#cybersecurity

#cybersecurity

Government training has never been more critical or more complex. From active shooter preparedness to cybersecurity readiness, public servants are increasingly called to navigate high-stakes scenarios where decisions can have life-or-death consequences. Traditional training methods like static presentations, dense manuals, or infrequent workshops often fail to engage or prepare participants for the dynamic challenges they face. Enter gamification: the application of game design principles to non-game contexts.

At Fortune, we've spent almost a century studying what separates the good leaders from the great ones; the ones who don't just survive disruption, but shape it. The next wave of corporate chiefs is emerging from a radically different playbook. They're products of an economy defined by technological acceleration, and operate with fluency across disciplines that didn't even exist in the CEO vocabulary a decade ago: data science, AI governance, cybersecurity, social trust, geopolitical volatility, and shifting expectations of what leadership should look like.

No one is safe from cyber attacks, it seems-a lesson Japan's Asahi Group, maker of the popular Asahi Super Dry beer, learned last week after a significant cybersecurity breach brought its Japanese factories to a standstill. In a statement, the company said there was evidence of "a potential unauthorized transfer of data," and that they'd been the target of a ransomware attack.

We want to instill cybersecurity good practices to employees in a way that's actually effective, and entertaining enough so that employees don't feel like they're working. Think Duolingo but for cybersecurity. We created a platform to easily rollout a cybersecurity awareness program: the platform sends chat-based 4-minutes long courses to teams. Following the courses, the other side of the platform simulates phishing attacks, to prepare employees to face hackers - but in a safe environment.

Security researchers at Google say that more than 100 organizations are likely to have fallen victim to a large-scale cyberattack on Oracle E-Business Suite. The hacking campaign, carried out by the notorious CL0P group, targets business-critical systems and has already stolen "mass amounts of customer data." The attack may have started three months ago, according to Google's cybersecurity team. "This level of investment suggests the threat actor(s) responsible for the initial intrusion likely dedicated significant resources to pre-attack research," Google said.

Not long ago, hackers claimed to have stolen nearly 19 million customer records from TalkTalk. Within hours, that number appeared in headlines across the U.K. and beyond. The problem was that it was not true. TalkTalk later pushed back, calling the claim "wholly inaccurate" and "very significantly overstated." But by then, the damage was done. Customers, regulators, and journalists had already absorbed the hacker's story as fact, and TalkTalk's correction barely registered in comparison.

Suspected Chinese government-backed hackers have breached computer systems of US law firm Williams & Connolly, which has represented some of America's most powerful politicians, as part of a larger spying campaign against multiple law firms, according to a letter the firm sent clients and a source familiar with the hack....Liu Pengyu, a spokesperson for the embassy, told CNN in response to a separate hacking allegation last month: "China firmly opposes and combats all forms of cyber attacks and cybercrime."

Cyberpsychology investigates the psychological processes related to technologically interconnected human behavior, informing disciplines such as human-computer interaction (HCI), computer science, engineering, psychology, and media and communications studies.5 The field explores how digital technologies influence and transform human cognition, emotion, and social interaction, as well as the reciprocal impact these human elements have on technologies. At its core, cyberpsychology seeks to understand the dynamic interplay between humans and technology.

India and China are resuming direct flights after five years of suspension and say they will strengthen trade ties. Their relationship has long been defined by rivalry, competing ambitions and a disputed border. Now, India and China are resuming direct flights after a five-year suspension. United States President Donald Trump's tariffs and a shifting trade landscape could push them closer together.

With the tech skills gap showing no signs of closing, very few IT and business professionals believe they're getting enough support for tech learning. A survey of 1,500 tech executives, IT professionals, and business professionals in the US, UK, and India from tech workforce development firm Pluralsight has revealed that while 95% say building a culture of learning is a priority at their organization, the same number believe they need more support to learn tech skills.

Agentic AI projects are likely to fail at a rate far higher than currently predicted and present a major challenge to cybersecurity operations, according to an information security expert. Haider Pasha, EMEA CISO at Palo Alto Networks, told ITPro that the benefits of would be outweighed by the risks if chief information security officers (CISOs) don't employ strict strategic and technical controls over the technology's deployment.

The government's approach to cybersecurity remains largely reactive, treating it as a crisis management issue rather than as critical national infrastructure," Brian Pak, the chief executive of Seoul-based cybersecurity firm Theori, told TechCrunch. Pak, who also serves as an advisor to SK Telecom's parent company's special committee on cybersecurity innovations, told TechCrunch that because government agencies tasked with cybersecurity work in silos, developing digital defenses and training skilled workers often get overlooked.

The solution combines attack surface management with code scanning, identifying forgotten assets and exposed services and uncovering vulnerabilities before they enter production. The company also offers penetration testing and helps organizations prepare for audits. Oneleet says its solution works with existing stacks, allowing businesses to connect cloud providers, repositories, identity platforms, and productivity utilities with its scanners and monitoring tools, for automated security.

French cybersecurity startup MokN today announced raising €2.6 million (~$3 million) for its deception-based identity protection solution. The investment round was led by Moonfire, with additional support from OVNI Capital, Kima Ventures, and several angel investors. Founded in 2023, Paris-based MokN was launched last year fully bootstrapped and is already used by over 20 enterprises, including top French businesses.

Bryan Onel's father was a locksmith. As for Onel, he described himself as the digital equivalent. Ethical hacking was Onel's hobby growing up. He studied AI at university and then turned that hacking hobby into a profession. "I spent a decade performing penetration tests for over 150 companies across all sectors," Onel tells TechCrunch, adding that he kept easily breaking into companies that had passed their security checks.

A potential shutdown could stall modernization efforts if lawmakers and the White House aren't able to reach a deal to avert a funding lapse by Tuesday at midnight, former tech leaders and experts have told Nextgov/FCW. Even planning for a potential shutdown takes time and attention away from normal work in government technology shops, they say. "You have to divert what you were doing on the day-to-day to shut down," one former federal agency CIO, not authorized to speak on the record, told Nextgov/FCW. "Shutdown planning consumes all of your time. It does take a lot to shut the government down."

With no clear government agency acting as 'first responder' following a cyberattack, the country's cyber defenses are struggling to keep pace with its digital ambitions. "The government's approach to cybersecurity remains largely reactive, treating it as a crisis management issue rather than as critical national infrastructure," Brian Pak, the chief executive of Seoul-based cybersecurity firm Theori, told TechCrunch.

Curran's argument is that as we become more and more connected, we increase our collective vulnerability to mass-scale breakdowns and manipulation. While he certainly isn't the first to point out that our increasingly digital lives come at a cost, the scholar warn s that it will take a "systemic digital crisis" before anything changes. As Curran puts it: "there are good reasons to believe that little will be done about these risks until a massive society-wide crisis emerges."

The UK is one of the world's worst performers when it comes to protecting against bots - though most countries are pretty poor. That's according to DataDome, which states that only 1.8% of large UK domains are fully protected against bots, compared with a Europe-wide average of 2.5% and a global average of 2.8%. Bigger organizations are no better than smaller ones, with only 2% of domains with more than 30 million monthly visits fully protected.

"Many of us in cyber, we put our hearts into our job. There's a lot of passion involved." He had found it progressively harder to sleep, and to go into the office. Tony, who did not want his real name used, recalls the Wannacry ransomware attack in 2017. "It was a Friday and something came up on BBC News." The security team got on a call that evening and the decision was taken to remove every single device from the network.

A "widespread cybersecurity incident" at the Federal Emergency Management Agency allowed hackers to make off with employee data from both the disaster management office and U.S. Customs and Border Protection, according to a screenshot of an incident overview presentation obtained by Nextgov/FCW. The hack is also suspected to have later triggered the dismissal of two dozen Federal Emergency Management Agency technology employees announced late last month, according to internal meeting notes and a person familiar with the matter.

Monsegur is well known as the reformed blackhat hacker called Sabu, who originally helped develop, and was the de facto leader of, the hacker group LulzSec - before becoming an informant and helping the FBI dismantle it. LulzSec famously targeted major organizations including Sony, the FBI affiliate InfraGard, and various government websites. The FBI operation resulted in several arrests in both the US and UK.

Two teenage boys were arrested in the Netherlands over suspicions of spying for pro-Russian hackers, Dutch authorities announced. The two 17-year-old boys were allegedly approached by the hackers on Telegram, a messaging application popular among cybercriminals and state-sponsored threat actors. According to local media, one of the boys was allegedly seen walking by Europol and Eurojust headquarters, and the Canadian embassy, while carrying a Wi-Fi sniffer, which is used to map Wi-Fi networks and intercept data.