CyAN is proud to announce our role as a Community Partner for the following prominent global cybersecurity and technology events. Mark your calendars! Supply Chain Cyber Security Summit (SCCS) 9–11 April 2025 | Lisbon, Portugal CyAN board member Bharat Raigangar will be speaking at this …
Information Security News US Weakens Disinformation Defenses, as Russia & China Ramp Up Dark Reading by Robert LemosAs geopolitical tensions escalate, the US has notably reduced its efforts to combat disinformation, especially from key adversaries like Russia and China. This rollback occurs despite increasing efforts …
Gate 15‘s Andy Jabbour joins us on this episode of CyAN’s Secure-in-Mind series, as we discuss a wide variety of topics. We cover information and intelligence sharing, geopolitics, US and European cybersecurity capabilities, information security investment, collective cyberdefence, adversaries, threats, and some nifty travel tips.
As always, we haven’t read all of these in their entirety, and the Wikipedia links are provided as-is, and only meant as a starting point for someone interested in more than just casual information.
02:12 Financial Services ISAC – https://fsisac.com
04:01 US Presidential Policy Directive (PPD) 21, “Critical Infrastructure Security and resilience” – https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors
05:14 https://eur-lex.europa.eu/eli/dir/2022/2555/2022-12-27/eng – “sectors of high criticality” are described in Annex I & II
06:09 “All-hazards” is a very broad term with numerous different definitions. Basically, it means “taking all types of risks and threats, and what you need to deal with them, into account”.
07:18 WannaCry – https://en.wikipedia.org/wiki/WannaCry_ransomware_attack
07:32 Health ISAC – https://health-isac.org/
09:49 The EU ISACs website appears to be offline, but ENISA has some information: https://www.enisa.europa.eu/topics/state-of-cybersecurity-in-the-eu/national-cybersecurity-strategies-0/information-sharing-and
14:33 The US does not have any national cybersecurity law per se, but several federal agencies have essentialy mandated that critical sector firms join their respective sector ISAC. By contrast, the EU ISAC ecosystem is less mature, and less well supported and recognized by e.g. ENISA (the European Network and Information Security Agency), with no such mandates. Other countries tend to have information sharing initiatives built around government agencies – for example, the UAE financial sector’s cyber resilience exercises are organized by the central bank.
14:38 NY State Department of Financial Services – https://www.dfs.ny.gov/
17:44 UK NCSC Industry 100 – https://www.ncsc.gov.uk/section/industry-100/about
18:02 UP-KRITIS – https://www.bsi.bund.de/EN/Themen/Regulierte-Wirtschaft/Kritische-Infrastrukturen/UP-KRITIS/up-kritis_node.html
19:23 CISA recently dismantled the Cyber Security Review Board (CSRB) which was looking into the Salt Typhoon and Volt Typhoon groups in January of 2025: https://federalnewsnetwork.com/cybersecurity/2025/03/lawmakers-probe-dhs-cyber-typhoon-response-future-of-csrb/
19:30 E.g. https://www.reuters.com/world/us-suspends-some-efforts-counter-russian-sabotage-trump-moves-closer-putin-2025-03-19/
20:13 https://therecord.media/podcast
20:17 Specific episode on iTunes: https://podcasts.apple.com/us/podcast/is-trump-making-the-us-more-cyber-vulnerable/id1225077306?i=1000699608384
21:18 https://tribalhub.com/
23:23 https://bsky.app/profile/rgblights.bsky.social
23:37 https://breakingdefense.com/2025/03/ex-nsa-cyber-chief-warns-of-devastating-impact-of-potential-doge-inspired-firings/
23:46 https://www.theregister.com/2025/03/18/cisa_rehired_doge/
Obligatory whoopsie-doodle: https://bsky.app/profile/ericjgeller.com/post/3lkldrq7jek2z
24:58 FVEY – https://en.wikipedia.org/wiki/Five_Eyes
25:48 Obligatory plug to donate – https://u24.gov.ua/
26:36 https://www.washingtonpost.com/world/national-security/trump-revealed-highly-classified-information-to-russian-foreign-minister-and-ambassador/2017/05/15/530c172a-3960-11e7-9e48-c4f199710b69_story.html
26:45 For example https://ec.europa.eu/commission/presscorner/detail/en/ip_25_793
27:39 Locked Shields – https://ccdcoe.org/locked-shields/
28:39 Jen Easterly – https://en.wikipedia.org/wiki/Jen_Easterly
29:45 https://www.independent.co.uk/bulletin/news/europe-canada-portugal-f35-fighter-jets-trump-eurofighter-b2718770.html
