A very dangerous cyber tool has been identified and analysed. It’s targeting industrial control systems - the hardware/software that is often running at industrial sites (like manufacturing, but also power grids, nuclear plants, and go figure). Based on these analyses, I make a big picture assessment.
Created by…
Read more
Can phishing precautions and training cause harm? It turns out this may be true in many cases.
Phishing is the act of gaining a victim's confidence to convince them to engage in self-harming activities, for example leading to self-hacking their systems, parting with money, or data. Or of their peers,…
Read more
I already devoted some space to cyber insurance. Since then, the situation evolved.
Oh no, cyber insurance
Cyber insurers have a big problem: it is unclear how to “assess” the risk. Some events might be especially tricky. This means a lot of risk to the insurers. They are, for example,…
Read more
Germany recently published ("Application of International Law in Cyberspace") their stance concerning the applicability of international law and rules to cybersecurity, cyberattacks, and cyberwarfare. The document is interesting and I briefly describe the important takeaways. Previously I had a look at a similar stance, for example, by the Netherlands or…
Read more
Artificial Intelligence and AI Governance are hot topics in this decade. European Union has a pretty ambitious attempt to regulate AI (project here). In this post, I have a look at the proposal through the technical lens, including paying attention to cybersecurity and privacy.
The goal of the regulation is…
Read more