{"id":2954,"date":"2024-04-05T14:26:33","date_gmt":"2024-04-05T19:26:33","guid":{"rendered":"https:\/\/www.darkreading.com\/remote-workforce\/ciso-corner-ivanti-mea-culpa-world-cup-hack-cyber-awareness"},"modified":"2024-04-05T14:26:33","modified_gmt":"2024-04-05T19:26:33","slug":"ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/04\/05\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness\/","title":{"rendered":"CISO Corner: Ivanti&#8217;s Mea Culpa; World Cup Hack; CISOs &amp; Cyber Awareness"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt3dd955f92fe20956\/64f16c3763b06d873cb98897\/Risk_Kenishirotie_Alamy.jpg?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Welcome to CISO Corner, Dark Reading&#8217;s weekly digest of articles tailored specifically to security operations readers and security leaders. Every week, we&#8217;ll offer articles gleaned from across our news operation, The Edge, DR Technology, DR Global, and our Commentary section. We&#8217;re committed to bringing you a diverse set of perspectives to support the job of operationalizing cybersecurity strategies, for leaders at organizations of all shapes and sizes.<\/span><\/p>\n<h3 class=\"ContentText ContentText_variant_h3 ContentText_align_left\" data-testid=\"content-text\" id=\"In this issue of CISO Corner:\">In this issue of CISO Corner:<\/h3>\n<div data-component=\"basic-list\" class=\"BasicList BasicList_nestedLevel_0 BasicList_variant_unordered BasicList_limited\">\n<ul data-testid=\"basic-list-unordered\" class=\"BasicList-UnorderedList\">\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">How CISOs Can Make Cybersecurity Awareness a Long-Term Priority for Boards<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Global: Cybersecurity Threats Intensify in the Middle East During Ramadan<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Funding the Organizations That Secure the Internet<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">How Soccer&#8217;s 2022 World Cup in Qatar Was Nearly Hacked<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Microsoft Beefs Up Defenses in Azure AI<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Why Cybersecurity Is a Whole-of-Society Issue<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<\/ul>\n<\/div>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"How CISOs Can Make Cybersecurity Awareness a Long-Term Priority for Boards\">How CISOs Can Make Cybersecurity Awareness a Long-Term Priority for Boards<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Commentary by Shaun McAlmont, CEO, NINJIO Cybersecurity Awareness Training<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">Cybersecurity is far more than a check-the-box exercise. To create companywide buy-in, CISOs need to secure board support, up their communication game, and offer awareness-training programs to fight social engineering and help employees apply what they&#8217;ve learned.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">CISOs play a vital role in building stakeholder support for cybersecurity across the company \u2014 including when it comes to earning long-term support for awareness training from their boards. Winning strategies include communicating cybersecurity concepts in an engaging and non-technical way, and showing board members that <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cybersecurity-analytics\/10-security-metrics-categories-cisos-should-present-to-the-board\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">cybersecurity programs offer significant ROI<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">This column lays out five ways that CISOs can show boards that it&#8217;s time to prioritize cybersecurity:<\/span><\/p>\n<div data-component=\"basic-list\" class=\"BasicList BasicList_nestedLevel_0 BasicList_variant_ordered BasicList_limited\">\n<ol data-testid=\"basic-list-ordered\" class=\"BasicList-OrderedList BasicList-OrderedList_nestedLevel_0 body-normal\">\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_ordered\" readability=\"8.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_ordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"12\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Know how to communicate with non-technical audiences.<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> Cybersecurity is an intimidating subject for non-technical audiences, but it doesn&#8217;t have to be. CISOs can make a comprehensible and convincing case for cybersecurity by pointing to the devastating real-world consequences of successful cyberattacks, for instance.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_ordered\" readability=\"8.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_ordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"12\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Focus on the entire cyber-impact chain. <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Cyberattacks can lead to severe reputational damage, disrupted operations, legal and regulatory consequences, and crippling effects on the health of the company&#8217;s workforce.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_ordered\" readability=\"7\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_ordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"9\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Stress the human element. <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">CISOs stress that 74% of all breaches involve a human element \u2014 an alarming reminder that social engineering remains one of the most powerful weapons in the cybercriminal arsenal.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_ordered\" readability=\"7.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_ordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"10\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Outline how awareness-training programs can be measured.<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> CISOs need to make accountability a central pillar of their case for awareness training. When board members see that cybersecurity spending is paying off, CISOs will be able to maintain support.