Tag: CyAN

Cyber (In)Securities – Issue 132

Information Security News Elon Musk’s Starlink Could Be Used to Transmit Australian Election Voting Results The Guardian by Josh TaylorThe Guardian reports that Elon Musk’s satellite internet service, Starlink, is being considered as a potential method to transmit voting results in Australian elections. This proposal 

Welcome New Member – Abid Malik from Dubai

Welcome New Member – Abid Malik from Dubai

Please welcome our newest member from Dubai, Abid Malik! Abid Malik isn’t just a GRC and cybersecurity advisor—he’s a strategist who turns risk management into business opportunities. With 20+ years of experience across banking, fintech, and multinational sectors, he helps businesses strengthen security, navigate regulations, 

Cyber (In)Securities – Issue 131

Information Security News

EU Looks to Tech Sovereignty with EuroStack Amid Trade War

Biometric Update by Masha Borak
The European Union is making significant strides towards tech sovereignty with the development of EuroStack, a comprehensive technology initiative aimed at reducing dependence on foreign tech giants amid ongoing trade tensions. This ambitious project seeks to bolster the EU’s capabilities in digital services and infrastructure, promoting a self-reliant approach to technology that aligns with its strategic economic and security interests.
EuroStack is poised to enhance data protection, cloud computing, and overall digital autonomy for the EU, marking a pivotal shift in the global tech landscape as Europe navigates the complexities of international trade and tech dominance.
Read more

Trump Coins Used as Lure in Malware Campaign

SecurityWeek by Kevin Townsend
In a novel cyberattack, malicious actors are exploiting the popularity of Trump-themed commemorative coins to distribute malware. This campaign targets supporters through phishing emails that offer a chance to purchase these coins, only to infect their systems with malicious software when they attempt to engage.
The deceptive emails are crafted with convincing details and a call to action that redirects users to compromised websites. This strategy highlights a growing trend of using political memorabilia and current events as bait, reflecting an evolution in social engineering tactics aimed at specific demographic groups.
Read more

Experts Warn of Mass Exploitation of Critical PHP Flaw CVE-2024-4577

Security Affairs by Pierluigi Paganini
Cybersecurity experts are raising alarms about a critical vulnerability in PHP, identified as CVE-2024-4577, which is being exploited on a massive scale. This severe flaw allows attackers to execute arbitrary code on servers running vulnerable versions of PHP, potentially compromising millions of websites and web applications.
The widespread use of PHP in server-side scripting for web development makes this vulnerability particularly dangerous. Security professionals urge immediate patching and updates, as exploiting this flaw can give attackers control over web servers, leading to data theft, site defacement, and further network compromise.
Read more

‘SideWinder’ Intensifies Attacks on Maritime Sector

Dark Reading by Jai Vijayan
The cyber threat group known as SideWinder is intensifying its targeted attacks on the maritime sector, deploying sophisticated tactics to infiltrate networks and steal sensitive information. This group’s activities have raised significant security concerns within the maritime industry, which is crucial for global trade and logistics.
SideWinder’s methods include using advanced malware and phishing attacks to gain access to ship management systems and port authority databases, aiming to disrupt operations and gather strategic data. The escalation of these attacks underscores the need for enhanced cybersecurity measures in critical infrastructure sectors to protect against increasingly adept and persistent threat actors.
Read more

X Outages Reportedly Caused by Massive Cyberattack

ZDNet by Lance Whitney
A significant cyberattack is reported to be the cause behind recent widespread outages of the social media platform X. This attack highlights the vulnerabilities in digital platforms that are increasingly becoming targets for sophisticated cyber threats.
The cyberattack not only disrupted service for millions of users worldwide but also raised concerns about data security and the robustness of infrastructure against such incursions. The incident has prompted urgent calls for stronger cybersecurity protocols and resilience strategies to shield against future disruptions and potential data breaches.
Read more

Multiple Vulnerabilities Found in ICONICS Industrial SCADA Software

Cyberscoop by Derek B. Johnson
Recent findings have revealed multiple vulnerabilities in ICONICS industrial SCADA software, posing significant risks to critical infrastructure systems that depend on this technology for operational control and monitoring. These vulnerabilities could allow cyber attackers to manipulate controls, alter configurations, or even shut down operations, potentially leading to severe consequences in sectors like energy, manufacturing, and water treatment.
The discovery underscores the critical need for continuous vulnerability assessments and prompt patching within industrial systems to safeguard them from potential cyber threats and ensure the continuity of essential services.
Read more

Swiss Critical Sector Faces New 24-Hour Cyberattack Reporting Rule

BleepingComputer by Bill Toulas
Switzerland has introduced a stringent new regulation requiring critical sector organizations to report cyberattacks within 24 hours of detection. This rule aims to enhance national cybersecurity resilience by ensuring swift and coordinated response efforts to digital threats.
The legislation covers entities in essential services such as healthcare, transportation, finance, and utilities, emphasizing the importance of transparency and prompt communication in mitigating the impacts of cyber incidents. The move reflects a growing global trend toward tighter cyber regulations as governments seek to fortify defenses against the increasing frequency and sophistication of cyberattacks.
Read more

Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal Credentials

The Hacker News by Ravie Lakshmanan
Security researchers have uncovered a new polymorphic attack technique that clones legitimate browser extensions to stealthily steal user credentials. This sophisticated method involves altering the code of popular extensions, turning them into trojans that can capture sensitive information such as passwords and banking details without alerting users or security systems.
The findings highlight a significant escalation in browser-based threats, emphasizing the need for users to verify the authenticity of extensions and maintain updated anti-malware solutions. The report calls for heightened awareness and stricter security practices to counteract these deceptive strategies that exploit the trust in commonly used digital tools.
Read more

Rhysida Pwns Two US Healthcare Orgs, Extracts Over 300K Patients’ Data

The Register by Connor Jones
The cyber threat group Rhysida has successfully breached two US healthcare organizations, compromising the personal and medical information of over 300,000 patients. This sophisticated attack highlights the increasing vulnerability of the healthcare sector to cyber incursions, which can have devastating consequences for patient privacy and institutional integrity.
The hackers utilized advanced tactics to infiltrate network defenses and exfiltrate a significant amount of sensitive data, underscoring the critical need for healthcare entities to enhance their cybersecurity measures. This incident serves as a stark reminder of the importance of robust security protocols and continuous monitoring to protect patient information against such malicious activities.
Read more

