Europe Sees More Hacktivism, GDPR Echoes, and New Security Laws Ahead for 2024

An evolving geopolitical landscape has impacted cybersecurity in Europe this year, posing specific challenges for safeguarding critical infrastructure and sensitive data.
The Ukraine war and the conflict in Gaza have led to a rise in hacktivism, and ransomware gangs have excelled in capitalizing quickly on new critical vulnerabilities to gain initial access within many organizations.
This is exacerbated by threat actors having more access to various means of automation, be it readily available command-and-control toolkits, generative AI to support their spear-phishing efforts, or commercially available ransomware from the Dark Web.
Hacktivism and Critical Infrastructure The conflict in Ukraine dominated the early part of the year, with the threat of nation-state cyberattacks and counter attacks potentially escaping from the theater of war into the wider European cyber ecosystem, says Gareth Lindahl-Wise, CISO at Ontinue.
The NIS2 Directive text includes provisions to raise the cybersecurity requirements for digital services used in critical sectors of the economy and society, including sectors such as waste management and manufacturing.
Hybrid Work and Its Security Challenges Digital transformation is leading to increasing complexity for defenders, with the past few years bringing significant increases in remote and hybrid work, bring your own device policies, multicloud adoption, and industry 4.0 trends, along with more digitalized supply chains, says Darktrace's Heinemeyer.
Ontinue's Lindahl-Wise says GDPR has undoubtedly driven a significant amount of focus and energy in people who staff security functions to better understand the data they have, where it is, how it is secured, and who it is shared with.
In recent years, the EU has taken numerous measures to strengthen cybersecurity in Europe in a sustainable manner, says Jochen Michels, head of public affairs in Europe for Kaspersky.
Some of the examples include the aforementioned NIS2 Directive, an EU-wide law taking measures for a high common level of cybersecurity across the union.
The Cyber Resilience Act, which aims to safeguard consumers and businesses using digital products, is currently under negotiation but expected to take effect in early 2024.
Other efforts include the creation of the European Cybersecurity Skills Academy and the European Cybersecurity Competence Center, as well as the development of European Cyber Security Schemes, a comprehensive certification framework.
While GDPR has led to an increasing scrutiny on data privacy and data processing - e.g., who is using our data, where, and for what purpose - NIS2 is driving European organizations to significantly step up their cyber maturity, Heinemeyer adds.
Securing AI/ML Security Through the EU AI Act, which is currently in trialogue negotiations, the EU has reacted to potential cybersecurity risks from GenAI and AI/machine learning, Michels points out.
An agreement on the act and its adoption, at least tentatively, is expected by the end of 2023.
ENISA is working on mapping the AI cybersecurity ecosystem and providing security recommendations for the challenges it foresees.
Specifically, the proposed EU AI Act foresees cybersecurity requirements for high-risk AI systems to ensure compliance, identify risks, and implement necessary security measures.
There are two different aspects to consider about the cybersecurity impact of AI, Heuvinck notes.
AI is used in ENISA's Open Cyber Situational Awareness Machine, which automatically gathers, classifies, and presents information related to cybersecurity and cyber incidents from open sources.
On the other hand, AI techniques can be used to support security operations - but this can come with risks.
From her perspective, the importance of cybersecurity and data protection in every part of the AI ecosystem to create trustworthy technology for end- users is undeniable.


This Cyber News was published on www.darkreading.com. Publication date: Tue, 26 Dec 2023 19:45:05 +0000


Cyber News related to Europe Sees More Hacktivism, GDPR Echoes, and New Security Laws Ahead for 2024

