Good cybersecurity can be an unsung hero. According to the @NCSC's Paul Chichester, it played an important role in Ukraine's stunning Operation Spider's Web:

Great advice here from a panel of experts at #infosec2025 on how to securely manage the transition to quantum safety. Spoilers: ask more of your vendors!

The @ICOnews is failing badly in answering data protection complaints on time. Just 12% in the past quarter. Too many complaints, not enough staff. Are people more informed about privacy rights or are companies doing worse on data protection?

What will happen when the US abandons Ukraine? CISOs should take note. My latest for @Assured_Intel:

VC funding for cyber startups surges 35% YoY in Q4 2024, according to @PitchBook. In the UK, deal value for 2024 was down 24% from the previous year. Time to get worried?

The UK government is talking a good game on AI, but also backing it up with some useful resources. A new code of practice could eventually become an ETSI standard for secure AI development. My latest for @isms_online:

As the @ICOnews takes a fresh look at its two-year public sector trial, I asked several experts what they thought. They didn't hold back.

Like it or not, geopolitics has a huge impact on the cyber threat landscape. A new @GroupIB report reveals how it played out last year:

80% of ransomware attacks now don't even feature encryption, but instead focus on data theft, according to @ReliaQuest. Backup all you like, but if you don't have layered protection, detection and response in place, your organisation may be in trouble:

Interpol wants people to stop talking about "pig butchering" and call the crime "romance baiting" instead, claiming the former demeans victims and may even deter them from coming forward. Does it have a point? My latest for @Assured_Intel:

How many ransomware groups do you know operating out of China? Ghost is one, according to CISA/FBI:

Infostealers are out of control. @hudsonrockbot has found hundreds of credentials for US military and defence contractors. As little as $10 per log:

Meet BlackLock (aka El Dorado), the latest fast-mover up the ransomware-as-a-service charts. @ReliaQuest think it may be the most prolific variant this year:

The British government wants to "mainline" AI into the veins of the UK. Does that also mean shooting up cyber risk? My latest for @isms_online explains:

The @NAOorguk appraisal of UK government cyber posture is pretty brutal. Here's what it says, and how govt can respond. My latest for @Assured_Intel:

According to @getsquarex the company's newly published browser syncjacking attack could enable full browser and device takeover. Yikes.

Contrary to some breathless mis-reporting in various outlets, Congress is not "under attack". But the emails and plaintext passwords of nearly 2000 political staffers have been found on the dark web:

Looks like a lucky escape (or great incident response) from TfL:

Interesting malware find from @ESET: relays NFC card data to enabel attackers to cash out at an ATM.

This new hardware backdoor in Mifare smart cards could really open doors: