Tag: cyber policy
UK defence ministry ‘loses’ 269 phones
The UK Ministry of Defence (MoD) has egg all over its face following its admission that over 269 of its phones went missing between January 1 and February 27. This is a record number, even for the MoD, which lost 262 phones in total in 2023 and 2024. The astonishing total of how many phones were recorded as lost, misplaced or stolen in the first two months of this year only came to light in response to a question asked in the UK parliament by the shadow defence secretary, James Cartlidge. The fact that a security-conscious organization such as the MoD could lose track of so many devices only evidences the increasing overlap between cybersecurity and physical security. Once a device such as a smartphone is in the hands of a threat actor, it can provide a portal to enable all kinds of cyber-attacks.
WEF predicts perfect storm for cybercrime
The World Economic Forum (WEF) Global Cybersecurity Outlook 2025 reports that several compounding factors are creating an increasingly complex and risky business environment. These include the growing complexity of supply chains, rising geopolitical tensions, cybercriminal's increasing use of artificial intelligence (AI), and the entry of traditional organized crime groups into cybercrime. Ransomware remains the top organizational cyber risk year on year, with 45 percent of respondents ranking it as a top concern in this year’s survey. Over half of the large organizations surveyed worldwide, 54 percent, identified supply chain challenges as the most challenging barrier to achieving cyber resilience, citing the increasing complexity of supply chains, coupled with a lack of visibility and oversight into the security levels of suppliers.
Cybercriminals crack MFA defenses
Cybercriminals are now using social engineering techniques developed to crack passwords to break through multi-factor authentication (MFA) defenses, such as sending a code to another device, such as the user’s smartphone. According to the UK’s National Cyber Security Centre (NCSC) report, Not all types of MFA are created equal...: “Attackers have realized that many of the same social engineering techniques that tricked us into handing over passwords can also be updated to overcome some methods of MFA. We’ve seen the success of attacks against MFA-protected accounts increasing over the past couple of years.”
UK and US Develop Global AI Security Guidelines – November 27th
The UK's National Cyber Security Center (NCSC), in partnership with the US's Cybersecurity and Infrastructure Security Agency (CISA) launched the 'Guidelines for Secure AI System Development'. The guidelines are set to secure AI system development, to help developers make informed cybersecurity decisions at every step of the AI development process. These AI guidelines were also co-signed in cooperation with 21 other international agencies and ministries from across the world.