Former NSA Cyber Director Warns Drastic Job Cuts Threaten National Security

Cybersecurity Dive by David Jones
The former director of NSA’s cyber division has issued a stark warning that significant job cuts within the agency pose a serious threat to national security. These reductions in cybersecurity personnel come at a time when cyber threats are becoming more frequent and sophisticated.
The former director emphasizes that decreasing the number of skilled cybersecurity professionals undermines the country’s ability to defend against and respond to cyber incidents effectively. This alert calls for urgent reconsideration of budget and staffing decisions to ensure the NSA and other critical security agencies are well-equipped to safeguard national interests in the digital age.
Read more

SilentCryptoMiner Infects 2,000 Russian Users via Fake VPN and DPI Bypass Tools

The Hacker News by Ravie Lakshmanan
A new malware known as SilentCryptoMiner is targeting Russian users by masquerading as legitimate VPN and DPI (Deep Packet Inspection) bypass tools. The malware has already infected approximately 2,000 individuals, covertly mining cryptocurrency using the resources of compromised systems.
This campaign highlights the dangers of downloading software from unverified sources, as attackers capitalize on the demand for privacy tools in regions with strict internet regulations. The incident underscores the need for heightened vigilance and the importance of using trusted channels for software downloads to prevent such deceptive and harmful intrusions.
Read more

US Cities Warn of Wave of Unpaid Parking Phishing Texts

BleepingComputer by Lawrence Abrams
Several US cities are issuing warnings about a new phishing scam involving unpaid parking tickets. The scam sends text messages to individuals, falsely claiming they have unpaid parking fines and directing them to a fraudulent website.
Once on the site, victims are prompted to enter personal information, which the scammers can then use for identity theft or financial fraud. This wave of phishing attacks highlights the increasingly cunning tactics used by cybercriminals to exploit everyday situations. Authorities are urging the public to verify any such claims through official municipal channels and to be cautious about providing personal information online.
Read more

NCSA Ordered to Step Up Preparations Against Cyber Warfare

The Nation
The Thai National Cyber Security Authority (NCSA) has been ordered to intensify its preparations against potential cyber warfare threats. This directive comes in response to escalating global cyber tensions and the increasing sophistication of potential cyber-attacks that could target critical national infrastructure.
The NCSA’s enhanced focus aims to bolster the country’s defenses by developing more advanced cyber response strategies, conducting regular security drills, and strengthening collaborations with international cybersecurity entities. This proactive approach is designed to ensure the nation remains resilient in the face of growing cyber threats and can effectively mitigate the impact of any cyber-attacks.
Read more

Internet Shutdowns at Record High in Africa as Access ‘Weaponized’

The Guardian by Eromo Egbejule
Internet shutdowns have reached a record high across Africa, with governments increasingly ‘weaponizing’ access to control information and suppress dissent. This trend is alarming advocates for freedom of expression and digital rights, as shutdowns not only curtail civil liberties but also impact economies and disrupt everyday life.
The use of internet blackouts as a political tool is particularly prevalent during protests, elections, and civil unrest, raising serious concerns about the erosion of democratic norms. This pattern underscores the urgent need for international dialogue and policy interventions to protect internet access as a fundamental right and to prevent its use as a tool for political manipulation.
Read more

Stalked: How a Relentless Campaign of Online Abuse Derailed One Woman’s Life

The Observer by Carole Cadwalladr
This in-depth article chronicles the harrowing experience of a woman whose life was dramatically affected by a relentless campaign of online abuse. It explores the devastating impact of cyberstalking, which included constant harassment, the spreading of personal information, and threats that extended beyond the digital realm into her physical life.
The case study sheds light on the psychological and social repercussions of such targeted attacks, highlighting the insufficient legal protections and the often inadequate response from law enforcement agencies. This story calls for stronger regulatory measures and more robust support systems to protect individuals from cyber harassment and to hold perpetrators accountable.
Read more

White House Cyber Director’s Office Set for More Power Under Trump, Experts Say

The Record by Suzanne Smalley
According to experts, the office of the White House cyber director is poised to receive expanded powers under the Trump administration. This move aims to enhance the national cybersecurity strategy by centralizing authority and improving coordination among various federal agencies involved in cyber defense.
The bolstering of the cyber director’s office reflects an acknowledgment of the growing cyber threats facing the United States and the need for a more unified government response. Experts suggest that this restructuring will enable more effective policy-making and operational decisions in cybersecurity, potentially leading to stronger protections against cyberattacks on national infrastructure.
Read more

Undocumented Commands Found in Bluetooth Chip Used by a Billion Devices

BleepingComputer by Bill Toulas
Recent discoveries have revealed undocumented commands in a widely used Bluetooth chip, present in over a billion devices, raising significant security concerns. These hidden commands, if exploited, could potentially allow attackers to execute arbitrary actions on affected devices without the user’s knowledge.
This vulnerability underscores the critical importance of hardware security and the potential risks associated with overlooked or hidden functionalities in common technology components. The exposure of such commands highlights the need for manufacturers to conduct thorough security audits and for users to ensure their devices are regularly updated to mitigate any potential threats arising from such vulnerabilities.
Read more

Japanese Telecom Giant NTT Suffered a Data Breach That Impacted 18,000 Companies

Security Affairs by Pierluigi Paganini
The Japanese telecommunications giant NTT disclosed a significant data breach impacting approximately 18,000 corporate clients. This breach involved unauthorized access to a wide range of sensitive data, potentially exposing business secrets and personal information.
The incident highlights vulnerabilities in telecommunications networks that can have far-reaching consequences for both the service provider and its extensive client base. NTT has initiated a comprehensive security overhaul and is collaborating with law enforcement to investigate the breach. This event underscores the need for enhanced cybersecurity measures and continuous vigilance to protect against sophisticated cyber threats in an increasingly interconnected world.
Read more

Cyberattacks Targeting IT Vendors Intensify, Causing Bigger Losses

Cybersecurity Dive by Alexei Alexis
The frequency and severity of cyberattacks targeting IT vendors have dramatically intensified, resulting in substantial financial and operational losses. This trend is particularly alarming as IT vendors often serve as gateways to broader networks, making them attractive targets for cybercriminals looking to exploit multiple victims through a single entry point.
These attacks not only disrupt IT operations but also compromise the security of their clients’ data and systems. The article highlights the growing need for IT vendors to implement robust cybersecurity strategies, including multi-factor authentication, regular security audits, and employee training, to mitigate the risks and protect both their assets and those of their clients.
Read more

