Author: Anastasios Arampatzis

The National Institute of Standards and Technology (NIST) has published its initial draft strategy, Internal Report (IR) 8547, titled “Transition to Post-Quantum Cryptography Standards. ” This draft outlines NIST’s strategy for migrating from current cryptographic algorithms vulnerable to quantum computing attacks to quantum-resistant alternatives. Published on November 12, 2024, it is open for comments until January 10, 2025. The report details a phased approach to PQC adoption and underscores the urgency of securing critical systems before quantum computing capabilities emerge. The Need for Post-Quantum Cryptography Cryptographic algorithms are vital for safeguarding confidential digital information from unauthorized access. For decades, these…

Despite cyber risk growing at an alarming rate, a recent global study from Trend Micro, highlights that many organizations are failing to implement adequate cybersecurity measures due to a lack of strategic leadership and investment. Key Findings of the Report According to the study, which surveyed 2,600 IT leaders across regions including North America, Europe, and APAC, cybersecurity gaps are widening as the attack surface expands. In 2023, Trend Micro blocked 161 billion threats, marking a 10% increase from the previous year. However, despite the surge in digital threats, leadership across many organizations remains indifferent to the severity of these…

The United Nations (UN) Secretary-General’s High-level Advisory Body on Artificial Intelligence (HLAB-AI) released a comprehensive report titled “Governing AI for Humanity,” which proposes global governance mechanisms for Artificial Intelligence (AI). The report is based on extensive consultations and presents a framework aimed at addressing AI’s risks while maximizing its benefits for humanity. With AI’s rapid evolution, the need for a cohesive, global approach to governance has become critical. Global Governance Gaps in AI The report highlights that only seven of the UN’s 193 Member States participate in prominent AI governance initiatives. With no comprehensive global framework in place, decisions about…

The European Union Agency for Cybersecurity (ENISA) has released its annual Threat Landscape report for 2024, providing crucial insights into the evolving cybersecurity challenges facing the EU. Here are the key takeaways: Prime Threats Remain Consistent Denial of Service (DDoS) attacks and ransomware continue to dominate the threat landscape, accounting for over half of observed incidents. Other significant threats include malware, social engineering, data breaches, and information manipulation. Geopolitical Factors Drive Cyber Activity Ongoing regional conflicts and major events like the European elections have fueled increased cyber operations, particularly from state-nexus actors and hacktivists. The line between these groups is…

Cybersecurity has moved to the top of every CIO’s agenda in the last few years as organizations in every industry battle to navigate an increasingly complex threat landscape. Adversaries are more well-funded and determined than ever, and their tools are growing in persistence and sophistication.At the same time, the distributed workforces that arrived with the pandemic have widened the attack surface exponentially, introducing new vulnerabilities, and presenting attackers with a slew of new vectors to gain a foothold on corporate networks.From sophisticated malefactors to opportunistic malware, there are many risks. In this blog, we’ll delve into the common vulnerabilities and…

It follows that vectors with greater internet exposure will also attract more attention from threat actors. Because of this, malicious actors frequently exploit public email servers, and a wide variety of cyber dangers can spread through them. We found some interesting patterns after reviewing a representative sample of our 2022 emails. The 2023 Email Security Trends Report examines the causes of the rise in email threats over the previous year. It also offers advice on how businesses can use this information to remain ahead of the curve. Here are the key takeaways, followed by tips on how to enhance your…

Email is not only the most popular form of communication for organizations, but it is also the most popular way for criminals to break into corporate networks and compromise confidential information about clients and employees. A multi-layered security strategy can reduce email security risks, but in the long term, a thorough awareness of these threats works much better. Email is one of the top two distribution mechanisms for harmful payloads, with the average company receiving over 75% of its malware over email, according to Verizon’s 2022 Data Breach Investigations Report. Even if just a small percentage of employees actively click…

Increased reliance on multiple cloud environments during the last couple of years and the growing number of employees opting for a hybrid working norm have created numerous opportunities for ransomware gangs to target organizations. As a response to the increasing impact of ransomware attacks, businesses of all sizes are investing in a zero-trust approach to security where digital identities and multi-factor authentication (MFA) play a key role. The state of the ransomware threat Ransomware attacks have become more advanced and complex during the past years, evolving from simple malware deployment and extortion to a multi-tiered Ransomware-as-a-Service (RaaS) business model where…