breach numbers include education, childcare, retail, and manufacturing. Data breaches range from sending emails to the wrong recipients to cyberattacks, and they are more common in sectors that hold sensitive data. Most incidents are reported in the fourth quarter of each year.

https://www.financialreporter.co.uk/finance-sector-most-affected-by-gdpr-data-breaches.html

Making Cybersecurity Training a Priority for Everyone

By / Blog / ,

TLDR: Cybersecurity relies on skilled users, not just technology; 95% of data breaches in 2024 were due to human error. Investment in user education and reskilling is essential. Training must be relevant and encompass all employees, not only specialists. With AI's rise, ethical understanding and critical thinking in cybersecurity training are critical. Cybersecurity should be a collective responsibility, integrated into daily life, and treated as a public good requiring cooperation and constant adaptation.

https://www.weforum.org/stories/2025/10/cybersecurity-people-not-just-technology/

Council Post: Cybersecurity Is No Longer Just An IT Problem—It’s a Business Imperative

By / Blog /

Cybersecurity has become a top business concern, integral to growth, trust, and corporate reputation. It’s no longer just a technical or IT problem; organizational leaders at all levels must treat it as a vital part of business strategy. Regulatory measures and global pressures demand board-level involvement. Companies succeed when cybersecurity is woven into their culture, governance, and strategic decisions—not simply left as an IT task. Smart businesses align their security efforts with overall business goals, investing in people, culture, and adaptive strategies to remain resilient and competitive.

https://www.forbes.com/councils/forbestechcouncil/2025/10/03/cybersecurity-is-no-longer-just-an-it-problem-its-a-business-imperative/

EU Consistently Targeted by Diverse yet Convergent Threat Groups

By / Blog / ,

ENISA's 2025 Threat Landscape report reveals heightened cyber threats to the EU, detailing 4,875 incidents primarily involving DDoS attacks (77%), with hacktivism leading (80%). Ransomware poses a significant threat, fueled by increased cyber dependency and collaborative tactics among threat groups. Phishing remains the top intrusion method (60%). Public administration is the most targeted sector (38.2%), emphasizing the need for enhanced cybersecurity measures in critical infrastructures. The report highlights the growing influence of AI and vulnerabilities in mobile devices.

https://www.enisa.europa.eu/news/etl-2025-eu-consistently-targeted-by-diverse-yet-convergent-threat-groups

NIS2 Explained in Detail for Small and Medium-sized Enterprises

By / Blog / ,

NIS2 Directive mandates enhanced information security for around 29,500 German companies, impacting SMEs by shifting responsibility to top management. Key obligations include implementing an Information Security Management System (ISMS), risk management, compliance reporting, and business continuity plans with fines up to €10 million. The regulation integrates with existing laws like GDPR, creating a comprehensive governance framework essential for economic stability and supply chain security. Immediate actions for companies include assessing impact, establishing ISMS, embedding risk management, and ensuring management accountability.

https://morethandigital.info/en/nis2-in-detail-for-small-and-medium-sized-enterprises/

Scroll to Top