29:49 Not really, but US control over spare parts, upgrades, and digital mission information is a serious concern
30:01 https://en.wikipedia.org/wiki/Saab_JAS_39_Gripen
30:40 https://www.theguardian.com/us-news/2025/mar/18/musk-starlink-internet-white-house
31:24 For example Eutelsat, part of the consortium deploying Europe’s IRIS² satellite constellation – https://defence-industry-space.ec.europa.eu/eu-space/iris2-secure-connectivity_en
32:51 Just in regards to cooperation with Romania, there are numerous examples, such as https://www.europol.europa.eu/media-press/newsroom/news/arrest-in-romania-of-ransomware-affiliate-scavenging-for-sensitive-data and https://www.fbi.gov/contact-us/field-offices/losangeles/news/romanian-police-serve-dozens-of-warrants-following-parallel-investigation-with-the-fbis-los-angeles-field-office
34:37 Alexander Litvinenko and Maxim Kuzminov for starters, plus the muder attempts on Sergei and Yulia Skripal
34:43 https://www.reuters.com/world/europe/threat-plot-murder-rheinmetall-ceo-was-part-sabotage-campaign-nato-says-2025-01-28/
34:45 https://en.wikipedia.org/wiki/2014_Vrb%C4%9Btice_ammunition_warehouse_explosions and
https://www.wsj.com/world/europe/russian-saboteurs-behind-arson-attackat-german-factory-c13b4ece
34:51 https://www.euronews.com/my-europe/2024/11/28/russian-attacks-on-undersea-cables-most-serious-threat-to-our-infrastructure-nato – see our two-part podcast on this topic, at https://cybersecurityadvisors.network/2024/09/10/subsea-cables-a-crunchy-target/
50:48 Which is still one of the greatest (and seriously, most technologically influential) multiplayer games of all time. It’s also a GPA killer sans pareil – https://en.wikipedia.org/wiki/Netrek
51:07 A classic – https://www.wilyhacker.com/
51:58 21°14’37.7″S 55°42’58.5″E -ish
54:36 That’s the one with the costumes that freak out all the Americans. If you know, you know.
You can find CyAN’s Secure-in-Mind YouTube channel at https://youtube.com/@cybersecadvisors. All of our episodes are also available in audio format on Apple iTunes, Amazon Audible, Podcast Republic, Spotify, and Libsyn – links on our Media page.
Information Security News Judge blocks Elon Musk’s Doge from accessing social security records The Guardian by Guardian Staff & AgenciesA federal judge has issued a restraining order preventing Elon Musk’s Department of Government Efficiency (Doge) from accessing Social Security Administration (SSA) records, citing privacy concerns …
The European Union’s Digital Markets Act (DMA) is setting the stage for significant changes in the tech landscape, particularly for companies like Apple, known for their tightly controlled ecosystems. While the DMA aims to enhance competition and consumer choice by opening up platforms like iOS …
The Psychological Impacts of Cyberattacks
This is the second episode of a story related to individuals who, in a matter of moments, transition from “employees” to “rescuers” in the immediate aftermath of a destructive cyberattack.
“The fact is, you have to do things before and after. You have to pay attention to people’s sensibilities. Even if we’re in a period of crisis, we mustn’t just have financial objectives, catering objectives or customer recovery objectives. We have to think about the well-being of the teams, to keep as many staff as. There’s a point in getting the business back on its feet if everyone leaves after the crisis.”
During the genesis of my book, I have analysed cases where I interviewed people who had been involved in a major corporate cyberattack. I have identified four categories of individuals who are likely to become heroes. I would remind you that being a hero is not necessarily an enviable position. I will now discuss the journeys of these individuals, highlighting the effects on their personal and professional lives.
Directors are often forgotten, but they are among the positions most affected by cyberattacks. This is because they cannot shirk their responsibilities: it is up to them to allocate the budget, define priorities and create the corporate culture. Furthermore, recent European directives and regulations, such as NIS2 and DORA, insistently remind directors of the fundamentals already described in ISO 27,001. Management’s role is crucial in cybersecurity. They can no longer hide behind the ‘It’s an IT problem’ excuse.
I observed two diametrically opposed attitudes.
