The Isogent Insider: January 2025

Welcome to the January 2025 edition of the Isogent Insider! As we step into the new year, we’re diving into some of the most pressing issues in cybersecurity and technology. From groundbreaking advancements in encryption to new regulations shaping the cybersecurity landscape, this edition offers insights that will help businesses stay ahead of the curve in 2025.

In this month’s issue, we explore Google’s Willow project, a game-changing development in quantum encryption that could redefine password security. We also uncover DeceptionAds, a malvertising campaign that’s delivering over a million impressions daily—highlighting the need for vigilance against emerging threats.

Additionally, we’ll take a closer look at how the Cybersecurity and Infrastructure Security Agency (CISA) is helping strengthen the security of grant-funded infrastructure projects, and the new HIPAA cybersecurity rules that mandate tighter data restoration timelines and regular audits. Lastly, with Windows 10 nearing the end of support in October 2025, we discuss the growing risks associated with its continued use, especially for the 62% of users still relying on it.

Let’s start the year off right by equipping you with the knowledge and tools you need to navigate the evolving world of cybersecurity!

Never miss a story: Sign up here to receive Isogent's newsletter in your inbox.

Google’s new quantum encryption project, Willow, is poised to revolutionize how we secure data and protect online transactions. Quantum computing promises to unlock new frontiers in encryption, but it also presents significant challenges to traditional password security. Willow is Google's attempt to future-proof encryption by developing algorithms that can withstand the computational power of quantum computers.

With quantum technology advancing rapidly, the impact of Willow could be far-reaching, offering enhanced security and resilience against the growing threat of quantum-enabled cyberattacks. But while quantum encryption offers great promise, the transition will require organizations to adopt new security protocols, upgrade their infrastructure, and address potential vulnerabilities before quantum computing becomes mainstream.

For more insights on how Willow is paving the way for a quantum leap in encryption, read the full blog here.

The rise of deceptive advertising (malvertising) is a growing concern for online security. One such campaign, DeceptionAds, has been delivering over one million daily impressions, targeting unsuspecting users with malicious ads designed to exploit vulnerabilities in their systems. This sophisticated malvertising operation uses ad networks to spread malware, often leading to data theft or unauthorized access to sensitive information.

What makes DeceptionAds particularly dangerous is its ability to bypass traditional security measures and target a wide audience. Users may not realize they’ve clicked on a harmful ad until it’s too late, making it crucial for both businesses and individuals to be aware of such threats and take steps to protect themselves.

Learn how to safeguard your systems from such deceptive campaigns by reading the full blog here.

In 2024, the Cybersecurity and Infrastructure Security Agency (CISA), alongside the Office of National Cyber Director (ONCD), launched a comprehensive guide aimed at strengthening cybersecurity for grant-funded infrastructure projects. The guide emphasizes the importance of cybersecurity in federally funded projects, offering practical frameworks for securing digital infrastructure.

This initiative addresses the rising need for robust cybersecurity measures in the critical sectors receiving government grants. By providing clear steps for integrating security best practices, CISA and ONCD aim to reduce vulnerabilities in these projects and ensure that public investments are not jeopardized by cyber threats.

To understand how this guide can help bolster the security of your grant-funded projects, read the full blog here.

In 2024, the Department of Health and Human Services (HHS) introduced new cybersecurity requirements under HIPAA, which now mandate a 72-hour data restoration timeline for healthcare organizations and annual audits to ensure compliance. These regulations aim to mitigate the risk of data loss during cyber incidents, ensuring that healthcare organizations can quickly recover critical patient information after an attack.

The 72-hour restoration rule is especially significant as it sets clear expectations for how quickly healthcare providers must restore their systems after a breach. Additionally, the requirement for annual cybersecurity audits ensures that organizations regularly assess their security posture, identify gaps, and improve their defenses.

For more on how these new rules will impact healthcare organizations, read the full blog here.

As the end of support for Windows 10 approaches in October 2025, a looming security crisis is brewing for the 62% of users who still rely on the operating system. Without critical security updates, Windows 10 systems will become increasingly vulnerable to malware, ransomware, and other forms of cyberattacks. The end of support means that Microsoft will no longer provide patches, leaving users exposed to unpatched vulnerabilities.

While many users are unaware of the implications of continuing to use an unsupported OS, businesses and individuals must prepare to migrate to newer versions like Windows 11 or seek alternative solutions to protect their systems. Delaying this transition could expose users to devastating cyber threats.

Read more about the growing risks of sticking with Windows 10 and what steps you can take to protect your systems in the full blog here.

For breaking news from Isogent, sign up here to be notified.