Thought GDPR Compliance Was Hard? Buckle Up - COMMENTARY. Five years since the European Union's General Data Protection Regulation took effect, its fingerprints are everywhere: from proliferating privacy laws worldwide to the now-ubiquitous consent banners seen across websites of every kind. For ...
1 year ago Darkreading.com
Europe Sees More Hacktivism, GDPR Echoes, and New Security Laws Ahead for 2024 - An evolving geopolitical landscape has impacted cybersecurity in Europe this year, posing specific challenges for safeguarding critical infrastructure and sensitive data. The Ukraine war and the conflict in Gaza have led to a rise in hacktivism, and ...
11 months ago Darkreading.com
Business Data Privacy Laws: Compliance and Beyond - Governments worldwide have implemented strict data privacy laws to protect individuals' information in the face of increasing cyber threats and data breaches. Let's dive into the world of business data privacy laws as we navigate the complexities of ...
11 months ago Securityzap.com
Securing the Digital Frontier - As we navigate through a world brimming with data, understanding the evolving landscape of data protection is not just a necessity but a responsibility. This intricate dance among technology, societal norms, and regulatory frameworks shapes our ...
10 months ago Feeds.dzone.com
GDPR Turns Six: Reflecting on a Global Privacy Benchmark - The EU's flagship data protection law, the General Data Protection Regulation, celebrated its sixth anniversary on 25th May '24. Since coming into effect in 2018, its stringent requirements for enhanced security controls and data privacy have ...
6 months ago Itsecurityguru.org
WhatsApp Fined €5.5 Million for Enforcing Data Processing Update - Heimdal Security recently reported that WhatsApp, the world’s most popular messaging service, has been fined €5.5 million by the Italian Data Protection Authority (GPDR) for violating user privacy. According to the report, the WhatsApp ...
1 year ago Heimdalsecurity.com
Kasperskys ICS CERT Predictions for 2024: Ransomware Rampage, Cosmopolitical Hacktivism, and Beyond - Looking back at 2023, Kaspersky predicted the industrial cybersecurity landscape would continue to evolve, with several key trends emerging. The pursuit of efficiency in IIoT and SmartXXX systems fueled an expanded attack surface, while the surge in ...
10 months ago Darkreading.com
Cyber Insights 2023: Cyberinsurance - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. In 2022, Russia invaded Ukraine with the potential for more serious and more ...
1 year ago Securityweek.com
Cyber Insights 2023: ICS and Operational Technology - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. At the same time, ICS/OT is facing an expanding attack surface caused by ...
1 year ago Securityweek.com
My Yearly Look Back, a Look Forward and a Warning - 2023 saw cybersecurity and privacy law arrive at a crossroads, especially with regard to the regulatory landscape. This is the time of year when it is traditional to look back at the past year and extrapolate forward to make predictions for the year ...
11 months ago Securityboulevard.com
Black Hat Europe 2023 Closes on Record-Breaking Event in London - PRESS RELEASE. LONDON, Dec. 20, 2023 - Black Hat, the cybersecurity industry's most established and in-depth security event series, today announced the successful completion of the in-person component of Black Hat Europe 2023. The event welcomed more ...
1 year ago Darkreading.com
It's Time For Lawmakers to Listen to Courts: Your Law Regulating Online Speech Will Harm Internet Users' Free Speech Rights - Despite a long history of courts ruling that government efforts to regulate speech online harm all internet users and interfere with their First Amendment rights, state and federal lawmakers continue to pass laws that do just that. Three separate ...
5 months ago Eff.org
Legal and Compliance Considerations in Cloud Computing - This paradigm change has faced challenges, primarily legal and compliance issues. This can present severe legal issues, particularly regarding data ownership. According to S. Krishnan, the transforming nature of computing has created legal ...
10 months ago Feeds.dzone.com
Gaining Insights on the Top Security Conferences - A Guide for CSOs - Are you a CSO looking for the best security events around the world? Well, you have come to the right place! This article is a guide to the top security conferences that offer essential security insights to help make informed decisions. Security ...
1 year ago Csoonline.com
Italian Data Protection Authority Fines WhatsApp €5.5 Million - The Italian Data Protection Authority (DPA) has fined WhatsApp €5.5 million as a result of violations of the European Union’s General Data Protection Regulation (GDPR). ...
1 year ago Securityaffairs.com
Cyber Insights 2023: Criminal Gangs - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. Despite some geopolitical overlaps with state attackers, the majority of ...
1 year ago Securityweek.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
11 months ago Securityboulevard.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
9 months ago Feeds.dzone.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
1 year ago Microsoft.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
11 months ago Feeds.dzone.com
What is the Latest WhatsApp GDPR Violation? - WhatsApp has just been handed a hefty fine of €55 million by the Irish Data Protection Commission (DPC) for violating GDPR. WhatsApp had failed to comply with numerous obligations under GDPR, including not providing “transparent, intelligible, ...
1 year ago Bleepingcomputer.com
PornHub now also blocks Texas over age verification laws - PornHub has now added Texas to its blocklist, preventing users in the state from accessing its site in protest of age verification laws. Texas' age verification bill HB 1181, passed last year, went back into effect last week after the State won an ...
9 months ago Bleepingcomputer.com
First, Let's Talk About Consumer Privacy: 2023 Year in Review - Whatever online harms you want to alleviate on the internet today, you can do it better-with a broader impact-if you enact strong consumer data privacy legislation first. That is a grounding principle that has informed much of EFF's consumer ...
11 months ago Eff.org
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
New Stellar Cyber Alliance to Deliver Email Security for SecOps Teams - Stellar Cyber, a Double Platinum 'ASTORS' Award Champion in the 2023 Homeland Security Awards Program, and the innovator of Open XDR has entered inao a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this ...
10 months ago Americansecuritytoday.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)