YouTubers Extorted via Copyright Strikes to Spread Malware

BleepingComputer by Bill Toulas
An emerging cyber threat involves extortion of YouTubers through the manipulation of copyright strike processes to distribute malware. Cybercriminals are targeting content creators by threatening them with copyright strikes, which can severely impact their channel and revenue unless they comply with demands that often include downloading malware-laden software.
This strategy not only exploits the legal copyright mechanisms but also turns them into a tool for cyber extortion. The practice highlights a new form of cybercrime that blends traditional copyright abuse with digital extortion, significantly complicating the security landscape for online content creators. It underscores the importance of vigilance and legal awareness among YouTubers to protect against such sophisticated and damaging attacks.
Read more

Developer Sabotaged Ex-Employer with Kill Switch Activated When He Was Let Go

The Register by Iain Thomson
A developer orchestrated a sabotage attack against his former employer by implementing a kill switch that activated upon his dismissal. This deliberate act caused significant disruption to the company’s operations, as critical systems were disabled, leading to downtime and financial losses.
The incident underscores the potential risks associated with insider threats and the importance of maintaining stringent security protocols, especially regarding access control and monitoring of sensitive systems. The company has since taken steps to bolster its security measures and review its policies to prevent such occurrences in the future, highlighting the need for continuous vigilance and robust security practices in the workplace.
Read more

ANALYSIS

Cybersecurity is a ‘Continual Battle,’ but Industry Can’t Be ‘Complacent,’ Experts Say

Security Systems News by Cory Harris
Experts in cybersecurity are emphasizing that the fight against cyber threats is an ongoing battle that requires constant vigilance and adaptation. This article discusses the ever-evolving nature of cyber threats and the critical importance of staying proactive in cybersecurity practices.
Industry leaders warn against complacency, highlighting that as technology advances, so do the tactics of cybercriminals. Harris, editor of Security Systems News, advocates for continuous investment in cybersecurity infrastructure, regular updates to defensive strategies, and ongoing training for all staff. The message is clear: the cybersecurity landscape is dynamic and requires perpetual effort and innovation to keep data and systems safe.
Read more

Rapid7’s Chief Scientist Warns Australian Businesses to Prioritize Their Ransomware Policies

itWire by Grant Titmus
Rapid7’s Chief Scientist, Raj Samani, has issued a stark warning to Australian businesses regarding the escalating threat of ransomware attacks. Samani is urging companies to prioritize their ransomware response policies and strengthen their cybersecurity defenses to combat this pervasive threat.
His call to action comes amid rising incidents of ransomware across Australia, which are increasingly sophisticated and disruptive. The article highlights the necessity for businesses to implement comprehensive security measures, including regular data backups, employee training on phishing awareness, and robust incident response plans. The emphasis is on preparation and resilience, aiming to mitigate potential impacts and ensure business continuity in the face of these cyber challenges.
Read more

CyAN Members: Op Eds, Articles, etc:

Copy of FY2024 IT and Cybersecurity Spending Analysis (Selected ASX 200 Companies)

CyAN Member Nick Kelly
CyAN Member Nick Kelly provides a detailed analysis of the FY2024 IT and cybersecurity spending across selected ASX 200 companies, revealing significant trends and investment patterns. This report underscores the growing emphasis on cybersecurity in the corporate sector, reflecting increased allocations toward enhancing digital defenses.
Kelly’s analysis points out that despite economic pressures, companies are prioritizing investments in cybersecurity to address the escalating threat landscape. The document serves as a crucial resource for understanding how top Australian companies are strategically positioning their resources to combat cyber threats, offering valuable insights into the prioritization of IT and cybersecurity expenditures in response to evolving challenges.
Read more

Upcoming CyAN (and CyAN Partner) Global Events:

CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence

Keynote by Dan Elliot
📅 Date: March 12
📍 Location: Peoplebank, Sydney
🔗 Event details


Trust & Safety Forum at Forum INCYBER Europe (FIC)

📅 Date: April 1-2
📍 Location: Lille, France
🔗 Event details


CyAN Quarterly Online Members Meeting (CyAN Members Only)

📅 Date: March 19
📍 Location: Online
📩 See emails for details


GITEX AFRICA 2025

📅 Date: April 14-16
📍 Location: Marrakesh, Morocco
🔗 Event details


GITEX ASIA 2025

📅 Date: April 23-25
📍 Location: Marina Bay Sands, Singapore
🔗 Event details


GISEC Global 2025

📅 Date: May 6-8
📍 Location: Dubai World Trade Center, UAE
🔗 Event details


The Cyber Outstanding Security Performance Awards (Cyber OSPAs)

📅 Date: May 8
📍 Location: London, UK
🔗 Event details


World AI Technology Expo UAE

📅 Date: May 14-15, 2025
📍 Location: Dubai, UAE
🔗 Event details


MaTeCC: North Africa Cybersecurity Event

📅 Date: June 7-9, 2025
📍 Location: Rabat, Morocco
🔗 Event details

Cyber (In)Securities – Issue 130

Information Security News House Passes Bill Requiring Federal Contractors to Implement Vulnerability Disclosure Policies SecurityWeek by Eduard KovacsThe U.S. House of Representatives has recently passed a bill that mandates federal contractors to establish vulnerability disclosure policies. This legislative move aims to strengthen the security of 

Cyber (In)Securities – Issue 129

Information Security News Latin American Orgs Face 40% More Attacks Than Global Average Dark Reading by Nate NelsonOrganisations in Latin America are experiencing a surge in cyberattacks, facing 40% more incidents than the global average. This alarming trend underscores the unique cybersecurity challenges in the 

Cybersecurity Investments in Global Banking: Comparative Analysis and Case Studies

Cybersecurity Investments in Global Banking: Comparative Analysis and Case Studies

Scope and (many) Limitations

It is essential to clarify from the outset that this analysis does not seek to establish a direct correlation between cybersecurity expenditure and measurable security outcomes, such as the successful mitigation of cyber threats or financial savings resulting from reduced attack impact. While investment in cybersecurity is a necessary component of a robust defence strategy, the complexity of cyber risk, evolving threat landscapes, and the multifaceted nature of security effectiveness preclude any straightforward causal relationship between financial allocation and security success. This study, therefore, focuses on the strategic prioritisation of cybersecurity investment within financial institutions rather than attempting to quantify its direct operational efficacy.

