Information Security News Joint Letter on the UK Government’s use of Investigatory Powers Act to attack End-to-End EncryptionGlobal Encryption Coalition by Ryan Polk The Global Encryption Coalition is actively opposing the UK government’s utilisation of the Investigatory Powers Act to erode end-to-end encryption, asserting that this undermines both personal privacy and national security. An open […]
risk management
Cyber (In)Securities – Issue 121
Information Security News: US Cyber Agency’s Future Role in Elections Remains Murky Under the Trump Administration Security Week via Associated PressThe role of the US Cybersecurity and Infrastructure Security Agency (CISA) in safeguarding elections is increasingly uncertain under the Trump administration. While CISA played a key role in securing previous elections, its future involvement remains […]
Faking GitHub Commits – What Could Go Wrong?
Found: a tool creating dummy GitHub source code commits to help programmers game job evaluation mechanisms. This illustrates a deeper issue with how badly designed incentives can have serious security consequences.
Some Quick Thoughts on the Crowdstrike “Issue”
The July 2024 CrowdStrike update fiasco was likely due to a combination of software monoculture, poor QA, and lacking operational risk management.
🔍 Exploring the Nexus: NIST Framework vs. DORA Regulation in the Financial Sector 🌐💼
CyAN member Gilles Chevillon shares an analysis of the Digital Operational Resilience Act, the European Union’s flagship regulation governing cybersecurity in the financial sector.