One was a director who was not only personally involved in crisis management, but also felt emotionally committed to and in solidarity with his teams. This person was like a captain of a ship ready to go down with their vessel, with their sole concern being the well-being of their crew and the survival of the company. Unlike the second profile, he does not seek to justify himself or to protect himself. Therefore, this individual will experience personal effects during the crisis, including stress, anxiety, and a sense of guilt. Unfortunately, he is likely to struggle to accept, rightly or wrongly, the impact of the cyberattack. As a result, he will resign after everything is back in order. He will leave with a feeling that he was taken advantage of. These events will mark him for the rest of his career.
In contrast, there is a director who knows that they are partly or fully responsible for making bad choices. They will primarily focus on protecting themselves from the consequences, both for their job and their career. During the crisis, they will try to justify their past decisions. Unfortunately, this type of individual will remain in the office even after the crisis. You will easily identify them, as they will be rewriting history on a grand scale.
This one will endure pain, as they will be both the tool and the object of it. Based on the cases studied, his main concern is being able to take his rightful place. If he goes into crisis management mode, he will probably fall into the trap that crisis communication is almost always destructive. He will also be part of the rescue team, but he will be more or less involved in strategic decisions. There are cases where management will potentially dismiss him and consider him as a mere executor. This is contradictory, since he can contribute the most to decision-making. After the crisis, there will be very mixed feelings. On the one hand, the feeling of not having been considered at his true value, and the fact that he is in management and does not receive the same congratulations as the technical people. And, on the other hand, that he was left with the dirty work. The result is very often great frustration, leading to resignation or burnout. This is damaging for society, because he would be very useful for the post-crisis and reconstruction phase.
This one is going to suffer. Because he is going to be both the hammer and the anvil. Based on the cases studied, his main concern is going to be his ability to take his rightful place. If he goes into crisis management mode, he will probably fall into the trap that crisis communication is almost always destructive. He will also be part of the rescue team, but he will be more or less involved in strategic decisions. There are cases where management will potentially dismiss him and consider him as a mere executor. This is contradictory because he is the one who can contribute the most in terms of decision-making. This will result in very mixed feelings after the crisis. On the one hand, the impression of not having been considered at his true value, and the fact that he is in management and does not receive the same congratulations as the technical people. And, on the other hand, that he was left with the dirty work. The result is very often great frustration, leading to resignation or burnout. This is damaging for society, because he would be very useful for the post-crisis and reconstruction phase.
We immediately think of him as the hero. He will work day and night, 24 hours a day. He will forget about his family life. He will not be able to tell them everything, which will have harmful effects. Right after the shock, he will participate in the rescue of society. However, he will face significant disappointment, especially if crisis management is not properly coordinated. They will face harsh consequences due to sudden shifts in direction and constant changes. In addition, he will suffer the double kiss cool effect. His unwavering commitment will increase, but he will also be perceived as a possible perpetrator.
The external consultant will also scrutinize their technical skills. It will be simple for the external consultant to identify what was done incorrectly before the crisis. I have observed in these individuals that the stress and anxiety caused by the crisis often transform into a kind of trauma. The consequences are professional burnout, recurring nightmares, and sometimes physical health issues. More than half of those surveyed either experienced burnout or left their jobs within six months of the crisis.
And don’t forget:
“Treat cybersecurity like personal hygiene—if you ignore it, sooner or later, things are going to get really messy and start to stink!”
Didier Annet is an Operational & Data Resilience Specialist and a Certified Professional Coach dedicated to empowering individuals and teams to navigate the complexities of an ever-changing digital landscape.
Find him on LinkedIn: Didier Annet
Learn more in his book:
Guide de survie aux cyberattaques en entreprise et à leurs conséquences psychologiques: Que fait-on des Héros ? (French Edition) – Available on Amazon
Coming soon: The English version – “What Happens to Heroes”
Agentic AI is when autonomous AI agents make decisions and execute tasks. It’s poised to revolutionize industries. But with this power comes new cybersecurity challenges. This blog explores the deployment architectures of agentic AI solutions and identifies key attack vectors, offering a glimpse into innovative …
Information Security News Microsoft: New RAT Malware Used for Crypto Theft, Reconnaissance BleepingComputer by Sergiu GatlanMicrosoft has identified a new form of RAT (Remote Access Trojan) malware that is being used for cryptocurrency theft and detailed reconnaissance of infected systems. This sophisticated malware targets digital …
Inspired by recent movements in Europe, where tech giants like Airbus have advocated for a sovereign fund to support local technology sectors, this article explores Australia’s strategic need to develop sovereign satellite communication systems. As digital connectivity becomes increasingly crucial, the time to fortify our independence and security is now.
