A recent survey by Ernst & Young LLP (EY US) highlights a significant gap in cybersecurity preparedness between younger and older generations in the workplace, with Gen Z and Millennials displaying less confidence in their ability to recognize and respond to cyber threats. The 2024 Human Risk in Cybersecurity Survey, which expands on initial findings from 2022, assesses the perceptions of 1,000 US employees on the role of artificial intelligence (AI) in cybersecurity. It reveals that 85% of workers believe AI has made cyber attacks more sophisticated, yet a substantial portion of the workforce is not confident in their ability to use AI responsibly. The findings underscore the importance of incorporating humans into cyber strategy, offering tailored upskilling and training for younger generations, and updating training protocols regularly to address AI-driven threats.

New EY research reveals cybersecurity fears are on the rise among US workers, with a vast majority concerned about AI in cybersecurity PR Newswire

The Cybersecurity and Infrastructure Security Agency (CISA) has extended the deadline for comments on its proposed cyber incident reporting regulation for critical infrastructure entities to July 3, following industry requests for more time. This extension aims to facilitate further feedback on a significant regulatory proposal aiming to enhance cybersecurity measures within critical infrastructure sectors. The extension announcement was made in a Federal Register notice and was highlighted by House Homeland Security cyber subcommittee Chairman Andrew Garbarino (R-NY) during a May 1 hearing focused on the rulemaking process.

CISA grants 30-day extension for input on incident reporting rule Inside Cybersecurity

The Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) have announced changes to the Cyber Safety Review Board (CSRB) membership, including both departures and new additions. Departing members include notable figures like Katie Moussouris, Chris Novak, Tony Sager, and Wendi Whitmore. Joining the board are cybersecurity experts Jamil Jaffer, David Luber, Katie Nickels, and Chris Krebs, with Luber taking over as the Federal CSRB representative from the retiring Rob Joyce, who will continue to serve as a private sector member. The CSRB, established by President Biden in 2022 to conduct fact-finding and issue recommendations following major cyber incidents, is committed to transparency and enhancing the nation’s cybersecurity resilience. The board's membership update signals a continued evolution in its role within the cybersecurity ecosystem.

DHS, CISA Announce Membership Changes to the Cyber Safety Review Board | Homeland Security Department of Homeland Security

The article highlights the increasing focus of ransomware attackers on compromising organizations' backups, illustrating a worrying trend that simply backing up data is not enough for protection. A report by Sophos reveals that 94% of surveyed organizations experienced attempts by cybercriminals to target their backups during ransomware attacks, leading to significantly higher ransom demands and payments when backups are compromised. The data emphasizes the critical importance of protecting backups through measures such as multi-factor authentication, suspicious activity monitoring, and regular recovery drills. With attackers successfully breaching backup defenses in various sectors, resulting in doubled ransom demands and significantly higher recovery costs, the article stresses the necessity for organizations to bolster their defenses around backup systems to mitigate the impacts of ransomware attacks.

Compromised backups send ransomware recovery costs soaring SC Magazine