The world’s full of information-borne threats to society – from active baddies to those who support them. As professionals, there is a lot we can and should do to stop these.
The CyAN Blog
Cybersecurity Advisors Network’s blog is a forum for CyAN members and friends to present their work and analysis to the broader information security community.
The Augmented CISO: How AI is Transforming Cybersecurity Compliance
As cybersecurity regulations tighten, AI is transforming the CISO’s role, automating audits, enhancing risk assessments, and ensuring real-time compliance with NIS2, DORA, and the AI Act. While AI streamlines security governance, challenges around transparency and bias remain. This article explores how Retrieval-Augmented Generation (RAG) enhances traceability and reliability in cybersecurity compliance.
Behind the Posts: How I Identify My Top 10 Cyber Threat Groups Each Week by Dan Elliott
How I separate noise from real risk… I’ve been asked numerous times how I select the threat groups I write about – why one and not another. So, I thought I’d take a perfectly good Sunday afternoon to share. MITRE currently tracks at least 133 cyber threat groups and Microsoft more than 1,500. Much like […]
Cybersecurity Developments in the Caribbean: Regional Collaboration and Strategic Growth by Dale Connell
The Caribbean is taking significant strides in enhancing its cybersecurity resilience through regional collaboration, strategic planning, and proactive policy-making. With the increasing prevalence of cyber threats, nations in the region are working together to strengthen digital security and combat cybercrime. Regional Collaboration and Cyber Resilience Strategy In January 2025, cybersecurity experts from The Bahamas, Barbados, […]
CyAN Supports the Fight Against the UK’s Anti-Privacy Overreach
CyAN supports the effort against the UK Home Office’s attempt to force Apple to incorporate back doors in its end-to-end encryption.
Your Browser’s Betrayal:Understanding Syncjacking Attacks
In a recent feature from (In)Securities, Bill Toulas of BleepingComputer highlighted an emerging cyber threat known as “syncjacking.” This method exploits the synchronization features of browsers like Chrome to hijack user sessions across devices. By seducing users into installing malicious extensions, attackers gain access to synced data, including passwords, browsing history, and authentication tokens. With […]
Enhancing Cybersecurity: A Safer Internet Day Reflection on Protecting the Vulnerable
Safer Internet Day: A Call for Responsibility As we observe Safer Internet Day, we are reminded of our collective responsibility to foster a digital environment that is secure and respectful. This global observance not only promotes safer and more responsible use of online technology but also underscores the critical role of cybersecurity in safeguarding all […]
Delving into the Shadows: An Approach to Identifying Obscure Cyberattacks
By Shantanu Bhattacharya Posted on February 06, 2025 | Originally published on RSAC Conference 📌 Read the original article on RSAC Conference In the ever-evolving landscape of cybersecurity, attackers are constantly seeking new ways to bypass traditional defenses. This blog delves into the often-overlooked methods they use, focusing on how obscure techniques, specifically within UNIX […]
Australia’s Digital Destiny: Leading the Charge for Online Freedom
Introduction In today’s interconnected world, the importance of digital rights cannot be overstated. While the European Union is making commendable strides in this arena, Australia stands at a pivotal juncture to assert its leadership in championing online freedom. The nation’s commitment to democratic values, coupled with a robust technological infrastructure, uniquely positions it to influence […]
An Opportunity For the EU to Support Digital Freedom
The EU has a great opportunity to fill the gap left by US withdrawal of funding for digital privacy and rights initiatives worldwide