| https://www.linkedin.com/in/matthewrosenquist/ | |
| Cybersecurity Insights Podcast | Cybersecurity Insights https://www.youtube.com/c/CybersecurityInsights |
Congrats to Charles Bennett and Gilles Brassard for winning the Turing Award for their industry leadership and breakthroughs with Quantum Information, specifically quantum key distribution. Their work will continue to be a foundation in sharing secrets in quantum resistant ways between parties over unsecured channels.
https://www.quantamagazine.org/quantum-cryptography-pioneers-win-turing-award-20260318/
AI has become the most powerful tool for financial fraud since the dawn of the Internet. As predicted, criminals are exploiting it faster, more effectively, and at scale.
According to the latest Interpol Global Financial Fraud Report, AI-enhanced fraud is now 4.5 times more profitable than traditional schemes. That’s a significant shift and we’re still in the early stages.
Full article on my Substack: https://open.substack.com/pub/matthewrosenquist/p/cybercriminals-are-winning-with-ai
Cyber attackers increasingly target SMBs because they are often the easiest path into larger supply chains. As cyberattacks are ramping up, specifically against Critical Infrastructure sectors, Small and Medium Businesses (SMBs) are feeling the pressure and asking what they can do to better protect themselves in reasonable ways.
Don’t accept failure. There is a reasonable path forward. See the full post for SMB cybersecurity best practices.
https://open.substack.com/pub/matthewrosenquist/p/how-smbs-can-proactively-strengthen
Stryker, a major medical equipment provider for the healthcare sector, has suffered a destructive cyberattack that wiped corporate data and severed employee access, likely from an Iranian sponsored hacking group.
Stryker Corporation is a global leader in medical technology, with over $22 billion in sales and 53 thousand employees. The company provides critical healthcare equipment and solutions to hospitals, fire departments, paramedics, and medical facilities worldwide.
Healthcare is a critical infrastructure sector and Stryker is a prominent supplier of life-safety equipment in over 60 countries, impacting more than 150 million patients according to their website.
The attack appears to have been a digital decapitation hack, at the administrator access-level, that wiped internal systems data, including corporate endpoint devices and phones.
Full Story on my Substack: https://matthewrosenquist.substack.com/p/stryker-down-iranians-hack-the-healthcare
The military attacks involving Iran in the Middle East are the latest reminder that cybersecurity leadership must continually incorporate geopolitical risk into their enterprise cyber risk posture and preparedness.
Concerns for elevated risks against worker safety, operational integrity, and data security must be addressed.
Preparation does not eliminate risk, but it dramatically improves how an organization experiences and manages it.
Full article can be found on my Substack: https://open.substack.com/pub/matthewrosenquist/p/5-actions-critical-for-cybersecurity
After the United States and Israel began a bombing campaign on Iran, leading to the decapitation of its political and military leaders, the Middle East has erupted into waves of kinetic warfare. But what should we expect about cyber?
AI is transforming both cyber offense and defense, but the attackers hold distinct advantages. Attackers are less concerned with quality or problems. They can use risky or unvetted technology with impunity as they aren’t overly concerned if it causes harm. The result is they employ such tools much earlier than the defenders.
Defenders don’t have that luxury of being reckless when it comes to new technology. Cybersecurity must wait for tools to be properly vetted.
Governance of AI is the foundational cornerstone for establishing cybersecurity, privacy, compliance, and safety.
Without governance, AI adoption and use becomes the ‘wild west’ where everyone is doing whatever benefits them without foresight to the potential downstream risks to the organization.
Executive leadership should be ‘circling the wagons’ to establish proper policies, procedures, and guidelines for AI adoption, oversight accountability, configuration, operation, monitoring, and crisis response.
Join me on Substack: https://substack.com/@matthewrosenquist
Cybersecurity leadership is faced with an impossible dilemma: either embrace AI and suffer the enormous risks or resist AI and be ostracized by executive leadership for inhibiting gains.
The solution is for CISOs to transform from a technology risk expert that tries to block threats to a cyber risk business executive that actively seeks to embrace value added initiatives with reasonable governance.
https://matthewrosenquist.substack.com/p/the-top-ai-problem-for-cisos
AI tools are transforming the discovery of software vulnerabilities! The recent Anthropic announcement showcases the capabilities, finding over 500 high-severity vulnerabilities that evaded traditional methods.
Attackers are early beneficiaries with AI in detecting unknown vulnerabilities in existing software, but defenders will also race forward to discover those weaknesses before adversaries and patch them, preferably in the development stages prior to general availability release.
The race is on!
Clip from my keynote delivered to the Nemertes group.
More information at http://nemertes.com/ and http://nemertes.substack.com/
Follow Matthew on
- LinkedIn: https://www.linkedin.com/in/matthewrosenquist/
- SubStack: https://substack.com/@matthewrosenquist
Visit Cybersecurity Insights at https://www.cybersecurityinsights.us
Subscribe to the Cybersecurity Insights channel: https://www.youtube.com/CybersecurityInsights
