Tag: regulation

No Time for Antics with Semantics: Why CVEs Are Cybersecurity’s Lifeline

No Time for Antics with Semantics: Why CVEs Are Cybersecurity’s Lifeline

The cybersecurity world runs on shared language. We don’t often talk about it in those terms—but that’s exactly what the CVE (Common Vulnerabilities and Exposures) system is. A global taxonomy of flaws. A universal index of weakness. The quiet backbone that lets defenders coordinate responses 

Welcome New Member – Younès Felahi from Morocco

Welcome New Member – Younès Felahi from Morocco

Please welcome our newest member from Morocco, Younès Felahi 👋 Younes FELAHI, a recognized cybersecurity expert in Morocco and Africa, has over 15 years of experience in the field. He has held positions as a consultant, architect, and expert in cyber strategies, governance, risk and 

Cyber (In)Securities – Issue 140

Cyber (In)Securities – Issue 140

Information Security News

  1. Tariffs May Prompt Increase in Global Cyberattacks
    Dark Reading – Robert Lemos
  2. US Comptroller Cyber ‘Incident’ Compromises Org’s Emails
    Dark Reading – Kristina Beek
  3. Wyden Blocks Trump’s CISA Boss Nominee, Blames Cyber Agency for ‘Actively Hiding Info’ About Telecom Insecurity
    The Register – Jessica Lyons
  4. Trump Signs Order Stripping Chris Krebs of Security Clearance
    Cyberscoop – Greg Otto
  5. Hackers Target SSRF Bugs in EC2-Hosted Sites to Steal AWS Credentials
    BleepingComputer – Bill Toulas
  6. Sensitive Financial Files Feared Stolen From US Bank Watchdog
    The Register – Iain Thomson
  7. National Social Security Fund of Morocco Suffers Data Breach
    Security Affairs – Pierluigi Paganini
  8. BadBazaar and Moonshine Malware Targets Taiwanese, Tibetan and Uyghur Groups, U.K. Warns
    Cyberscoop – Tim Starks
  9. Critical FortiSwitch Flaw Lets Hackers Change Admin Passwords Remotely
    BleepingComputer – Sergiu Gatlan
  10. Fake Microsoft Office Add-in Tools Push Malware via SourceForge
    BleepingComputer – Bill Toulas
  11. Privacy Fights Over Expiring Surveillance Law Loom After House Hearing
    Cyberscoop – Tim Starks
  12. UK Orgs Pull Back Digital Projects With Looming Threat of Cyberwarfare
    Dark Reading – Kristina Beek
  13. Adobe Calls Urgent Attention to Critical ColdFusion Flaws
    SecurityWeek – Ryan Naraine
  14. 2 Android Zero-Day Bugs Under Active Exploit
    Dark Reading – Kristina Beek
  15. Treasury Department Bank Regulator Discloses Major Hack
    Cybersecurity Dive – Elizabeth Montalbano
  16. Inside a Powerful Database ICE Uses to Identify and Deport People
    404 Media – Jason Koebler
  17. Dangerous, Windows-Hijacking Neptune RAT Scurries Into Telegram, YouTube
    Dark Reading – Elizabeth Montalbano
  18. SAP Patches Critical Code Injection Vulnerabilities
    SecurityWeek – Ionut Arghire
  19. WhatsApp Vulnerability Could Facilitate Remote Code Execution
    SecurityWeek – Eduard Kovacs
  20. ESET Vulnerability Exploited for Stealthy Malware Execution
    SecurityWeek – Ionut Arghire
  21. UAC-0226 Deploys GIFTEDCROOK Stealer via Malicious Excel Files Targeting Ukraine
    The Hacker News – Ravie Lakshmanan
  22. Meta Blocks Livestreaming by Teenagers on Instagram
    The Guardian – Dan Milmo
  23. EVEREST Ransomware Group’s TOR Leak Site Offline After a Defacement
    Security Affairs – Pierluigi Paganini
  24. Russian Bots Hard at Work Spreading Political Unrest on Romania’s Internet
    Bitdefender – Graham Cluley
  25. Six Arrested for AI-Powered Investment Scams That Stole $20 Million
    BleepingComputer – Bill Toulas
  26. As CISA Braces for More Cuts, Threat Intel Sharing Takes a Hit
    The Register – Jessica Lyons
  27. Counterfeit Android Devices Found Preloaded with Triada Malware
    BleepingComputer – Bill Toulas
  28. Joint Letter on Swedish Data Storage and Access to Electronic Information Legislation
    Global Encryption Coalition – Ryan Polk

