The European Union’s Digital Markets Act (DMA) is setting the stage for significant changes in the tech landscape, particularly for companies like Apple, known for their tightly controlled ecosystems. While the DMA aims to enhance competition and consumer choice by opening up platforms like iOS to third-party app stores and facilitating app sideloading—where users can […]
risk management
Cyber (In)Securities – Issue 125
Information Security News Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End EncryptionGlobal Encryption Coalition by Ryan Polk The Global Encryption Coalition is actively opposing the UK government’s utilisation of the Investigatory Powers Act to erode end-to-end encryption, asserting that this undermines both personal privacy and national security. An open […]
Cyber (In)Securities – Issue 121
Information Security News: US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration Security Week via Associated PressThe role of the US Cybersecurity and Infrastructure Security Agency (CISA) in safeguarding elections is increasingly uncertain under the Trump administration. While CISA played a key role in securing previous elections, its future involvement remains […]
Faking GitHub Commits – What Could Go Wrong?
Found: a tool creating dummy GitHub source code commits to help programmers game job evaluation mechanisms. This illustrates a deeper issue with how badly designed incentives can have serious security consequences.
Some Quick Thoughts on the Crowdstrike “Issue”
The July 2024 CrowdStrike update fiasco was likely due to a combination of software monoculture, poor QA, and lacking operational risk management.
🔍 Exploring the Nexus: NIST Framework vs. DORA Regulation in the Financial Sector 🌐💼
CyAN member Gilles Chevillon shares an analysis of the Digital Operational Resilience Act, the European Union’s flagship regulation governing cybersecurity in the financial sector.