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_ordered\" readability=\"7.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_ordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"10\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Secure long-term support.<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> Because the cyber threat landscape is always shifting, companies have to keep employees updated on the latest cybercriminal tactics \u2014 such as the use of AI to craft convincing and targeted phishing messages at scale.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<\/ol>\n<\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/how-cisos-can-make-cybersecurity-long-term-priority-for-boards\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">How CISOs Can Make Cybersecurity a Long-Term Priority for Boards<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cybersecurity-operations\/cisos-struggle-csuite-status-expectations-skyrocket\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">CISOs Struggle for C-Suite Status Even as Expectations Skyrocket<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"Cybersecurity Threats Intensify in the Middle East During Ramadan\">Cybersecurity Threats Intensify in the Middle East During Ramadan<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">By Alicia Buller, Contributing Writer, Dark Reading<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">How security teams in the region fortify their defenses amid short-staffing \u2014 and increased DDoS, phishing, and ransomware campaigns \u2014 during the Muslim holy month.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The ninth month of the Muslim calendar is observed around the world, as followers take the time to reflect and practice fasting, and cybersecurity teams often operate with skeletal staffing. Ramadan is also a period where Muslim shoppers tend to up their spending on specialty foods, gifts, and special offers.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">All of this also creates a perfect storm for bad actors to conduct fraudulent activities and scams. Endpoint-protection firm Resecurity has observed a significant increase in cyber malevolence during Ramadan, which began on March 10. The company estimates the total financial impact from these cyberattacks and cyberscams against the Middle East has reached up to $100 million so far during this year&#8217;s Ramadan.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/cybersecurity-incidents-consistently-increase-in-uae\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">Middle East-based companies can step up cybersecurity<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> with extra vigilance and outsourced support amid shortened working hours and increased ecommerce activity.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Many organizations proactively enhance their outsourced contracts during this period, particularly focusing on bolstering 24\/7 security operations,&#8221; says Shilpi Handa, associate research director of security, Middle East, Turkey, and Africa (META) at IDC, adding that deploying a remote and diverse workforce is particularly advantageous during Ramadan as around-the-clock security shifts can be fully covered by a mix of Muslim fasters and non-Muslim staff.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/cyber-threats-intensify-in-middle-east-during-ramadan\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Cybersecurity Threats Intensify in the Middle East During Ramadan<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/middle-east-leads-in-dmarc-deployment\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Middle East Leads in Deployment of DMARC Email Security<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"Funding the Organizations That Secure the Internet\">Funding the Organizations That Secure the Internet<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">By Jennifer Lawinski, Contributing Writer, Dark Reading<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">Common Good Cyber is a global consortium connecting nonprofit, private sector, and government organizations to fund organizations focused on securing Internet infrastructure.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">There&#8217;s no single entity responsible for <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/cyberthreats-regulations-mount-for-financial-industry\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">maintaining and securing the Internet<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">. Instead, that task falls upon a diverse group of organizations and individuals that preserve this public utility with little funding, or by subsisting on tight budgets. The stakes are incredibly high, but the amount of resources available for keeping this infrastructure secure falls short.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Key components of the Internet are maintained by volunteers, nonprofits, and NGOs, and others who work with razor-thin budgets and resources,&#8221; said Kemba Walden, president of Paladin Global Institute and former US acting national cyber director. &#8220;Consider this: The underpinnings of our digital infrastructure, the infrastructure that enables civil society to thrive in our economy today and to grow, rest on a network of volunteers, nonprofits, NGOs and others.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">An initiative called Common Good Cyber is finding new ways to build adequate funding into law and policy, business policies and government, and other funding vehicles sufficient to meet the common need for cybersecurity. Ideas include creating joint funding organizations; federated fundraising for nonprofits; inventorying who is doing what to support the Internet&#8217;s infrastructure; and a hub or accelerator to provide resources to the groups securing the Internet.