Analysis

  1. Groucho’s Wit, Cloud Complexity, and the Case for Consistent Security Policy
    SecurityWeek – Joshua Goldfarb
  2. How Democratized Development Creates a Security Nightmare
    Dark Reading – Fernando José Karl
  3. Experts Optimistic About Secure by Design Progress
    Dark Reading – Arielle Waldman
  4. Machine Identity a Key Priority for Organisations’ Security Strategies
    itNews

CyAN Members Op Eds, Articles, etc.

  1. 🔐 End-to-End Encryption: A Cornerstone Under Pressure?
    – Peter Evans
  2. CyAN Member Spotlight: Łukasz Gawron – Advancing Cybersecurity in Poland

🗓️ Upcoming CyAN (and CyAN Partner) Global Events:

SCCS Logo

📍 Lisbon, Portugal

Supply Chain Cyber Security Summit (SCCS)
April 9–11

Read more
GITEX AFRICA Logo

📍 Marrakesh, Morocco

GITEX AFRICA
April 14–16

Read more
GITEX ASIA Logo

📍 Singapore

GITEX ASIA
April 23–25

Read more
GISEC Logo

📍 Dubai, UAE

GISEC
May 6–8

Read more
Cyber OSPAs Logo

📍 London, UK

Cyber OSPAs
May 8

Read more
CSG Awards Logo

📍 Dubai, UAE

CSG Awards 2025
May 7

Read more
World AI Expo Logo

📍 Dubai, UAE

World AI Technology Expo
May 14–15

Read more

🎉 Celebration

CyAN 10th Anniversary
(Details TBA)

GITEX Europe Logo

📍 Berlin, Germany

GITEX Europe Messe
May 21–23

Read more
MaTeCC Logo

📍 Rabat, Morocco

MaTeCC
June 7–9

Read more

🌐 Online

CyAN Q2 Call (APAC + Gulf)
June 11 – 12:00 GST / 16:00 SGT / 18:00 AEST

🌐 Online

CyAN Q2 Call (EMEA + Americas)
June 11 – 20:00 GST / 18:00 CET / 17:00 UTC / 12:00 EDT

Cyber (In)Securities – Issue 139

Cyber (In)Securities – Issue 139

Information Security News Autonomous, GenAI-Driven Attacker Platform Enters the ChatDark Reading – Elizabeth Montalbano EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcherBleepingComputer – Bill Toulas Voluntary ‘Pall Mall Process’ seeks to curb spyware abusesCyberscoop – Tim Starks That massive GitHub supply chain attack? It all 

Behind the Keys: Women Who Secure the Future – Fatema Fardan

Behind the Keys: Women Who Secure the Future – Fatema Fardan

📄 Download Feature PDF Want to connect? Here is Fatema Fardan’s professional profile. Feel free to say hello and show your support. 🔗 Connect on LinkedIn About the Author Saba Bagheri, PhD Cyber Threat Intelligence Manager at Bupa APAC Director at the Cybersecurity Advisors Network 

Behind the Keys: Women Who Secure the Future – Edna Conway

Behind the Keys: Women Who Secure the Future – Edna Conway

Behind the Keys Cover

Want to connect? Here is Edna Conway’s professional profile. Feel free to say hello and show your support.

