Google Public Policy’s Post

Smart Cities Council (SCC) global member XQ Message has been added as an Amazon Web Services (AWS) partner to their Zero Trust Government solutions. XQ's inclusion in AWS's solution stack marks a significant milestone after a year of rigorous testing by AWS.    This AWS solution aims to strengthen federal data security and accelerate Zero Trust compliance, allowing organizations to stay focused on their core missions. By bolstering cyber defenses the AWS Zero Trust for Government solution unites private-sector security leaders to assist federal agencies, including the Department of Defense, in securing their environments and meeting the requirements of the 5/12/21 Executive Order on Improving the Nation’s Cybersecurity.   XQ’s Zero Trust Data is a new security architecture where a different encryption key is used for every data object and access is only allowed after multiple checks. More importantly, XQ’s solution generates detailed logs on every transaction. From the perspective of the Smart Cities Council, this development enables cities to offer the highest level of privacy to their citizens by ensuring their data is safe from cyberattacks or misuse.    For more details, visit the AWS Zero Trust for Government Partnership page. https://lnkd.in/gYFg_PKd

Learning many new aspects of security at reInforce

🕵♀️ #HiPEACinfo72: Your cybersecurity 101 If you haven't read #HiPEACinfo72 yet, you're missing out. Learn how the Neuropuls project is using #photonics-based hardware security primitives for robust, yet lightweight, cybersecurity layers. Find out how #MachineLearning is becoming a key tool in the constant fight against attacks, from communications (as in SAFE-6G) to the cloud (as in Vitamin-V Project-V). Explore key cybersecurity concepts from #ZeroTrust to #MemorySafety, and find out how the HiPEAC community is working to keep computing systems great and small safe from harm – including with the ORBIK Cybersecurity spinoff from IKERLAN. Download it today! 👉 https://lnkd.in/dezftiVj Fabio Pavanello | Ramon Canal | Codasip | John Wickerson | Ron Black | Salva Trujillo | Paolo Palmieri | Sascha Uhl | virginia niculescu

What a comprehensive snapshot of the main cybersecurity work going on in Europe! Thanks HiPEAC for including our work on 👺 malware/hardware attack detection 🔎 technologies in the #HiPEACinfo72. An inspiring summer 🏖 📖 read for sure!

Zero-Days Exploited In-the-Wild in 2023 report from Google has some salient points to think about: 1.Increasing zero-day exploits targeting enterprise with more focus on security software and appliances. 2. Zero-day vulnerabilities in third party components and libraries were a prime attack surface in 2023 as they're affecting multiple products With Gen-AI already in the adoption and Quantum computing making things at⚡️speed we're not far from the days of machines fighting/defending against machines. Human cyber analyst will be by exception not by choice by 2030 is what I feel. what you think 🤔? #AttackSurfaceManagement Image Credit: Google’s Threat Analysis Group (TAG)

Must read for people interested in how cybersecurity is constantly changing.

DDoS Attack Cases The following articles will help you better understand some of the larger DDoS attack cases in recent history. Each case is unique. When you are reading these articles, pay close attention to the methods used. 1. Biggest DDoS Attacks as of August 2017 https://lnkd.in/dh4pcw2E 2. Akamai on the Record KrebsOnSecurity Attack https://lnkd.in/dQb9q2ae 3. Usenix Enigma 2017, Drawing the Foul: Operation of a DDoS Honeypot, by Damian Menscher, Security Reliability Engineer, Google. https://lnkd.in/dsPRJPJD and the viewgraphs used https://lnkd.in/dnHUM2Tg It contains a lot of statistics and nature of large scale DDoS attacks.

Richard T. from SOCRadar® Extended Threat Intelligence talks about how the Deep Web and the Dark Web are often misunderstood terms, both referring to parts of the internet not indexed by traditional search engines like Google. Learn more about the utilization of dark web and surface threat discovery for meaningful conversations with customers, guiding them in making informed investment decisions in cybersecurity here: https://lnkd.in/egDZrc93

📆 Mark your calendars for March 5th! The #CyberModSummit is approaching fast. Dive deep into the world of cybersecurity with leaders from the state and local government and higher education communities. Register now and don't miss out: https://lnkd.in/eMVmmb9T

I rarely do this. However I feel it’s important to make sure that people are not led up the garden path by a charlatan and cybersecurity misinformation peddler like Andy. He would have you believe every single cybersecurity incident is a result of insecure DNS servers (ask DFIR teams how often that’s been the case, please - it’s almost never that). You might think it’s harmless but here’s why it isn’t: 1️⃣ It distracts people from the actual most common exploit routes and attack vectors. 2️⃣ It diverts attention and funding away from securing the actual holes in the security posture of businesses that buy into his delusions. 3️⃣ It lulls people who fall victim to his lies into a false sense of security. 4️⃣ Andy and his firm will profit while their victims suffer needlessly by misdirecting their efforts and believing themselves to be secure.