Cybersecurity |
Sponsored by |
|
On 24 May, NIST published recommendations that are a key component of the U.S. cybersecurity ecosystem -- known as vulnerability disclosure guidelines. NIST (National Institute of Standards and Technology) is an agency of the Department of Commerce whose mission includes "developing cybersecurity standards, guidelines, best practices, and other resources to meet the needs of U.S. industry, federal agencies and the broader public." more
Domain name registries and registrars play a critical role in the functioning of the internet, serving as gatekeepers to the DNS. As such, they have an important responsibility to ensure the security and stability of the DNS but also to promote the use of a domain name in a meaningful way for the end user. To be more efficient in achieving these goals, the domain name industry has started to become more open to the idea of leveraging their own internal data to gain insights about their current business. more
The pace of generative AI development has been astonishing to the degree that the normative space has been unable to keep up. As governments start looking into some implementations of the technology, such as ChatGPT, more advanced techniques and products continue to emerge by the day. Society is changing in irrevocable ways, and it is paramount that the Internet Governance community turns its attention to this question. more
How bad is the human security weakness problem? Verizon's 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement. This involvement can mean misconfigurations, poor security policy implementation, negligence, and falling prey to social engineering schemes. Essentially, a vast majority of data breaches have penetrated cyber defenses because of human carelessness, inconsistencies, and gullibility. more
The Australian Signals Directorate (ASD) has issued a new set of guidelines warning about the security risks posed by the use of 5G technology in so-called Smart Cities. The ASD's concerns align with those of the Five Eyes security alliance, which has warned that the interconnected nature of a fully connected city makes it vulnerable to cyberattacks. more
CENTR, the association which represents European country code top-level domain name registries (ccTLDs), such as .de for Germany or .no for Norway, has provided feedback to the United Nations' initiative on a Global Digital Compact (GDC). The GDC seeks to "outline shared principles for an open, free and secure digital future for all", and invites multistakeholder participation in the consultation phase. more
Unsuspecting website visitors are often unaware when they have landed on a spoofed page or are re-directed to malware-hosting web servers designed to steal their sensitive data and information. This attack is known as subdomain hijacking, or subdomain takeover. A web user's private information is then traded on the dark web, and cybercriminals profit, further fueling the expansion of identity theft in the online world. more
At regular intervals, I have discussed the cybersecurity situation in Australia. In those assessments, I wrote about my frustration that the previous government policies more or less resembled a fire brigade approach. Trying to address individual incidents with regulations and legislation rather than coming up with a holistic strategy. more
In today's digital age, securing your website and ensuring your users' safety has never been more critical. Secure sockets layer (SSL) certificates are the go-to solution for securing websites by encrypting the data transmitted between web servers and browsers. Historically, SSL digital certificates could be valid for years, after which they had to be renewed or replaced. more
Last month, the U.S. National Cybersecurity Strategy was launched, providing a new roadmap for stronger collaboration between those operating within the digital ecosystem. The strategy calls on software makers and American industry to take far greater responsibility to assure that their systems cannot be hacked while accelerating efforts by the Federal Bureau of Investigation and the Defense Department to disrupt the activities of hackers and ransomware groups around the world. more