Furthermore, it is important to note that the financial data presented reflects cybersecurity spending over a multi-year period, albeit one from several years ago. Given that this analysis is conducted in 2025, some figures may not fully capture more recent investment trends, emerging security technologies, or shifts in cyber risk exposure. While historical data provides valuable insight into spending patterns and institutional priorities, it does not necessarily indicate present or future financial commitments.

A subsequent analysis will seek to explore potential correlations between cybersecurity investment and key security outcomes, leveraging publicly accessible data where possible. This follow-up study will critically assess available metrics—such as breach frequency, regulatory penalties, and operational resilience—to determine whether any discernible patterns emerge between financial commitment to cybersecurity and real-world security performance. However, given the inherent challenges of isolating variables in this domain, findings will be framed within the limitations of available data, temporal gaps in financial reporting, and broader contextual industry factors.

Financial Comparisons Across a Handful of Major Banks

Major global banks have dramatically increased their cybersecurity investments in the past five years, both in absolute spending and as a share of IT budgets. Table 1 below compares cybersecurity spending for several top banks (by assets) in 2018 vs. 2022, illustrating these trends. North American banks show some of the highest absolute cyber budgets (hundreds of millions of USD annually), while European banks tend to allocate a slightly higher percentage of their IT budget to security. Asia-Pacific banks historically spent less on cybersecurity (contributing to higher vulnerability rates in that region (Low investments in cybersecurity expose financial sector to threats: Experts – The Economic Times), but are now rapidly ramping up investments as cyber threats intensify globally.

Table 1. Cybersecurity Budget Trends at Selected Major Banks (2018–2022) (link here)

Regional Case Studies

Detailed case studies from different regions demonstrate how major banks are implementing significant cybersecurity initiatives. These examples show how banks tailor their cyber strategies to address region-specific threats and comply with local regulations, while investing heavily to bolster resilience.

North America: JPMorgan Chase & Co.

JPMorganChase, the largest U.S. bank by assets, has made cybersecurity a centerpiece of its technology strategy. In 2019, the bank spent roughly $600 million annually on cybersecurity and employs about 3,000 cybersecurity personnel (With $600 Million Cybersecurity Budget, JPMorgan Chief Endorses AI and Cloud – SecurityWeek). For perspective, this budget was a dramatic increase from preceding years (the bank’s cyber spend doubled from $250 million to $500 million in the mid-2010s (2018 Cybersecurity Market Report), reaching ~$600 million by 2019). JPMorgan’s CEO Jamie Dimon identified cyber risk as perhaps “the biggest threat to the U.S. financial system” (With $600 Million Cybersecurity Budget, JPMorgan Chief Endorses AI and Cloud – SecurityWeek), underscoring why the bank continues to pour resources into cyber defence. JPMorgan’s initiatives focus on advanced capabilities like artificial intelligence and cloud security. Again in 2019, Dimon endorsed a move “all in” on cloud and AI to enhance security, noting the cloud can improve resiliency and scale defenses.

Fast forward to 2024, and JPMorgan’s situation was laid bare by CEO JPM’s Asset Management & Wealth Mary Callahan Erdoes:

Hard numbers on the above were stated during the conference as: $15bn annual technology spend with 62,000 technologists, many of whom were/are focused on cyber specifically.

The firm has built multi-layered defenses and real-time monitoring to handle everything from routine fraud attempts to advanced nation-state threats. U.S. regulatory expectations (from bodies like the FFIEC and New York State DFS) and industry collaboration via the Financial Services Information Sharing and Analysis Center (FS-ISAC) have further driven JPMorgan’s strategy. The bank regularly works with government and industry partners to share threat intelligence and bolster critical infrastructure protection.

Europe: HSBC Holdings plc

HSBC, one of Europe’s largest banks (with a global footprint concentrated in Europe and Asia), has likewise made robust cybersecurity investments and adaptations. HSBC’s annual cybersecurity spending is estimated in the hundreds of millions (USD) – on the order of $600–750 million per year in recent years (Financial Firms Spend Up to $3,000 Per Employee on Cybersecurity). This forms a significant portion of HSBC’s roughly $6 billion overall technology budget (approaching ~10% allocated to security). HSBC’s approach to cybersecurity is heavily influenced by the cross-border regulatory landscape and evolving threats in its key markets. European regulations (think the EU’s General Data Protection Regulation (GDPR) and the PSD2 directive (mandating strong customer authentication)) have pushed banks like HSBC to achieve high standards in data security and fraud prevention. Additionally, EU supervisors (e.g. the European Central Bank) now ask banks for detailed cyber resilience metrics (such as dedicated security staffing) to ensure preparedness (THE CHALLENGE OF ORGANIZING THE BUDGETARY MANAGEMENT OF CYBERSECURITY IN YOUR COMPANY – RiskInsight).

In response, HSBC announced a series of security initiatives to stay ahead of emerging threats. For example, in 2023, HSBC announced that it had become the first bank in the UK to trial quantum cryptography for network security, partnering with BT Group and Toshiba to pilot Quantum Key Distribution for encrypting data between its London data centres (We’re fighting the cyber criminals of the future | HSBC News).

This quote is from former CEO of HSBC Europe, Colin Bell, who highlighted HSBC’s proactive stance on next-generation security. HSBC also continually upgrades more immediate defences: the bank processes 4.5 billion payments a year, and it relies on encryption and real-time threat monitoring to protect those transactions.