🔗 Connect on LinkedIn

About the Author

Saba Bagheri, PhD
Cyber Threat Intelligence Manager at Bupa
APAC Director at the Cybersecurity Advisors Network (CyAN)

She is a highly credentialed professional holding CISM, CEH, and CRISC certifications, with deep expertise in ATT&CK®-aligned SOC operations and Cyber Threat Intelligence. Based in Sydney, New South Wales, Australia, Saba is a respected leader in the cybersecurity community, actively contributing to international threat intelligence collaboration.

🔗 Connect on LinkedIn
Cyber (In)Securities – Issue 138

Cyber (In)Securities – Issue 138

Information Security News Disclosure Drama Clouds CrushFTP Vulnerability ExploitationDark Reading – Rob Wright CISA warns of Fast Flux DNS evasion used by cybercrime gangsBleepingComputer – Bill Toulas Google Quick Share Bug Bypasses Allow Zero-Click File TransferDark Reading – Tara Seals China-Linked Threat Group Exploits Ivanti 

Behind The Keys: Women Who Secure the Future

Behind The Keys: Women Who Secure the Future

(In)Securities Special Edition (In)Securities Special Edition Celebrating International Women in Tech Day Editor-in-Chief Kim Chandler McDonald Co-Founder and CEO of 3 Steps Data Global VP at CyAN An award-winning author and advocate for cybersecurity, compliance, and digital sovereignty. Kim drives global conversations on data governance 

Strengthening Global Security: Data Protection as National Imperative

Strengthening Global Security: Data Protection as National Imperative

In my previous article, Unraveling Digital Sovereignty: The Delicate Balance of Digital Sovereignty: Insights and Imperatives, we explored the intricate balance between protecting national interests and promoting global digital cooperation.

Building on that foundation, Part 2 of our series dives deeper into how nations can fortify their cybersecurity initiatives without hindering the international flow of information. We’ll also examine how varying levels of digital maturity across countries influence these strategies and introduce forward-thinking models for international agreements.


Data Security as National Security: Expanding the Framework

Let’s be clear: data security isn’t just another item on a national security agenda—it’s absolutely central to it. In our tightly interconnected world, a single data breach can set off a chain reaction, risking economic and political stability across the globe. Crafting robust national and international frameworks that prioritise security while still encouraging innovation is absolutely essential.


Implementing Robust Data Protection Measures

  • National Strategies: Without doubt, it is crucial for countries to develop all-encompassing national cybersecurity strategies. These should include not just governmental bodies but also engage the private sector actively. These strategies need to have tight security protocols, responsive incident handling, and regular checks and balances.

  • Cyber Hygiene Education: Additionally, boosting cyber hygiene universally is non-negotiable. We need to empower everyone with the knowledge to defend against cyber threats through regular education and proactive awareness campaigns.

Challenges of Balancing Sovereignty and Global Cooperation

Navigating the fine line between maintaining digital sovereignty and engaging in fruitful international cooperation presents its unique set of challenges, made all the more complex by differing levels of digital maturity across nations.


Specific International Agreements and Their Impact

  • The Budapest Convention on Cybercrime: This treaty is a shining example of how countries can come together to fight cybercrime, respecting each other’s legal boundaries while working toward a common goal.

  • The General Data Protection Regulation (GDPR): GDPR not only reshapes data protection within the EU but also influences global standards, showcasing how regional policies can inspire broader international data privacy standards.

Bridging the Digital Divide

  • Capacity Building: Supporting the advancement of digital capabilities in countries that are still catching up is critical. This means not just technology transfers but also focused educational programs and infrastructure enhancements.

  • Flexible Frameworks: I champion international frameworks that are adaptable enough to allow for local nuances yet robust enough to secure universal data security and cooperation goals.

Proposing a Model for International Digital Cooperation

A one-size-fits-all policy doesn’t cut it for digital governance. We need a layered, nuanced approach that respects individual national sovereignty while promoting mutual benefits and security.