Historical precedents and contemporary movements highlight the risks of depending on foreign technology. The initiative by European tech firms to establish a sovereign fund to support their local industries serves as a compelling example of proactive steps taken to safeguard regional interests and reduce dependency on non-European technologies.
Similarly, developing sovereign satellite communication systems ensures that Australia retains control over its digital destiny, preventing any entity from having disproportionate power over our national infrastructure.
Investing in sovereign satellite systems not only secures national security but also stimulates economic growth. This initiative would create high-skilled jobs, encourage local research and development, and lead to the creation of new technologies.
Enhanced cybersecurity measures within these systems mean that Australia can implement robust security protocols and respond more swiftly to cyber threats, safeguarding the integrity and privacy of information.
The scenario where international tensions lead to a sudden ‘cut-off’ of satellite services managed by foreign corporations could particularly cripple Australian businesses in less wired areas. While most of Australia’s internet traffic is transmitted via fibre optic cables, which predominantly cover urban areas, satellite communications are crucial for ensuring connectivity in rural and remote regions.
Disruptions in these satellite services could lead to significant communication and transaction challenges in these less connected areas. Moreover, if these fibre optic cables were to be cut—whether through sabotage or other disruptions—the effects could be catastrophic, spreading even to major cities.
Such a scenario would not only lead to significant economic losses but also destabilise the entire business landscape, underscoring the critical need for robust and diversified communication infrastructure.
Taking cues from the European call for a sovereign fund, Australia could explore similar financial structures to support the development of its satellite technologies.
Government initiatives might include grants for R&D, tax incentives for local production, and educational programs to nurture expertise in satellite technology and cybersecurity.
The success stories of countries like Canada and France in developing their satellite capabilities offer valuable lessons. These nations have balanced public-private partnerships and regulatory frameworks to encourage innovation while protecting national interests—approaches that could be adapted to benefit Australia.
In Canada, companies like MDA (MacDonald, Dettwiler and Associates) and Telesat have been instrumental in advancing satellite communication technologies. MDA has developed critical infrastructure such as the RADARSAT series, while Telesat operates a fleet of satellites that enhance broadband connectivity and mobile communications across vast distances.
France’s strategy includes significant contributions from firms like Thales Alenia Space, which designs and builds satellites for a variety of functions including telecommunications and Earth observation. Airbus Defence and Space plays a crucial role in the manufacture of advanced satellite systems for both military and commercial uses. Additionally, Eutelsat, as the owner of the London-based OneWeb, exemplifies the strategic importance of maintaining control over satellite communications to ensure national sovereignty.
These examples underscore the benefits of nurturing domestic industries and maintaining control over critical communications infrastructure, providing a roadmap for Australia to enhance its digital sovereignty and secure its satellite communication capabilities.
Designing sovereign satellite systems with cybersecurity at their core ensures resilience against evolving cyber threats. This proactive approach not only protects Australia’s data but also strengthens global confidence in our digital infrastructure.
The necessity for sovereign satellite communication capabilities extends far beyond the realm of technology—it is a strategic imperative vital for ensuring Australia’s long-term security, autonomy, and economic prosperity. As we observe our European counterparts taking decisive steps by advocating for sovereign funds to bolster local tech industries, it becomes clear that Australia must also take bold action.
We must not only support but actively invest in developing and securing our satellite communication infrastructure. This commitment should manifest in increased government funding for space technology research and development, incentives for businesses investing in this sector, and the establishment of robust policies that prioritize national over foreign interests in critical communications infrastructure.
Let us unite—policymakers, industry leaders, and the technology community—to forge a path toward digital independence. By doing so, we will secure a future where Australia remains resilient and competitive in the global digital economy. It’s time for decisive action to protect and advance our national interests. Let’s champion the creation of a sovereign and secure digital landscape for generations to come.
Kim Chandler McDonald is the Co-Founder and CEO of 3 Steps Data, driving data/digital governance solutions. She is the Global VP of CyAN, an award-winning author, storyteller, and advocate for cybersecurity, digital sovereignty, compliance, governance, and end-user empowerment.
Information Security News Elon Musk’s Starlink Could Be Used to Transmit Australian Election Voting Results The Guardian by Josh TaylorThe Guardian reports that Elon Musk’s satellite internet service, Starlink, is being considered as a potential method to transmit voting results in Australian elections. This proposal …