Asia-Pacific: DBS Bank (Singapore)
In the Asia-Pacific region, DBS Bank provides a case study in integrating cybersecurity deeply into a digital transformation strategy. DBS is a leading Singapore-based bank operating across Asia, and it has been recognised as one of the world’s most technologically advanced banks. With this digital focus, DBS’s leadership is acutely aware that cyber risk comes hand-in-hand with innovation. A quote from Seng Wei Keng in this FS-ISAC piece sets the tone nicely:

DBS has implemented a multi-layer “onion” security architecture to defend its systems (DBS’ Piyush Gupta explains how the bank deals with digital trust in an era of deep fakes and misinformation – CNA). According to CEO Piyush Gupta, DBS operates under the assumption that some attackers will penetrate outer defences, so the bank emphasises in-depth measures and internal monitoring to limit any potential damage. This includes extensive use of techniques like micro-segmentation of networks, behavioural analytics, and AI-driven anomaly detection to quickly identify and isolate threats. DBS also contracts specialised cybersecurity firms to scour the dark web for any signs of attacks targeting the bank or brand, enabling rapid takedowns of phishing sites and fake domains. These initiatives have earned DBS recognition; it was the first bank to implement an innovative “digital soft token” mobile authenticator (with a money-back security guarantee for customers) and won the regional Cybersecurity Award in 2019 for its security excellence (DBS: On Becoming the Wizard of Digital Transformation).

Regional regulations and threat trends shape DBS’s cyber strategy as well. Singapore’s regulator, the Monetary Authority of Singapore (MAS), imposes stringent Technology Risk Management guidelines, requiring banks to maintain strong cyber governance and report incidents within hours. DBS not only complies but often exceeds these requirements, serving as an industry leader in implementation of measures like secure API frameworks and zero-trust principles. Asia-Pacific has become the most targeted region for cyberattacks globally (31% of all reported cyber incidents in 2022, for example, were in APAC) (Top Cybersecurity Statistics for 2024 | Cobalt), so banks like DBS have had to rapidly elevate their defences. The bank’s investments in cybersecurity have grown annually (while exact figures aren’t public, DBS’s overall tech spending is substantial, and a healthy fraction is devoted to security efforts). By leveraging its tech-forward culture and complying with forward-looking initiatives (for example, MAS’s 2024 quantum-resilience trials with banks (MAS to commence quantum-proofing cybersecurity trials with banks …)), DBS adapts to the region’s unique challenges.

Executive Quotes on Cybersecurity Investments

Leaving the reader with these quotes gives you a sense – at least on paper and in front of the press mic – of the seriousness with which bank executives are taking the cyber threat. Leading banking executives have explicitly underscored the importance of proactive cybersecurity investment and strategy – and it’s clear that the spend, both in total volume and as a percentage of IT spend – supports their intuitions. Whilst data are sometimes a bit hard to nail down, what’s clear is that major banks, globally, are spending with vigour. (How effective spend is in reducing loss from cyber attacks is a topic for another article, although successes like that of DBS, for example, suggest risk and impact can be managed well.)

Below are selected quotes from CEOs and board-level leaders at major banks over the past years, highlighting their perspectives on cyber initiatives and commitment:

  • Brian Moynihan (CEO, Bank of America): “I go to bed every night feeling comfortable that [our cybersecurity] group has all the money, because they never have to ask… You’ve got to be willing to do what it takes at this point.” (Making the Right Investment in Cybersecurity | Bank Director – thank you Emily McCormick for the nod to the quote drawn from a 2015 interview with Bloomberg in which Moynihan 2015 described giving “unlimited” budget to cybersecurity, reflecting an open-ended commitment to cyber defence. *And that was 2015!
  • Jamie Dimon (CEO, JPMorgan Chase): “Cybersecurity…may very well be the biggest threat to the U.S. financial system,” he warned, while noting the growing mobilisation of industry and government to combat it (With $600 Million Cybersecurity Budget, JPMorgan Chief Endorses AI and Cloud – SecurityWeek).
  • Colin Bell (CEO, HSBC Bank plc & HSBC Europe): “Our customers, clients and employees expect us to have safe and secure operations and resilient cybersecurity, so we must stay ahead of the curve… That’s why we’re already preparing our global operations for a quantum future. We’re…investing in strong, strategic partnerships to explore how we could deploy these technologies as they develop.” (We’re fighting the cyber criminals of the future | HSBC News) (Emphasising a forward-looking investment in next-generation security technologies at HSBC.)
  • Piyush Gupta (CEO, DBS Bank): “Security is paramount today… There are not only state actors, but large criminal syndicates, who are always trying to get in.” (DBS’ Piyush Gupta explains how the bank deals with digital trust in an era of deep fakes and misinformation – CNA) Gupta has also noted that he operates under a “not if, but when” assumption regarding attacks, using that mindset to drive continuous investment in layered security measures. This philosophy highlights a strategic shift to persistent vigilance and resilience in cybersecurity.

Next I’ll attempt to articulate the impact of this spend…

About the Author

Nick Kelly | SecureFlag | CyAN Member

Website: www.secureflag.com

LinkedIn: Nick Kelly

Dynamic Resilience: A Framework for Synergizing Operational Agility and Economic Security in the Era of Digital Transformation by Rupesh Shirke

Dynamic Resilience: A Framework for Synergizing Operational Agility and Economic Security in the Era of Digital Transformation by Rupesh Shirke

Abstract In today’s rapidly evolving digital landscape, organizations face unprecedented challenges that necessitate establishing a robust framework to navigate operational agility and economic security. This document delves into dynamic resilience, harmoniously integrating these vital components to foster sustainable growth, adaptability, and long-term success. Through a 

Cyber (In)Securities – Issue 128

Cyber (In)Securities – Issue 128

Information Security News 89% of Enterprise GenAI Usage Is Invisible to Organizations, Exposing Critical Security Risks The Hacker NewsA new report reveals that a staggering 89% of generative AI usage within enterprises remains undetected, exposing organisations to severe security risks. This covert AI activity can 

Cyber (In)Securities – Issue 127

Flaw found in stalkerware apps, exposing millions of people. Here’s how to find out if your phone is being spied upon
Bitdefender by Graham Cluley

A significant security flaw discovered in stalkerware apps has exposed millions to potential spying, significantly compromising user privacy. This vulnerability allows unauthorised access to personal data, raising serious concerns about the safety and security of individuals who may be unknowingly monitored. The issue highlights the urgent need for users to check their devices for signs of stalkerware, which may include unusual battery drain or data usage. Experts recommend regular security checks, the installation of reputable anti-stalkerware tools, and staying informed about ways to protect personal digital spaces from such invasive software.

