Nonprofit Cyber

Nonprofit Cyber Celebrates its 3rd Anniversary! 🎂 As we celebrate our third anniversary, Nonprofit Cyber proudly welcomes PuntoGal, Internet Security Research Group (ISRG), Trifecta Tech Foundation, and The Retired Investigators Guild to our growing coalition. With these new additions, we now unite 49 cybersecurity nonprofits dedicated to real, scalable impact. “Together, we build a safer, more secure world—where technology serves humanity and justice knows no borders.”, said Tom Brennan, CREST & Member of the Nonprofit Cyber Executive Committee, in his welcoming remarks. Collaboration fuels our mission, and these new members reinforce our commitment to protecting, educating, and strengthening communities worldwide. 💡 Learn more about Nonprofit Cyber, our new members and our growing impact: https://lnkd.in/eJmhK_Zx

IST is pleased to announce the generous political and financial support from the Federal Department of Foreign Affairs FDFA and the Auswärtiges Amt (Federal Foreign Office) Germany to continue the CATALINK Initiative through 2027. Deputy Director of Nuclear Policy Sylvia Mishra, Senior Analyst for Defense Tech Policy Christian S., and Senior Policy Advisor Sahil V. Shah spearhead IST’s research in this field. “We are grateful to our Swiss and German partners for their continued support as we launch the next stages of the development of our CATALINK initiative. With this generous support, we will work to provide policymakers with the tools necessary to prevent the escalation of nuclear crises, and enable national leaders to communicate effectively and securely whenever necessary to avert the use of nuclear weapons,” IST CEO Philip Reiner said. 🌐 Learn more about the CATALINK Initiative: https://lnkd.in/eqeWrDT 🖋️ From the #NatSpecs blog, Announcing Continued Support from the Swiss Federal Department of Foreign Affairs and the German Federal Foreign Office for the CATALINK Initiative: https://lnkd.in/gZjCjVCk

The Cyber Threat Alliance is pleased to announce the release of a Joint Analytic Report (JAR): Cybersecurity in the Age of Generative AI. Part I, Combating GenAI Assisted Cyber Threats, addresses the use of GenAI tools for malicious purposes. Part II, Navigating Cyber Threats to GenAI Systems, examines cyber threats to these tools. This project was led by Chelsea Conard, CTA’s Cyber Threat Report Analyst, and was funded by a generous grant from Craig Newmark Philanthropies. We would like to extend our gratitude to the CTA members and partners who participated in our Cybersecurity in the Age of Generative AI Working Group that helped drive this report.   These reports provide a factual analysis of how malicious actors are leveraging GenAI for AI-assisted cyber threats. Despite claims that GenAI is fundamentally transforming cybercrime, the reality is far less dramatic. Adversaries are indeed using these tools to automate and enhance existing threats, such as more sophisticated phishing campaigns, convincing deepfakes, and elaborate investment scams; however, this report dismantles the myth of GenAI as a revolutionary force. Instead, this report highlights GenAI’s real impact: enabling malicious actors to generate threats with greater speed and a lower barrier to entry. Thus, GenAI technology does not make threat actors smarter. Instead, it enhances their efficiency.   GenAI is reshaping the threat landscape, but we still have time to prepare. This report equips organizations with the knowledge they need to proactively address evolving challenges.   Download the reports: Part 1: https://lnkd.in/egckuSS9 Part 2: https://lnkd.in/egQ_-ZdA #cyberescurity #AI

Get the word out on the 5th Annual Reasonable Security Summit! 🗓 Date/Time: January 30, 2025 | 9 AM – 5 PM PDT 📍 Location: Westdrift Manhattan Beach, Los Angeles (hybrid option available!) This year’s summit hosted by SecureTheVillage and Center for Internet Security promises to be an impactful discussion about the necessity for protecting our smaller businesses and nonprofits. Speakers highlights from the Nonprofit Cyber community: ▫️ Tony Sager, Center for Internet Security ▫️ Lessie Skiba, Cyber Readiness Institute ▫️ Stan Stahl, PhD, SecureTheVillage 👉 More info and registration here: https://lnkd.in/gMCsDUum

Brindamos por el gran logro de nuestro miembro Consejo de Seguridad de la Información y Ciberseguridad, A.C. que recientemente fue reconocido por Infosecurity México por su trabajo para promover la ciberseguridad en las comunidades estudiantiles y académicas. 👏 Felicitaciones a David Taboada Garza y equipo que han hecho un gran trabajo de construcción de comunidad. https://lnkd.in/eH997feF -- 🇬🇧/🇺🇸: Here's to the great achievement of our member CONSEJOSI which were recently recognized by Infosecurity Mexico for their work to promote cybersecurity in student and academic communities. Congratulations to David Taboada and team which have done a great job of community-building.

Today is the 2nd edition of #MoreThanAPasswordDay ! With cyberattacks on the rise, it’s clear: relying on passwords alone is no longer enough to protect our digital identities. Today, we release an updated version of the Common Guidance on Passwords with 132 signatories worldwide. Beyond the dissemination of good practices, this year we welcome the enforcement of MFA on new platforms. Visit Nonprofit Cyber’s updated guidance to get started on better protection today: https://lnkd.in/ef3mhw6j.

