Cybersecurity Institute News Roundup 2 Sep 2024

Welcome to this week’s Cybersecurity Institute News Roundup, a weekly overview of the some of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. With a double bill, this week’s roundup includes lessons from the Paris Olympics cyber success, the next generation draft of verifiable credentials from W3C, stories around election tech trends and cyberwarfare, how CISOs make sense of the global AI regulatory landscape, and more.

?

Officials credit years of pre-planning, international cyber cooperation, and round the clock vigilance in helping the Paris Olympics thwart 140 cyberattacks:

https://www.bankinfosecurity.com/how-paris-olympics-survived-unprecedented-cyberthreats-a-26060

?

The World Wide Web Consortium (W3C) has released a draft of its 2.0 technical specifications for the Verifiable Credentials Data Model (VCDM), a leading open standard for online digital identity. One of the basic tenets of VCDM is decentralized identity which enables consumers/citizens to only share the data necessary to complete a specific transaction:

https://www.biometricupdate.com/202408/w3c-issues-new-technical-draft-for-verifiable-credentials-standards

?

Additionally, using the W3C’s Verifiable Credentials Data Model (VCDM) and Decentralized Identifiers (DID), the US Department of Homeland Security (DHS) and the US Citizenship and Immigration Service (USCIS) have partnered to develop and issue digital credentials:

https://www.biometricupdate.com/202408/dhs-st-uscis-partner-on-digital-credentials-using-open-standards

?

With Apple acquiescing to pressure from the European Commission to open up its NFC technology and the US Department of Justice considering a breakup of Google, it seems the Democrats will enact more antitrust enforcement and tech regulation if elected:

https://www.pymnts.com/cpi-posts/democratic-party-emphasizes-tech-regulation-and-competition-in-2024-platform/

?

As the US election nears, the FBI and CISA are concerned that citizen Personally Identifiable Information (PII) could be targeted by bad actors leveraging insiders. US voter registration systems include such PII as full or partial social security numbers, driver’s license number and/or state ID:

https://www.biometricupdate.com/202408/fbi-cisa-warn-of-threats-to-election-systems-that-could-compromise-voters-pii

?

Like many other things, warfare too has moved online. And with AI-powered threats and quantum computing, being cyber ready is the best defense:

https://www.forbes.com/councils/forbestechcouncil/2024/08/26/improving-cyber-readiness-in-the-age-of-ai-and-quantum-computing/

?

While the use of biometrics across industries and use cases continues to grow exponentially, NIST’s new digital identity proofing guidelines include an option that does not rely on biometrics:

https://www.nextgov.com/digital-government/2024/08/nist-releases-new-draft-digital-identity-proofing-guidelines/399071/

?

It seems that bad actors rely on IT security teams to be soundly asleep between the hours of 1am and 5am to execute ransomware attacks:

https://www.techrepublic.com/article/ransomware-trends-malwarebytes/

?

Diverse and divergent AI regulatory frameworks around the globe are further complicating the CISO role. This is an excellent primer for CISOs to both help make sense of, and comply with, the evolving AI patchwork of regulations:

https://www.infosecurity-magazine.com/opinions/global-ai-regulatory-cisos/

?

Be sure to share your thoughts on these stories in the comments and let us know what articles have caught your eye recently?