Components of the Advanced Cooperation Model

  • Digital Maturity Index: Introducing a global index to gauge and respond to the digital maturity of nations could significantly streamline our cooperative efforts.

  • Adaptive Legal Frameworks: These should provide foundational protections but also adapt to meet specific national needs.

  • Anti-Tariff Digital Trade Agreements: Crafting agreements that reduce barriers to data flow and prevent data tariffs will ensure that digital trade enhances rather than hinders economic prosperity.

Expanding on Successful Regional Cooperation

The European Digital Single Market (EDSM) and the ASEAN Digital Integration Framework truly shine as beacons of how regions can synchronise their regulations to ensure digital interactions are smooth and respect personal autonomy. These initiatives don’t just streamline digital operations across various jurisdictions; they also show us how to navigate the challenges that come with differing levels of digital maturity.


European Digital Single Market (EDSM):

From the get-go, the EDSM has been pivotal in breaking down digital barriers across EU nations, paving the way for a borderless digital environment that supports free-flowing online services and e-commerce.

Recently, the focus has shifted to boosting digital competitiveness and sustainability to keep Europe at the cutting edge of digital innovation and security. A key part of this has been strengthening digital infrastructure and making digital services accessible to everyone across the Union, ensuring fair digital progress for all member states.

A standout move here has been the Interoperable Europe Act, a major stride towards a seamless Digital Single Market by enhancing how digital public services work together across EU countries.


ASEAN Digital Integration Framework:

This framework plays a crucial role in narrowing the digital gap among ASEAN nations, fostering a digital environment that includes everyone. It’s all about making digital trade and economic integration easier, which is vital for the growth of digital economies in the region.

By backing the implementation of digital standards and boosting the use of digital technologies in various sectors, this framework is enhancing connectivity and competitiveness across the ASEAN market.


Addressing Tariffs and Promoting Free Trade

The conversation around digital trade recently has brought to light the harmful impacts of tariffs on digital transactions. Tariffs can really restrict the free flow of data across borders, affecting businesses and consumers alike. To combat this, both the European and ASEAN initiatives are working to create a setting where digital trade can flourish without these barriers, supporting not only economic growth but also aligning with global efforts to keep digital markets open and competitive.


Looking Ahead:

As these frameworks evolve, they continually adapt to the demands of the digital age, ensuring their strategies stay aligned with global digital trends and needs. Their ongoing dedication to lowering barriers and boosting digital cooperation sets a standard for global digital policy.

Exploring these models gives us invaluable insights into how to build more resilient and inclusive digital economies worldwide. The success of these frameworks offers a practical blueprint for other regions looking to harmonise their digital markets while respecting local and regional differences.


Conclusion: Towards a Collaborative Future

As we look to the future, the interplay between robust digital sovereignty and dynamic international cooperation becomes increasingly crucial. By learning from successful global initiatives and adapting to the ever-evolving digital landscape, we can safeguard our national interests and contribute to a safer, more interconnected world.

Let’s embrace the challenges and opportunities ahead, forging a path toward a collaborative digital future.


About the Author:

Kim Chandler McDonald is the Co-Founder and CEO of 3 Steps Data, driving data/digital governance solutions.
She is the Global VP of CyAN, an award-winning author, storyteller, and advocate for cybersecurity, digital sovereignty, compliance, governance, and end-user empowerment.

Behind the Keys: Women Who Secure the Future – Inssata RICOURT

Behind the Keys: Women Who Secure the Future – Inssata RICOURT

📄 Download Feature PDF Want to connect? Here is Inssata RICOURT’s professional profile. Feel free to say hello and show your support. 🔗 Connect on LinkedIn About the Author Saba Bagheri, PhD Cyber Threat Intelligence Manager at Bupa APAC Director at the Cybersecurity Advisors Network