Have you ever walked up to an ATM after another person finished with the machine only to find they left it on a prompt screen asking, “Do you want to perform another transaction?” I have. Of course, I did the right thing and closed out their session before beginning my own transaction. That was a mistake an individual made by careless error which could have cost them hundreds of their own currency.

The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process.

Compliance is an essential aspect of every organization, and in business terms, it entails ensuring that organizations of all sizes, and their personnel, comply with national and international regulations, such as GDPR, HIPAA, and SOX. When guaranteeing compliance, many firms frequently overlook security. Gary Hibberd states that compliance with laws or regulations is only the starting point for cybersecurity.

Every year has been an unfortunate year for online privacy for the past few years. Data breaches and social engineering attacks are at an all-time high, and the concept of online data privacy is challenged to its core, with millions of users being affected every month. IBM’s Cost of a Data Breach Report highlighted that the average data breach cost increased 2.6%, from USD 4.24 million in 2021 to USD 4.35 million in 2022.

As everyone has surely heard by now, Elon Musk has bought Twitter. The controversial tech maverick's takeover of the site has caused some consternation for the site's users, employees, and advertisers - and has also proven a golden opportunity for scammers. Numerous verified Twitter users have reported receiving phishing emails from fraudsters, purporting to be a legitimate message from the website.

The supply chain is a complex environment that goes deep inside a business and involves the majority of its infrastructure, operations, personnel, and outer relations: vendors, partners, and customers. To protect that matrix is extremely difficult, as there are numerous sensitive nodes, lines, and processes that a security team has to take care of: software and hardware resources, cloud, hybrid and local environments, platforms, and web apps.

If you’re not aware already, then be prepared for change, because a new version of ISO27001 was published in October 2022! It’s all very exciting! The last change to the standard was in 2017. The changes made back then were fundamentally cosmetic, with a few minor tweaks to wording. The changes barely caused a ripple and, even today, organisations are still certified to ISO27001:2013, meaning that no fundamental changes to the standard have taken place for around ten years.

LinkedIn says it is beefing up its security in an attempt to better protect its user base from fraudulent activity such as profiles that use AI-generated deepfake photos, and messages that may contain unwanted or harmful content. The new features, which are being rolled out globally over the next several weeks, have been previewed in a blog post by LinkedIn's Vice President of product management, Oscar Rodriguez.

If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have stores of sensitive information that’s appealing to bad actors — and they’re often much less equipped to protect that data.

If you're in the cybersecurity sector, you'll know that October is “Cybersecurity Awareness Month,” a time when cybersecurity specialists everywhere push hard to get the message out that cybersecurity is important. Each year, there is a different theme, and for 2022, the theme is "See Yourself in Cyber." According to the CISA website, the theme is meant to demonstrate that "while cybersecurity may seem like a complex subject, ultimately, it's really all about people.