Cybersecurity Institute News Roundup 19 August 2024

Welcome to this week’s Cybersecurity Institute News Roundup, a weekly overview of the some of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. In this week’s roundup we start off with the announcement of the NIST PQC standards and their expected impact on US federal agencies. We also have articles about MIT’s AI risk database, the potential for Google to be broken up, Apple opening up its NFC to third parties, and some CrowdStrike news.

?

The US National Institute of Standards and Technology (NIST) has published the first set of post quantum cryptography (PQC) standards. This highly anticipated announcement is a major milestone for cryptography and will require all hands on deck to manage the transition well:

https://www.darkreading.com/endpoint-security/nist-releases-3-post-quantum-standards-urges-orgs-to-start-pqc-journey

?

With the standards now in place, federal US agencies are being tasked to start their post quantum cryptography (PQC) migration now, a transition which is expected to cost at least $7.1B by 2035:

https://thequantuminsider.com/2024/08/12/white-house-report-u-s-federal-agencies-brace-for-7-1-billion-post-quantum-cryptography-migration/

?

After ruling that Alphabet has employed monopolistic practices to dominate online search, the US Department of Justice is evaluating different remedies to restore competition in the market including the potential break up of Google:

https://nationaltechnology.co.uk/US_Justice_Department_Considers_Breaking_Up_Google.php

?

After settling a competition violation dispute with the EC, Apple will give developers access to its near-field communication (NFC) technology starting with iOS 18.1:

https://www.pymnts.com/apple/2024/apple-gives-third-parties-access-to-tap-and-go-payments-tech

?

While the rhetoric between CrowdStrike and Delta continues to build, there are also some excellent lessons for all IT leaders arising from the now infamous July 19th outage. One of those lessons is also accepting responsibility, which the company did with aplomb this past weekend, accepting a cybersecurity humiliation award for "most epic fail” at the annual Pwnie Awards at the DEF CON hacking show:

https://www.raconteur.net/technology/crowdstrike-outage-post-mortem-lessons-for-it-leaders

https://uk.pcmag.com/security/153845/crowdstrike-exec-shows-up-to-accept-most-epic-fail-award-in-person

?

Be sure to share your thoughts on these stories in the comments and let us know what articles have caught your eye recently?