Tag: operational security
73 articles

SANS Warns of AI Governance Gap as Security Teams' Confidence Eroding
Despite a significant surge in AI adoption, with 78% of organizations now using AI in their cybersecurity strategy, a growing number are facing a harsh reality: 63% report major gaps in threat detection and response. This alarming trend highlights a pressing need for better AI governance to bridge the confidence gap.

Lumen Technologies Rebuilds Exposure Management with Trusted Asset Data
Lumen Technologies' security team transformed their exposure management by consolidating 40 disconnected systems into one trusted view, growing their asset count from 17,000 to 1.1 million devices. This overhaul empowered them to respond to incidents with confidence, knowing who owned what and taking informed risk decisions.

Cyberattacks Exploit Summer Staffing Gaps
Cyberattacks surge by 40% during holiday periods, with summer being a prime target due to lighter staffing and slower business operations that create the perfect storm for cybercriminals to exploit. When teams are on vacation, attackers see an opportunity to probe for vulnerabilities and test response times.

Defense Industry Must Adapt, Scale and Accelerate Capability
The defense industry faces a harsh reality: taking down affordable drones with expensive interceptors just doesn't add up. To stay ahead, industry leaders must adapt to changing operational needs, scale up production, and accelerate innovation to deliver proven, scalable capabilities that meet today's demands.

Navy Overhauls Science Strategy to Accelerate Tech Deployment
The Navy is revolutionizing its approach to science and technology with a bold new strategy that prioritizes speed and selectivity in deploying cutting-edge tech to those who need it most. By fostering closer collaboration with key stakeholders, the Office of Naval Research aims to rapidly deliver game-changing innovations to sailors and marines.

Anonymized Infrastructure Exposes Reactive Security Gaps
Despite having access to a flood of IP data, security teams are struggling to turn it into actionable insights, with a staggering 94% of security incidents involving anonymized infrastructure that exposes reactive security gaps. The sheer volume of data is creating a clarity crisis, with analysts overwhelmed by signals but lacking the context needed to respond effectively.

Proton Fortifies Defenses Against Cybercriminal Exploitation
Proton's end-to-end encryption ensures that even the company itself can't access your message contents or location, creating a fortress of trust and security for its users. This fundamental limit is a deliberate design choice, prioritizing user privacy and protection against cybercriminal exploitation.

US Navy Rethinks Risk in Software Development for Edge Operations
The Department of the Navy is shaking up its approach to software development, redefining risk to deliver mission-critical data at breakneck speeds. By recalibrating its tolerance for risk, the Navy aims to accelerate the flow of vital information to where it's needed most, when it's needed most.

US Special Ops Forces Seek AI Edge in Remote Warfare
US Special Ops Forces are leveraging AI to gain a strategic edge in remote warfare, with a focus on harnessing generative AI for tactical operations and resource allocation. They're now pushing to deploy AI capabilities to the tactical edge, enabling faster decision-making in disconnected environments.

Inactive User Account Enables Hackers to Control City's Water System
A simple mistake of leaving a former employee's user account active allowed hackers to take control of a city's water system, highlighting the importance of promptly disabling access for departed staff. This "zombie" account proved to be the vulnerable entry point that attackers exploited to wreak havoc on municipal operations.

Bolstering AI Resilience Across Cloud and Data Environments
As AI agents and copilots increasingly access, share, and store enterprise data, organisations in Australia and New Zealand face a pressing question: can they keep their data secure and recoverable in this new landscape? The integration of agentic AI and copilots is expanding data pathways, creating new operational risks that demand attention to visibility, protection, and recovery readiness.

Australia's Supply Chains Face Structural Resilience Test
Australia's supply chains, once optimized for efficiency, are now facing a harsh reality: a world where disruption is the new norm, and resilience is the ultimate test. The intricate link between fuel and fertiliser - a coupled system that drives farming productivity - is buckling under the pressure, threatening economic and social stability.

