CyAN member and VP Kim Chandler McDonald has published several articles under the “16 Days of Activism Against Gender-Based Violence” campaign.
The CyAN Blog
Cybersecurity Advisors Network’s blog is a forum for CyAN members and friends to present their work and analysis to the broader information security community.
Europe: Prepare for (Cyber) War…
Si Vis Pacem… A recent article published in the Frankfurter Allgemeine Zeitung (FAZ – soft paywall) about Germany’s “Operationsplan Deutschland” (English version of the informational brochure here), or OPLAN DEU, has drawn media attention to escalating tensions between the EU and aligned countries, and Russia, accelerated since Russia’s 2022 invasion of Ukraine. The operational plan […]
Offensive AI Against Disinformation
This 100% entirely dead-serious (pinky promise) article proposes the use of artificial intelligence as a scalable, economic, and effective counter to disinformation.
Faking GitHub Commits – What Could Go Wrong?
Found: a tool creating dummy GitHub source code commits to help programmers game job evaluation mechanisms. This illustrates a deeper issue with how badly designed incentives can have serious security consequences.
Keep an Eye on the United Nations Cybercrime Convention
The proposed United Nations Cybercrime Convention creates several provisions to enhance international cooperation in the fight against digital crime. Unfortunately, it also contains numerous flaws that could seriously undermine individual rights and privacy.
Subsea Cables Part II – Mind the Sharks
Join us for the second episode of our two-part discussion about subsea cable communications.
Subsea Cables – A Crunchy Target
In the latest State of (Cyber)War episode, Hugo Tarrida and John Salomon discuss the history and current situation surrounding the world of undersea comms infrastructure,
Security is everyone’s responsibility : Crowdstrike and Microsoft
In recent event of global outage caused by Crowdstrike update resulting in BSOD ( Blue screen of death) as security professional and as operations head it’s important to learn the lesson and reduce the changes of this. Otherwise, we have for sure larger catastrophic failures coming in future. Lesson #1 — Control/process effectiveness We have […]
Some Quick Thoughts on the Crowdstrike “Issue”
The July 2024 CrowdStrike update fiasco was likely due to a combination of software monoculture, poor QA, and lacking operational risk management.
CyAN’s Position on the Proposed EU “Chat Control” Regulation
The draft European Union Regulation to Prevent and Combat Child Sexual Abuse would be ineffective at protecting children, violates fundamental rights, creates information security challenges, and bears numerous other risks to European digital society.