The Psychological Impacts of Cyberattacks What I will call the “Heroes” Let’s Rewrite the Story of a Cyberattack – Alternate History of a winning scenario Excerpt From the Interview Typical identification factor: “Right reflexes, right roles — from click to crisis” About the Author Didier …
CyAN is nearing the end of its spring 2025 mentorship programme. We extend a sincere thank you to our members who have agreed to contribute to the development of new talent entering the information security sector: Saba Bahgeri (Australia), Mohammed Shakil Khan (UAE), Mathew Nicho (UAE), Shantanu Bhattacharya (Australia), Bharat Raigangar (UAE), and John Salomon (Spain), and to the mentees they have worked with for 3 months.
In 2023, our then-Secretary General James Briscoe and I decided that it would make sense for CyAN to try and create a mentorship programme. CyAN’s mission includes contributing to the security, trust, safety, and resilience around the global information space. This involves helping to strengthen the talent pipeline for an industry perpetually struggling with identifying and supporting new professionals.
More importantly, mentorship is a way for CyAN members to share their knowledge and experience with the next generation. Many of us were fortunate enough in the early stages of our careers to benefit from established experts who took the time to help us getting started, whether by answering questions or making introductions to their own networks; it seemed only fair to give the CyAN community a way to do the same. As importantly, mentorship is a great way for those of us with long careers behind us to learn from fresh faces about new technologies, norms, attitudes, and methods of working. Every generation brings new experiences and approaches that can help us as mentors continue to develop our skills and ways of thinking, as we help our successors to leverage and develop their own qualities.
The 2023 pilot was an experiment in learning-by-doing. CyAN had a lot of opportunity to expand our membership and activities after its first few years of existence, and the launch of our mentorship project was just one of many ways to get members engaged and to raise CyAN’s profile across the industry. With 6 mentors and 7 candidates, everything about the pilot was improvised, sometimes from scratch, sometimes from borrowing from our experience with other such initiatives. Nonetheless, the pilot was a rewarding experience all around, with several of the candidates going on to join CyAN as active and contributing members. We look forward to the contributions the mentees will make to CyAN, whether through blog posts, podcasts, presentations, or other ways of teaching us about their own projects and knowledge, and in turn encourage all CyAN members to continue to support them as new members, with the same level of networking help and other professional support that is a hallmark of our professional community.
After a break in 2024 to focus on membership growth and consolidation, we’re now nearing the end of our second mentorship run. The cohort of candidates is refreshingly diverse, including both female and male students and recent graduates from the APAC and South Asia region, while 2023 was more focused on EMEA and North America. Likewise, our mentors represent the demographics of our growing membership, whether in terms of professional profile, location, or who they are as individuals.
As our first intake for 2025 starts wrapping up, we are already planning for a second group of mentors and candidates in the second half of the year. We’re in discussion with numerous other friendly associations and schools to identify promising candidates for the next intake, and look forward to bringing yet another group of fresh, motivated, smart faces into the organisation.
26 May – 01 June 2025 Our new CVE of the Week is high severity vulnerability, CVE-2025-34027, has been identified and is making waves across the cybersecurity landscape. It affects Versa Concerto, an orchestrator and interface to configure and monitor Versa OS devices in Secure …
We are honoured to welcome back Bjørn Ihler, Director of the Sweden-based Khalifa Ihler Institute, as well as founder and CEO of consulting firm Revontulet in Norway. A survivor of the 2011 Utoya Island massacre, Bjørn is an internationally recognised authority and speaker on the topic of terrorist and violent extremist content (TVEC), and has been a major driver of collective efforts to prevent, identify, track, and counteract terrorism both online and in the “real world”.
In this third part of our conversations about terrorism, Bjørn and John touch on freedom of speech, obligations of companies and individuals, how the law handles extremism, and how to support survivors of extremist violence.
See here for part I of this series. Part II is here
As always, we haven’t read all of these in their entirety, and the Wikipedia links are provided as-is, and only meant as a starting point for someone interested in more than just casual information.