Read more

Exploits for unpatched Parallels Desktop flaw give root on Macs
BleepingComputer by Bill Toulas

An unpatched vulnerability in Parallels Desktop for Mac allows attackers to gain root access, posing severe risks to users by potentially compromising system integrity and personal data. This exploit enables unauthorised users to bypass security mechanisms, manipulate systems, and access confidential information, illustrating the critical importance of regular software updates and vigilant security practices. Mac users are urged to apply all available security patches to mitigate this risk. The situation underscores the necessity of proactive cybersecurity measures and the dangers of operating systems without the latest security defenses.

Read more

DeepSeek’s ByteDance Data-Sharing Raises Fresh Security Concerns
Dark Reading by Elizabeth Montalbano

Recent reports have raised significant security concerns over DeepSeek, a subsidiary of ByteDance, and its data-sharing practices, which may compromise user privacy. The scrutiny comes amidst allegations that the company shares user data in ways that could violate privacy norms and potentially aid in surveillance. This issue underscores the need for stringent data governance and highlights the challenges users face in controlling their personal information. The situation calls for urgent regulatory actions to ensure that data handling by tech companies adheres to ethical standards and legal requirements, protecting individuals from unauthorised data exploitation.

Read more

New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer
The Hacker News by Ravie Lakshmanan

A new malware campaign exploiting cracked software to spread Lumma and ACR Stealer has been uncovered, targeting users looking for free software alternatives. This campaign leverages the allure of cracked software to deploy malware that can steal sensitive information, including passwords and financial data. The use of such software poses significant risks, as it often bypasses traditional antivirus protections. Cybersecurity experts strongly advise against the use of pirated software and emphasise the importance of maintaining rigorous security protocols, including using only legitimate and licensed software, conducting regular system scans, and keeping all software up to date to avoid falling victim to these sophisticated cyber threats.

Read more

Engineers Australia launches ‘chartered’ cyber credential
InnovationAus by David McClure

Engineers Australia has introduced a new ‘chartered’ credential for cybersecurity professionals, aiming to standardise and elevate expertise within the industry. This credential recognises and certifies the skills and knowledge of engineers working in cybersecurity, offering a structured pathway for professional development. It responds to the increasing complexity of cyber threats and the critical need for qualified professionals who can secure modern digital infrastructures. This credential enhances individual careers and contributes to strengthening national and organisational cybersecurity capabilities.

Read more

The software UK techies need to protect themselves now Apple’s ADP won’t
The Register by Connor Jones

With Apple’s decision to not extend Advanced Data Protection (ADP) to the UK, tech professionals are urged to explore alternative software solutions to safeguard their digital assets effectively. This situation highlights the need for robust, end-to-end encryption and other security measures that can compensate for the lack of ADP. The discussion includes a variety of software options that offer strong encryption standards and data protection policies, aiming to assist UK techies in maintaining their privacy and data integrity against potential cyber threats. The article emphasises the importance of proactive security practices in a landscape where traditional data protection mechanisms are increasingly insufficient.

Read more

Gov bans Kaspersky from its systems and devices
itNews by Eleanor Dickinson

The Australian government has implemented a ban on Kaspersky software across all its systems and devices due to security concerns, marking a significant stance on protecting national security. This precautionary measure addresses the risks associated with potential espionage and cyberattacks that could exploit vulnerabilities within the software. The ban underscores the critical need for trusted security solutions in government operations and highlights the broader implications for software vendors striving to maintain credibility in a market that increasingly values transparency and reliability in cybersecurity practices.

Read more

Microsoft Power Pages vulnerability exploited in the wild
Cybersecurity Dive by Rob Wright

A vulnerability in Microsoft Power Pages has been actively exploited, presenting serious security concerns for users. This flaw allows attackers to execute arbitrary code and potentially take control of affected systems, exposing sensitive data. The urgency of addressing this issue is paramount, as the exploitation of such vulnerabilities can lead to significant breaches, undermining trust in digital infrastructures. Users are advised to apply patches provided by Microsoft immediately to mitigate the risk and protect their data from unauthorised access. This situation highlights the ongoing challenges in maintaining secure web environments and the necessity for continuous vigilance and prompt updates in cybersecurity protocols.

Read more

A Data Leak Exposes the Operations of the Chinese Private Firm TopSec, Which Provides Censorship-as-a-Service
Security Affairs by Pierluigi Paganini

A significant data leak at TopSec, a Chinese firm known for providing censorship-as-a-service, has exposed extensive details about its operations. This breach reveals the extent to which the company engages in information control and surveillance for the Chinese government. The exposed data includes sensitive information about the methods and technologies used to monitor and suppress online content. This incident not only raises concerns about privacy and freedom of expression but also underscores the vulnerabilities in the security practices of companies involved in state-sponsored censorship activities. The leak prompts a critical examination of the implications for global internet freedom and the ethical responsibilities of technology providers.

Read more

Australia facing higher rate of cyber threats as part of APAC regional surge
itWire by Rosalyn Page

Australia is experiencing an elevated rate of cyber threats, part of a broader surge across the Asia-Pacific region. This increase is driven by the escalating sophistication of cyberattacks targeting both public and private sectors. The rise in cyber threats includes phishing, ransomware, and state-sponsored attacks, putting critical infrastructure and data at risk. This trend necessitates stronger cybersecurity measures, enhanced threat intelligence sharing, and more robust collaboration between government agencies and industry leaders. The aim is to fortify defences, raise awareness about cyber hygiene practices, and develop more resilient digital ecosystems to counteract the growing cyber threat landscape.

Read more

3.9 Billion Passwords Stolen—Infostealer Malware Blamed
Forbes by Davey Winder

In a major cybersecurity alert, Forbes reports that 3.9 billion passwords have been stolen, attributed to a sophisticated infostealer malware. This breach highlights a severe lapse in digital security protocols globally, prompting an urgent call for heightened cybersecurity measures. Experts stress the need for robust protective technologies and enhanced user vigilance. They recommend immediate action to upgrade defense systems against such malicious software, which is becoming increasingly capable of evading traditional security checks. This incident marks a significant moment in cybersecurity, urging a reevaluation of how personal data is protected online.

Read more

Australia fines Telegram for delay in answering questions
itNews

Australian regulators have imposed a significant fine on the messaging app Telegram for its delayed response to inquiries regarding its data handling and privacy practices. According to itNews, this action reflects Australia’s stringent approach to enforcing digital communication compliance amid growing concerns over data security. The fine serves as a warning to other tech companies about the importance of quick and transparent responses to regulatory questions. Experts emphasise that maintaining rigorous data protection standards is crucial for preserving user trust and ensuring compliance with global data privacy laws. This case highlights the escalating demands on digital platforms to adhere to strict regulatory expectations and the potential repercussions of non-compliance.