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/funding-the-organizations-that-secure-the-internet\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Funding the Organizations That Secure the Internet<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/neglecting-open-source-developers-puts-the-internet-at-risk\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Neglecting Open Source Developers Puts the Internet at Risk<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"How Soccer's 2022 World Cup in Qatar Was Nearly Hacked\">How Soccer&#8217;s 2022 World Cup in Qatar Was Nearly Hacked<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">By Jai Vijayan, Contributing Writer, Dark Reading<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">A China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">About six months before the 2022 FIFA World Cup soccer tournament in Qatar, a threat actor \u2014 later identified as China-linked BlackTech \u2014 quietly breached the network of a major communications provider for the games and planted malware on a critical system storing network device configurations.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The breach remained undetected until six months after the games, during which the cyber-espionage group gathered up an unknown volume of data from targeted customers of the telecommunications provider \u2014 including those associated with the World Cup and vendors providing services for it.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">But it&#8217;s the &#8220;what else could have happened&#8221; that&#8217;s the really scary part: The access that BlackTech had on the telecom provider&#8217;s system would have allowed the threat actor to completely disrupt key communications \u2014 including all streaming services associated with the game. The fallout from such a disruption would have been substantial in terms of geopolitical implications, brand damage, national reputation, and potentially <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/super-bowl-operational-cyber-risks-attackers-allure\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">hundreds of millions of dollars in losses<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> from the licensing rights and ads negotiated prior to the World Cup.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/how-the-2022-qatar-world-cup-soccer-was-nearly-hacked\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">How Soccer&#8217;s 2022 World Cup in Qatar Was Nearly Hacked<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/ics-ot-security\/nfl-cisa-intercept-cyber-threats-super-bowl-lviii\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">NFL, CISA Look to Intercept Cyber Threats to Super Bowl LVIII<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"Microsoft Beefs Up Defenses in Azure AI\">Microsoft Beefs Up Defenses in Azure AI<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">By Jai Vijayan, Contributing Writer, Dark Reading<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">Microsoft adds tools to protect Azure AI from threats such as prompt injection, as well as to give developers the capabilities to ensure generative AI apps are more resilient to model and content manipulation attacks.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Amid growing concerns about threat actors using prompt injection attacks to get <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/llms-open-manipulation-using-doctored-images-audio\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">generative AI (GenAI) systems to behave in dangerous and unexpected ways<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, Microsoft&#8217;s AI Studio is rolling out resources for developers to build GenAI apps that are more resilient to those threats.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Azure AI Studio is a hosted platform that organizations can use to build custom AI assistants, copilots, bots, search tools, and other applications, grounded in their own data.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">The five new capabilities that Microsoft has added \u2014 or will soon add \u2014 are Prompt Shields, groundedness detection, safety system messages, safety evaluations, and risk and safety monitoring. The features are designed to address some significant challenges that researchers have uncovered recently \u2014 and continue to uncover on a routine basis \u2014 with regard to the use of large language models (LLMs) and GenAI tools.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Generative AI can be a force multiplier for every department, company, and industry,&#8221; said Microsoft&#8217;s chief product officer of responsible AI, Sarah Bird. &#8220;At the same time, foundation models introduce new challenges for security and safety that require novel mitigations and continuous learning.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/application-security\/microsoft-adds-tools-for-protecting-against-prompt-injection-other-threats-in-azure-ai\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Microsoft Beefs Up Defenses in Azure AI<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyber-risk\/forget-deepfakes-or-phishing-prompt-injection-is-genai-s-biggest-problem\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Forget Deepfakes or Phishing: Prompt Injection is GenAI&#8217;s Biggest Problem<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed\">Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">By Jai Vijayan, Contributing Writer, Dark Reading<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">So far this year, Ivanti has disclosed a total of 10 flaws \u2014 many of them critical \u2014 in its remote access products, and one in its ITSM product.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Ivanti CEO Jeff Abbott this week said his company will completely revamp its security practices even as the vendor disclosed another fresh set of bugs in its <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cloud-security\/ivanti-poor-marks-cyber-incident-response\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">vulnerability-riddled Ivanti Connect Secure<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> and Policy Secure remote access products.