We're excited to announce that Nonprofit Cyber is growing! Today, we welcome five new members: 1️⃣ ISMS Forum— Advancing information security across lusophone- and Spanish-speaking regions. 2️⃣ National Cybersecurity Center (NCC) — Transforming U.S. national cybersecurity with an interdisciplinary approach. 3️⃣ SecurityForCommunity — Providing critical cyber defense resources to vulnerable communities. 4️⃣ Netsafe New Zealand — Leading online safety efforts across New Zealand and beyond. 5️⃣ Quad9 DNS — Enhancing global online security by blocking threats at the DNS level. Each of these members brings unique expertise and a shared dedication to protecting individuals and organizations worldwide. As Philip Reitinger, Co-Chair of Nonprofit Cyber, said: “Together, we work to create a safer, more resilient digital ecosystem worldwide.” Read our news release: https://lnkd.in/eVC_u685 Welcome to our coalition! #Cybersecurity #DigitalSafety #NonprofitCyber #OnlineSafety #GlobalPartnership #CyberAwareness

Advances in AI present key #cybersecurity opportunities, but how might malicious actors utilize the same tech? IST’s latest report investigates the state of existing and potential integrations of AI in cybersecurity based on our research and interviews with industry stakeholders. In “The Implications of Artificial Intelligence in Cybersecurity,” authors Jennifer Tang, Tiffany Saade, and Steven M. Kelly, CISSP argue that while the near-term advantage  goes to the defender, AI presents numerous opportunities for bad actors, including the use of LLMs to analyze, summarize, and generate content for use in the attack cycle. To stay ahead, the report puts forward 7 priority recommendations to address both realized and prospective implications of AI in cybersecurity, including with regard to content analysis, user authentication, software security, security operations, and adversarial reconnaissance and targeting: Recommendations:  1️⃣ Protect sensitive data from malicious AI-enabled content analysis.  2️⃣ Supplement watermarking with alternative deepfake detection approaches.  3️⃣ Modernize authentication approaches to account for AI. 4️⃣ Educate society to navigate the challenges brought by AI deepfakes. 5️⃣ Optimize both human and AI resources to achieve efficiency and software quality. 6️⃣ Integrate AI into security operations workflows, but protect your model.  7️⃣ Minimize external attack surface; for critical systems, strive for invisibility. In the near-term, the report concludes that “the ‘home field’ advantage…will be difficult for an adversary to overcome. Furthermore, first-mover advantage seems to be squarely with western and likeminded governments and technology firms.” “Additionally, the cyber workforce is already realizing the benefits of AI across numerous arduous tasks that have not traditionally scaled well,” such as writing secure code, finding and fixing bugs and flaws, and re-writing software in memory safe languages. Despite opportunities for bad actors, as of right now, “only the most sophisticated state actors are likely keeping pace.” However, “Generative AI’s application in personalized, context-rich phishing and impersonation is…available to actors of all stripes, from the lowliest ransomware gang to the ‘pacing threat’ state actor.” Ultimately, “Staying ahead will require continued investment, innovation, and integration, as this is an arms race that is just getting started.” 🧠 Read “The Implications of Artificial Intelligence in Cybersecurity: Shifting the Offense-Defense Balance:” https://lnkd.in/eRzeBgX4

According to the #RansomwareTaskForce’s fourth Global Ransomware Incident Map, #ransomware attacks increased 73% in 2023. Using eCrime.ch data, the map analyzes incidents across 117 countries originating from 66 ransomware groups. Map authors Deputy Director for Digital Security Taylor Grossman and Future of Digital Security Associate Trevaughn Smith attribute this significant rise to the evolving methods of ransomware groups, including an increase in “big game hunting,” or the targeting of high-value orgs. The same six sectors saw the most incidents in 2022 and 2023: construction, hospitals and health care, government, IT services and consulting, and financial services. “While ransomware gangs are increasing the frequency of their attacks, their targets remain largely unchanged,” the report notes. Rises across sectors “suggest that cyber criminals still stand to profit from the Ransomware-as-a-Service (RaaS) model.” The ransomware group CL0P, for instance, exploited a zero-day vulnerability in a file transfer software, leading to a surge in activity in June and July 2023. LockBit, meanwhile, stood out as a “stable” player, launching continual attacks throughout the year. In 2023, eCrime.ch data identified a 49% increase in ransomware incidents in Latin America, as well as a 58% increase in Southeast Asia. In both regions, the group LockBit was responsible for the majority of attacks, progressively targeting governments and state-owned enterprises. Looking ahead to 2024, IST and the RTF anticipate an increase in “big game hunting” attacks as cyber criminals adapt & create new ways to further extort victims. We also note the execution of Operation Chronos, a major global disruptive operation targeting LockBit, and look forward to unpacking its long-term effects. As articulated in the RTF’s April 2024 progress report, 24 of the RTF’s original 48 recommendations have seen little to no action since 2021. Continued & coordinated efforts from both industry and government are essential for strategic, global disruption of ransomware activity. 🛡️Read the Ransomware Task Force’s Doubling Down: https://lnkd.in/enXextNr 🛡️Read the 2023 Ransomware Task Force Global Ransomware Incident Map: https://lnkd.in/eD4XzCUV

Nearly half of consumers have experienced cyberattacks or digital scams, with Black and Hispanic Americans disproportionately harmed by these threats. Read the new Consumer Reports 2024 Consumer Cyber Readiness Report, released in partnership with Aspen Digital and the Global Cyber Alliance. Special thanks to Craig Newmark, leader of the #CyberCivilDefense initiative, whose support was crucial in making this report possible. #CybersecurityAwarenessMonth