Read more

Fake CS2 tournament streams used to steal crypto, Steam accounts
BleepingComputer by Bill Toulas

Cybercriminals are exploiting the popularity of CS2 tournaments by hosting fake streams that deceive gamers into downloading malware, leading to significant losses of cryptocurrency and Steam accounts. BleepingComputer reports that these fraudulent streams lure viewers with the promise of live competitive play, only to trick them into installing software that steals sensitive information. This scam highlights the increasing sophistication of cyber threats targeting online gaming communities. Experts advise gamers to verify the authenticity of streams and download sources, maintain robust security software, and stay informed about common phishing tactics to safeguard their digital and financial assets effectively.

Read more

Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace
Cyberscoop by Tim Starks

In a candid interview with Cyberscoop, former NSA and Cyber Command chief Paul Nakasone expressed concerns that the United States is falling behind its adversaries in cyberspace. Nakasone emphasized the strategic gaps in America’s cyber defenses, highlighting that current efforts are insufficient to counteract the sophisticated cyber tactics employed by foreign enemies. He stresses the need for a comprehensive national cyber strategy that proactively enhances cybersecurity infrastructure and fosters greater collaboration between government agencies and the private sector. This strategic overhaul, he argues, is essential to maintaining national security and staying ahead in the constantly evolving cyber threat landscape.

Read more

Critical New PayPal Warning: Genuine Emails Used In Ongoing Attack
Forbes by Davey Winder

Forbes has issued a critical alert regarding a new phishing scam where attackers are using genuine-looking PayPal emails to execute sophisticated attacks. This campaign involves cybercriminals crafting emails that mimic official PayPal communications, tricking recipients into divulging sensitive information such as login credentials and financial details. The article stresses the importance of vigilance and educating users on the hallmarks of phishing attempts. It also calls for enhanced email filtering technologies and user education to combat these types of cyber threats effectively. This incident serves as a stark reminder of the evolving nature of cyberattacks and the need for continuous updates to security measures.

Read more

Beware: PayPal “New Address” feature abused to send phishing emails
BleepingComputer by Lawrence Abrams

BleepingComputer reports a new phishing tactic exploiting PayPal’s “New Address” feature, where cybercriminals send fraudulent emails urging users to verify their account details. This scam cleverly disguises itself within legitimate-looking PayPal communications, convincing users to input sensitive information, which leads to data breaches and financial loss. The article highlights the necessity for users to be extremely cautious with email links and to verify any changes through official PayPal channels directly. It also emphasizes the importance of ongoing cybersecurity education to recognize and thwart such deceptive techniques, ensuring personal and financial information remains secure.

Read more

NSW finds new permanent cyber chief
itNews by Eleanor Dickinson

New South Wales has appointed a new permanent cyber chief to oversee the state’s cybersecurity strategy, aiming to strengthen defenses against a rising tide of cyber threats. This appointment underscores the growing recognition of the critical importance of cybersecurity at the state level. The new cyber chief’s role will focus on enhancing collaboration between government agencies, bolstering cyber incident response capabilities, and developing comprehensive policies to protect public and private sector data. This strategic move is part of a broader effort to fortify digital infrastructure and ensure robust protection for citizens’ data in the face of increasingly sophisticated cyberattacks.

Read more

Hackers steal $1.5bn from crypto exchange in ‘biggest digital heist ever’
The Guardian by Joanna Partridge

The Guardian reports a monumental theft where hackers stole $1.5 billion from a cryptocurrency exchange, marking it as the biggest digital heist in history. This staggering breach involved sophisticated cyber tactics that overcame existing security measures, prompting a global reevaluation of cryptocurrency security protocols. The incident has sent shockwaves through the financial technology industry, highlighting vulnerabilities that could potentially expose other platforms. Experts are now calling for heightened security measures, including advanced encryption and multi-factor authentication, to protect against similar attacks and to reassure the increasingly anxious investor community about the safety of their digital assets.

Read more

DOGE Sparks Surveillance Fear Across the US Government
Wired by Paresh Dave, Dell Cameron & Alexa O’Brien

Wired reports escalating concerns within the US government regarding the cryptocurrency DOGE and its potential use in surveillance and data collection. These fears stem from DOGE’s rapid integration into mainstream financial systems and its accessibility to top cybersecurity agencies. Government officials are debating the implications of such technologies, which could potentially be exploited for mass surveillance or violate privacy rights. This issue highlights the ongoing tension between technological innovation and civil liberties, prompting a call for strict regulatory frameworks to govern the use of cryptocurrencies in government operations while safeguarding individual privacy.

Read more

Telegram fined nearly $1m by Australian watchdog for delay in reporting about terrorism and child abuse material
The Guardian by Josh Taylor

Australian regulators have imposed a fine of nearly $1 million on Telegram for its delayed action in reporting incidents involving terrorism and child abuse material, as detailed by The Guardian. This penalty emphasizes the critical role social media platforms play in preventing the spread of harmful content. It also spotlights the stringent expectations from authorities worldwide that platforms enforce proactive monitoring and swift reporting practices. The case serves as a caution to other companies about the severe consequences of failing to adhere to legal and ethical standards in content management.

Read more

ANALYSIS

Apple removes advanced data protection tool in face of UK government request
The Guardian by Rachel Hall

In response to a UK government request, Apple has removed an advanced data protection tool from its products in the UK, a move that has sparked widespread concerns over privacy. This action highlights the ongoing struggle between government surveillance needs and individual privacy rights. Critics and privacy advocates are alarmed, suggesting that this could undermine user trust and set a troubling precedent for tech companies, potentially eroding privacy protections globally. The debate continues about the balance that needs to be struck between national security and protecting citizens’ private data.

Read more

DOGE Now Has Access to the Top US Cybersecurity Agency
Wired by Kim Zetter

Wired reveals that the cryptocurrency DOGE has gained unprecedented access to a top U.S. cybersecurity agency, stirring debates over the implications for national security and privacy. This development comes as government entities increasingly explore the potential of blockchain technologies for enhancing security operations. However, the integration of DOGE raises concerns about the security and transparency of governmental use of cryptocurrency technologies. Critics argue this could lead to potential vulnerabilities, calling for rigorous oversight and clear guidelines to ensure that such technologies do not compromise the integrity of national security measures.