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">In an open letter to customers, Abbott committed to a series of changes the company will make in the coming months to transform its security operating model following a relentless barrage of bug disclosures since January. The promised fixes include a complete do-over of Ivanti&#8217;s engineering, security, and vulnerability management processes and implementation of a new secure-by-design initiative for product development.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">How much these commitments will help stem growing customer disenchantment with Ivanti remains unclear given the company&#8217;s recent security track record. In fact, Abbot&#8217;s comments came one day after Ivanti disclosed four new bugs in its Connect Secure and Policy Secure gateway technologies and issued patches for each of them.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/remote-workforce\/ivanti-ceo-commits-to-security-overhaul-day-after-vendor-discloses-4-more-vulns\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Ivanti Pledges Security Overhaul the Day After 4 More Vulns Disclosed<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cloud-security\/feds-microsoft-clean-up-cloud-security-act\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Feds to Microsoft: Clean Up Your Cloud Security Act Now<\/a><\/span><\/p>\n<h2 class=\"ContentText ContentText_variant_h2 ContentText_align_left\" data-testid=\"content-text\" id=\"Why Cybersecurity Is a Whole-of-Society Issue\">Why Cybersecurity Is a Whole-of-Society Issue<\/h2>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Commentary by Adam Maruyama, Field CTO, Garrison Technology<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_italic\">Working together and integrating cybersecurity as part of our corporate and individual thinking can make life harder for hackers and safer for ourselves.<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">We are drowning in vulnerabilities: Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), at a recent Congressional hearing on Chinese cyber operations, said simply that &#8220;we&#8217;ve made it easy on&#8221; attackers through poor software design. But it will take a whole-of-society effort to reshape the market for cybersecurity to create technologies that are both high-performing and secure.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">As CISA articulated in its Secure by Design initiative, <\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cloud-security\/google-eighth-zero-day-patch-2023-chrome\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" rel=\"noopener\">secure coding by vendors<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> is the first step to creating technologies that are both secure and usable. But businesses must realize, as Easterly put it, that &#8220;cyber-risk is business risk&#8221; by incorporating cybersecurity into all their business practices. In particular, by increasing the stature of CISOs and giving them holistic cybersecurity oversight of the entire business, particularly procurement decisions, companies can incorporate cybersecurity as an organic step in business processes.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Meanwhile, cybersecurity and IT professionals \u2014 two closely related but often clashing groups \u2014 must come together to build networks that are both secure and functional for their users. And, the final piece of a whole-of-society approach to cybersecurity is both the most difficult and the most critical: integrating cybersecurity into the day-to-day lives of citizens through things like multifactor authentication.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Read more: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/cyberattacks-data-breaches\/why-cybersecurity-is-whole-of-society-issue\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">Why Cybersecurity Is a Whole-of-Society Issue<\/a><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Related: <\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a href=\"https:\/\/www.darkreading.com\/vulnerabilities-threats\/nist-needs-help-digging-out-of-its-vulnerability-backlog\" target=\"_blank\" class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link ContentText-BodyTextChunk_bold\" rel=\"noopener\">NIST Wants Help Digging Out of Its NVD Backlog<\/a><\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/remote-workforce\/ciso-corner-ivanti-mea-culpa-world-cup-hack-cyber-awareness\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to CISO Corner, Dark Reading&#8217;s weekly digest of articles<\/p>\n","protected":false},"author":12,"featured_media":2955,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-2954","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=1200%2C800&ssl=1",1200,800,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=300%2C200&ssl=1",300,200,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=640%2C427&ssl=1",640,427,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=640%2C427&ssl=1",640,427,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=1200%2C800&ssl=1",1200,800,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=1200%2C800&ssl=1",1200,800,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=1024%2C683&ssl=1",1024,683,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/04\/ciso-corner-ivantis-mea-culpa-world-cup-hack-cisos-cyber-awareness.jpg?fit=1200%2C800&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2954","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=2954"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/2954\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/2955"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=2954"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=2954"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=2954"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}