Cybersecurity Weekly Blog

This week I read an article by the wall street journal which talks about the Deloitte report which highlights a rise in ransomware attacks in 2024, fueled by ransomware-as-a-service models and nation-state groups using ransomware for both profit and distraction. Attackers increasingly use AI, especially large language models, to create convincing phishing campaigns, causing a surge in attacks. Despite law enforcement efforts, cybercriminals remain resilient, selling personal data on underground forums. The report urges organizations to stay vigilant, use intelligence-driven defenses, and strengthen public-private partnerships to combat these evolving cyber threats.  By Fuchee Young Source: https://deloitte.wsj.com/cio/cyber-threat-trends-a-ciso-guide-to-emerging-risks-113d986a

This week I read an article by Forbes on Cybersecurity, and it talks about how Cybersecurity is no longer optional or something to be added later it's a fundamental part of modern industrial infrastructure. As Ian Bramson emphasizes, treating cybersecurity as a core design element rather than a retrofit prevents costly risks, disruptions, and vulnerabilities. Capital projects must embed cybersecurity from the very beginning, integrating it into planning, contracts, procurement, and training.  By framing it as a process safety issue and holding all stakeholders accountable, organizations can ensure the protection of people, assets, and operations. In an era of AI powered threats, growing regulatory pressure, and market scrutiny, building cybersecurity into every stage of a project is not just smart it's essential. Those who make it a priority from day one will be safer, more resilient, and better positioned for long term success. By Fuchee Young Source: https://www.forbes.com/c...

This week I read an article by Forbes it emphasizes the urgent need to modernize Security Operations Centers (SOCs) in response to today’s rapidly evolving cyber threats. With increased attack surfaces due to remote work, IoT, and cloud environments, traditional security models fall short. Brooks highlights how emerging technologies like AI, automation, and cloud-based tools such as IBM’s QRadar Suite can streamline threat detection and response.  He also points to hardware-based protections from companies like Fibernet, advanced audit tools like Data Stealth, and the critical importance of SOC personnel training through organizations like SANS and CompTIA. He concludes that combining advanced technology with strong frameworks like Zero Trust and Defense in Depth is essential to building resilient, proactive SOCs capable of defending modern organizations. By Fuchee Young Source: https://www.forbes.com/sites/chuckbrooks/2023/04/26/advancing-the-security-operations-center-soc-ne...

This week I read an article on Agentic AI, which refers to autonomous AI agents capable of mimicking human decision-making and executing tasks, is rapidly being adopted for cybersecurity and productivity. While offering powerful automation benefits, it introduces serious security risks due to its autonomy, broad system access, and reliance on large language models.  Key vulnerabilities include prompt injection attacks, misconfigurations in the Model Context Protocol and over permissive integrations that blur authentication and authorization boundaries. Experts stress the need for careful agent selection, strong guardrails, human oversight, and slower, more strategic deployment to mitigate these new attack surfaces. By Fuchee Young Source: https://www.securityweek.com/the-wild-wild-west-of-agentic-ai-an-attack-surface-cisos-cant-afford-to-ignore/

This week I read an article about quantum computing continues to advance, traditional encryption methods like RSA and ECC are at risk of becoming obsolete. To stay ahead of potential threats, cybersecurity experts are turning to Post Quantum Cryptography (PQC )   algorithms designed to resist even the most powerful quantum attacks. People agreed the key to staying secure is starting the transition now . Organizations should assess their cryptographic assets, adopt crypto agile architectures, and begin testing NIST approved algorithms in real world applications. Quantum threats may still be years away, but the time to act is today. By Fuchee Young Source: https://www.forbes.com/councils/forbestechcouncil/2025/07/03/promising-post-quantum-cryptography-solutions-according-to-experts/

This week, I read an article about the growing cybersecurity concerns as tensions rise between the U.S. and Iran following recent U.S. airstrikes on Iranian nuclear facilities. According to cybersecurity experts and federal officials, while a large-scale cyber-attack on the U.S. is unlikely, Americans should still be prepared for low-level cyber-attacks , such as phishing scams, website disruptions, and other small-scale intrusions. The Department of Homeland Security (DHS) has issued a warning, noting that we are currently in a " heightened threat environment ." Cybersecurity specialists say Iran has both state-run and proxy hacker groups capable of launching disruptive, retaliatory attacks against critical infrastructure and individuals. Even though the threats may not be massive in scale, they still pose real risks to businesses and everyday users. By Fuchee Young Source: https://www.usatoday.com/story/money/2025/06/23/could-iran-launch-cyber-attack-protect/84322009007/