01:08 Specifically, the US Bill of Rights. “Congress shall make no law respecting an establishment of religion, or prohibiting the free exercise thereof; or abridging the freedom of speech, or of the press; or the right of the people peaceably to assemble, and to petition the Government for a redress of grievances.” – https://www.archives.gov/founding-docs/bill-of-rights-transcript
01:10 Universal Declaration of Human Rights – https://www.un.org/en/about-us/universal-declaration-of-human-rights
01:40 Germany does not have a “constitution” per se, rather it has the Basic Law (Grundgesetz): https://www.gesetze-im-internet.de/englisch_gg/englisch_gg.html
Also, this is incorrect – the ban on such symbology with exceptions for educational and similar constructive uses, is in Strafgesetzbuch (criminal law) section 86a – https://www.gesetze-im-internet.de/stgb/__86a.html (German link). Wikipedia has a whole section on it – https://en.wikipedia.org/wiki/Strafgesetzbuch_section_86a
01:49 Not just nazi symbols, but here’s a list of restrictions on those – https://en.wikipedia.org/wiki/Bans_on_Nazi_symbols
01:52 Still work in progress as of time of recording – https://yle.fi/a/74-20162044
02:26 The German-language movie “Er Ist Wieder Da” is a great watch, and would be funny if it weren’t so not funny – https://www.imdb.com/title/tt4176826/
03:19 Specifically the “paradox of tolerance” in The Open Society and Its Enemies – https://en.wikipedia.org/wiki/Paradox_of_tolerance and https://en.wikipedia.org/wiki/The_Open_Society_and_Its_Enemies
05:16 https://en.wikipedia.org/wiki/Maslow%27s_hierarchy_of_needs
06:18 Pesky civil rights – https://en.wikipedia.org/wiki/Fourteenth_Amendment_to_the_United_States_Constitution
07:36 Along with a whole lot of other factors, but hey, we’re not here for academic rigour – https://en.wikipedia.org/wiki/West_German_student_movement
07:41 Mentioned in a previous episode – https://en.wikipedia.org/wiki/Rote_armee_fraktion
07:44 The “Baader-Meinhof Gang” was actually pretty much the same as the RAF
07:50 E.g. https://www.dw.com/en/germany-far-right-extremism-bundeswehr-military-afd/a-72570910
08:26 https://en.wikipedia.org/wiki/National_Democratic_Party_of_Germany – among others
08:36 https://en.wikipedia.org/wiki/2025_German_federal_election
Interestingly, and we won’t link to the original Twitter post, some other comparisons – https://files.catbox.moe/xw2d0b.mp4
09:18 Also Éric Zemmour, whose far-right “Reconquête” (Reconquest) party placed 4th in the 2022 presidential elections, with ca. 7% of the vote, while Le Pen’s far-right-but-not-quite-as-far-right RN garnered almost 41.5% in the second round of voting – https://en.wikipedia.org/wiki/2022_French_presidential_election
15:26 “Doxxing” is a common technique across the entire political spectrum. We won’t go into whether it’s good or bad, but it’s fairly widespread.
16:54 Among a bunch of other things in there – https://facebookpapers.com/
An overview of the Myanmar-specific issue – https://www.amnesty.org/en/latest/news/2022/09/myanmar-facebooks-systems-promoted-violence-against-rohingya-meta-owes-reparations-new-report/
John Oliver has done several episodes on the topic, for the short-attention-span crowd, such as https://www.youtube.com/watch?v=nf7XHR3EVHo
17:16 https://en.wikipedia.org/wiki/Stochastic_terrorism
17:48 One of several US concepts around limitations of speech, this one was defined in the case Brandenburg v. Ohio, and is the current measure of what sort of speech can be banned – https://en.wikipedia.org/wiki/Imminent_lawless_action
19:46 FAANG – Facebook, Apple, Amazon, Netflix, Google
24:09 DSA – https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=legissum:4625430
DMA – https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=legissum:4622237
Terrorist Content Online Regulation – https://eur-lex.europa.eu/eli/reg/2021/784/oj/eng
25:37 Not only “formal” moderation, but also paid community “standards” enforcers. Check out our podcast on China’s 50 Cent Army – https://www.youtube.com/watch?v=xBAJ2rBKrMc
37:31 https://stisa.network – good organisation
38:38 “Recht am Eigenen Bild” – https://de.wikipedia.org/wiki/Recht_am_eigenen_Bild (German-language article for multiple countries)
You can find CyAN’s Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors. All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn – links on our Media page.
19 – 15 May 2025 Multiple high-severity vulnerabilities were responsibly disclosed in VCF by Gustavo Bonito of the NATO Cyber Security Centre. From among these, our #CVEOfTheWeek is CVE-2025-41229. This is a Directory Traversal vulnerability, which might allow a malicious actor with network access to …
Our friends at Cyber Made in Poland are holding the 2025 Cybersec Expo & Forum in Krakow, Poland from June 11-12.
Join 2,000 participants and meet over 100 partners and exhibitors at Tauron Arena Kraków.
Check out this great event for hands-on product demos, workshops and trainings, data protection, expert talks, panel debates, and much more! Register now with the code: CS35OFF and get 35 EUR off your ticket.
Where? Tauron Arena Kraków
📅 When? June 11–12, 2025
👉 https://2025.cybersecforum.eu
Please welcome our newest member from Australia, Sapann Talwar Sapann is a seasoned Cybersecurity and Risk management practitioner with 26+ years of industry experience. He specializes in safeguarding ‘Data’ against evolving cyber threats and has a strong track record in developing and executing security strategies …
