Cybersecurity Institute News Roundup 24 March 2025
Welcome to this week’s Cybersecurity Institute News Roundup: a weekly overview of the some of the most interesting news and articles that have caught our attention recently from across the cybersecurity industry. In this week’s roundup, we cover the Trump administration’s new cybersecurity team and policy taking shape, Google’s $32 billion dollar bet on cloud security startup Wiz, the repercussions of the second supply chain attack on GitHub, the rise of synthetic identity fraud in the UK, NIST’s ever-growing backlog of vulnerability submissions, and the UK’s plan for PQC preparedness and full migration by 2035.
Meet Trump’s new cyber team
From CISA to DoD and beyond, the new Trump administration is actively filling key cybersecurity leadership roles across the US federal government and military, while also signaling a new vision for the country’s cyber policy.
Google to acquire Wiz for $32B
At $32B, Google’s acquisition of Wiz will be the largest cybersecurity deal in history. Post close, Wiz will join Google Cloud to enhance AI-driven multi-cloud security.
GitHub attacked not just once, but twice
https://www.cybersecuritydive.com/news/supply-chain-github-exposure-secrets/742693/
Just days after a supply chain attack targeting code repositories using the popular GitHub software development environment was discovered, a second attack has been revealed. Both threats appear to be connected putting thousands of software development pipelines at risk.
Synthetic identities now account for close to a third of UK identity fraud
https://ffnews.com/newsarticle/synthetic-fraud-reaches-record-levels/
Credit reporting agency Experian cites a steep 60% year-over-year increase in financial synthetic identity fraud in the UK, largely driven by AI. Synthetic identity fraud now accounts for 29% of all identity fraud in that country.
NIST National Vulnerability Database backlog still growing
Despite NIST’s best efforts, the backlog of unanalyzed cyber vulnerabilities that have been submitted to the National Vulnerability Database (NVD) continues to grow. With a 32% increase in vulnerability submissions last year and expectations that 2025 will see even more, the agency is looking to machine learning to help clear up this growing backlog.
UK issues new PQC migration guidance
https://www.theregister.com/2025/03/20/ncsc_post_quantum_cryptogrpahy/
The UK’s National Cyber Security Centre (NCSC) has outlined three key milestones for organizational post quantum cryptography (PQC) preparedness starting with the development of a complete PQC migration plan by 2028 and ending with full PQC migration by 2035.
Be sure to share your thoughts on these stories in the comments and let us know what articles have caught your eye recently.
Service desk Engineer L2 Support| ITIL/ITSM practices on Incident/Case/Problem and service management. Power BI
4mo@
Service desk Engineer L2 Support| ITIL/ITSM practices on Incident/Case/Problem and service management. Power BI
4mo@ @