Read more

Apple’s Bold Move in the UK: No Backdoor, No Extra Encryption
PrivID (Substack)

In a decisive stance, Apple has opted not to include additional encryption or backdoor access in its UK products, as reported by PrivID on Substack. This decision highlights Apple’s commitment to user privacy amidst pressure from the UK government to allow backdoor access for law enforcement purposes. The article elaborates on the broader implications of this move for privacy advocacy and cybersecurity, arguing that resisting government pressure helps maintain trust and security for users globally. It discusses the potential consequences for Apple in terms of legal challenges and market dynamics, emphasizing the delicate balance between national security demands and the preservation of individual privacy rights.

Read more

Cybersecurity Needs to Stay Nonpartisan in the Age of DOGE
Lohrmann on Cybersecurity by Dan Lohrmann

In his commentary for “Lohrmann on Cybersecurity,” Dan Lohrmann stresses the importance of nonpartisanship in cybersecurity, particularly as the influence of cryptocurrencies like DOGE grows within national security frameworks. According to Lohrmann, the entanglement of digital currencies with security issues could lead to political exploitation. He advocates for a bipartisan approach to cybersecurity, urging that policies and actions should transcend political divisions to effectively protect national interests. Lohrmann argues that cybersecurity resilience depends on collaborative efforts and adherence to shared principles, rather than being influenced by fluctuating political agendas.

Read more

Cybersecurity in 2025: A Battle of Interwoven Interests
The Peninsula by Dr. Khaled Walid Mahmoud

Dr. Khaled Walid Mahmoud’s article in The Peninsula addresses critical challenges in the cybersecurity landscape of 2025, particularly emphasizing the growing resilience disparity between large and small institutions. He highlights how smaller entities often lack the resources to implement comprehensive cyber defenses, making them particularly vulnerable to attacks. Amidst this scenario, Dr. Mahmoud poses an essential question regarding the position of Arab nations within the global cybersecurity equation. He discusses their unique vulnerabilities and the need for regional cooperation to enhance security frameworks and reduce disparities. This dialogue is crucial as it underscores the importance of tailored cybersecurity strategies that account for varied economic and technological capabilities across different regions.

Read more

Cyber Insurance is Useless Without Encryption
PrivID (Substack)

The PrivID article highlights a crucial aspect of cyber risk management: the ineffectiveness of cyber insurance without robust encryption practices. As cyber threats evolve, merely relying on insurance policies without securing data at its core leaves organizations vulnerable. The piece emphasizes that encryption is essential not just for safeguarding data but also for meeting the stringent requirements that insurance policies increasingly demand. It calls on organizations, particularly SMEs, to integrate strong encryption methods as a standard practice to enhance their overall cybersecurity measures and ensure that they are genuinely protected against potential breaches.

Read more

CyAN Members: Op Eds, Articles, etc.

The 3 Levels of Threat Intelligence: How They Help You Stay Secure
Fel Gayanilo

In this insightful piece, CyAN General Secretary Fel Gayanilo breaks down threat intelligence into three distinct levels—strategic, tactical, and operational. Fel explains how each level plays a crucial role in enhancing an organization’s cybersecurity posture. Strategic threat intelligence helps in understanding the broad risk landscape, tactical intelligence focuses on immediate threats, and operational intelligence deals with day-to-day security events. This layered approach, Fel argues, enables organizations to better anticipate potential threats and tailor their defenses accordingly, thereby staying one step ahead of cyber adversaries.

Read more

Quantum Computing and the Urgent Need for Universal End-to-End Encryption
Kim Chandler McDonald

CyAN VP Kim Chandler McDonald discusses the transformative impact of quantum computing on cybersecurity, particularly stressing the urgent need for universal end-to-end encryption. Kim highlights how quantum computing poses significant risks to current encryption methods and could potentially break many of the cryptographic systems currently in use. The article calls for proactive measures to develop quantum-resistant encryption technologies to protect data against future threats. Kim’s insights underline the importance of preparing for quantum advancements to ensure privacy and security in the digital age.

Read more

Smart Security Everywhere: Empowering CXOs with Always-On Protection
Shantanu Bhattacharya

CyAN member Shantanu Bhattacharya addresses the need for comprehensive security solutions in his article on ‘Smart Security Everywhere’. He advocates for an ‘Always-On’ protection model that empowers CXOs to manage and mitigate risks continuously. Shantanu outlines how integrating smart security technologies across all organizational levels can provide real-time threat detection and response, thus safeguarding critical assets. His recommendations emphasize the role of leadership in fostering a culture of security that aligns with business objectives and adapts to the evolving cyber threat landscape.

Read more

Upcoming CyAN Global Events

📌 Breaking the Cycle: Combating Online IBSA for a Safer Digital Experience
🗓 March 6th | EST 6 AM | CET 12 PM | AEST 10 PM
Join the webinar

📌 CyAN APAC: The Geopolitical Impacts of Cyber Threats: From Espionage to Influence
🗓 March 12th | Peoplebank, Sydney | Keynote by Dan Elliot
Event details

📌 GITEX AFRICA, Marrakesh, Morocco
🗓 April 14-16
More info

📌 GITEX ASIA, Singapore (Marina Bay Sands)
🗓 April 23-25
More info

📌 GISEC, Dubai World Trade Center, UAE
🗓 May 6-8
More info

📌 The Cyber Outstanding Security Performance Awards (Cyber OSPAs), London, UK
🗓 May 8
More info

📌 World AI Technology Expo UAE, Dubai, UAE
🗓 May 14-15
More info

📌 MaTeCC: Rabat, Morocco
🗓 June 7-9
📍 The third annual North Africa and beyond cybersecurity event, hosted by CyAN partner organisation École High-Tech
More info

📄 Download the full issue of CyAN Cyber (In)Securities Issue 127
Click here to view the PDF

Smart Security Everywhere: Empowering CXOs with Always-On Protection

by Shantanu Bhattacharya Posted on February 20, 2025 | Originally published on RSAC Conference 🔗 Read the original article on RSAC Conference In today’s digital-first business landscape, Chief Experience Officers (CXO) are frequently on the move, driving business growth outside the organization’s secure network perimeter.