ASELSAN Unveils Integrated Multi-Domain Defense Systems at SAHA 2026
ASELSAN is revolutionizing defense with its Integrated Defense Systems, unveiling a game-changing portfolio at SAHA 2026 that unites sensors, effectors, and decision-making elements in a coordinated, layered approach to tackle both conventional and asymmetric threats. This cutting-edge architecture seamlessly integrates detection, command-and-control, electronic warfare, and kinetic response to safeguard across land, air, sea, and the electromagnetic spectrum.

Incident Response Readiness Exposes Operational Gaps
Being incident response ready means more than just having a plan - it requires immediate visibility into identity and authentication access, including investigator-level read access to crucial systems. Without this visibility, teams are left making blind containment decisions and piecing together timelines with guesswork.

SOCOM Accelerates AI and Autonomy Integration Across Operations
US Special Operations Command is rapidly integrating AI and autonomy into every level of its operations to revolutionize sensing, surveillance, and response capabilities on the battlefield. This cutting-edge technology enables the command to stay ahead of adversaries and project power with precision, says Adm. Frank "Mitch" Bradley.

Threat Actors Formalize Operational Security Playbook
Cybercrime players are now treating operational security as a sophisticated game-changer, and it's time for you to level up your security strategy beyond just using VPNs. A battle-tested three-tier infrastructure model has emerged, separating exposure, execution, and monetization to safeguard high-stakes operations.

MacOS Attacks Evolve, Exploiting Native Tools for Stealth
As macOS use surges in enterprise environments, accounting for over 45% of organizations, attackers are getting creative - exploiting native tools like Remote Application Scripting, Terminal, and AppleScript to stealthily run code, move undetected, and evade security measures. Cisco Talos warns that these tactics allow hackers to issue malicious instructions across processes and systems without triggering conventional monitoring.

Managed Detection and Response Targets Gaps in Cyber Defenses
State, local, tribal, and territorial organizations, along with their schools, are facing a perfect storm of rising cyber threats, limited staff, and tight budgets - making it tough to stay ahead of attacks. Managed Detection and Response can help bridge the gaps in their cyber defenses, providing the support and visibility needed to respond quickly and effectively.

Enterprises Face Identity Crisis as Machine Access Surges
As AI agents increasingly reshape enterprise operations and defenses, a new reality sets in: machine identities are surging, outnumbering human users and introducing unprecedented risks that are autonomous, fast-moving, and difficult to control. This seismic shift demands attention, as organizations scale AI and transform their attack surfaces and decision flows.
Dutch Navy Exposed by Cheap Bluetooth Tracker Mishap
A €5 Bluetooth tracker and some basic online sleuthing allowed journalists to track a Dutch navy frigate, exposing a shocking lapse in operational security that has left many wondering how such a breach could occur. It seems that publicly available information, combined with a tiny device that's cheaper than a cup of coffee, was all it took to reveal the warship's location.

AI Adoption Exposes Hidden Security Gaps in Enterprise Operations
As AI rapidly moves from experimentation to executive mandate, organizations face a daunting challenge: how to harness its power while securing and governing its adoption. With boards, investors, and executives pushing for integration, the pressure is on to balance AI adoption with robust security and oversight.

US and UK Cyber Leaders Scramble to Contain Claude Mythos Threat
As a new AI tool, Claude Mythos, raises red flags with its potential to aid hacking, US and UK cyber leaders are scrambling to contain the threat and reassess their cybersecurity strategies. This emerging concern marks a new front in AI and cybersecurity, where commercially available models are now viewed as a potential operational risk.

LAPD Data Breach Exposes Sensitive Officer Records
A data breach has exposed sensitive records of the Los Angeles Police Department, raising urgent concerns about operational security, individual privacy, and institutional trust. The incident's implications extend far beyond a single breach, sparking questions about the vulnerability of law enforcement data.

Identity Fragmentation Exposes Growing Enterprise Security Risks
As organizations scale, identities are scattering across apps, teams, and systems, creating a blind spot in centralized view and giving rise to what The Hacker News calls Identity Dark Matter. This fragmented state of modern enterprise identity is pushing IAM to the breaking point, exposing growing security risks that demand attention.