Cybersecurity Institute News Roundup 4 March 2024

Welcome to this week’s Cybersecurity Institute News Roundup, a weekly overview of the some of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. This week brings us news of the latest Cybersecurity Framework from NIST, the discontinuation of Google Pay, an app-less phone, the ongoing skills gap, and a novel way of cloning fingerprints.

Starting out, we have the launch of version 2.0 of the Cybersecurity Framework from the National Institute of Standards and Technology (NIST). This is the first major update from the US agency to this cybersecurity tome since 2014. Initially drafted to address critical infrastructure vulnerabilities, CSF 2.0 has an expanded mandate to help organizations of all shapes and sizes. It also covers six key functions with the addition of Govern to Identify, Protect, Detect, Respond and Recover. This focus on governance reinforces that cybersecurity is a board and government level concern:

https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework

?

Next up we have details about Google’s plan to discontinue its Google Pay app in the United States. The standalone version of the application will no longer be available after June 4, 2024, and users should switch to Google Wallet instead. This will result in the loss of several features, but does point to Google’s efforts to consolidate the storage of a range of personal ID, accounts, travel documents and the like:

https://www.gsmarena.com/google_pay_app_is_being_discontinued_in_the_united_states-news-61726.php

?

The cybersecurity skills gap is not a new phenomenon by any stretch of the imagination, but reports like this recent one continue to highlight the ongoing challenge of finding, and keeping, IT security talent. The fact that over 40% of companies are struggling to find qualified cybersecurity professionals reinforces the need for trusted partners to be able to help keep on top of the ever changing cybersecurity landscape:

https://cfotech.asia/story/kaspersky-study-40-of-firms-face-shortage-in-cybersecurity-hiring

?

It’s time for Mobile World Congress, which means we’ve had a glut of smartphone and telecom related news. The one that caught our eye is from Deutsche Telekom who is previewing and ‘App-Free’ smartphone – utilising AI instead. Whether this approach will prove attractive, and if the lack of apps will reduce potential vulnerabilities and attack vectors, remains to be seen:

https://www.pymnts.com/technology/2024/deutsche-telekom-previews-app-free-artificial-intelligence-powered-smartphone

?

Last, but by no means least, we have details of a hacking technique that can steal people’s fingerprints through a smartphone’s microphone. According to the article, a research team from the US and China have figured out how to recreate a person’s fingerprints from just the sound they make while swiping a touchscreen. Although the rates for recreating partial and full fingerprints is relatively low, this has the potential to significantly upset the biometric security market:

https://www.independent.co.uk/tech/fingerprint-clone-hack-security-printlistener-b2499111.html

?

Be sure to share your thoughts on these stories in the comments and let us know what articles have caught your eye recently?