Over the past year the world has borne witness to a burgeoning cybercrime economy and the rapid rise of cybercrime services. We have watched this global market grow in both complexity and fervency. We’ve seen the cyberattack landscape becoming increasingly sophisticated as cybercriminals continue—and even escalate—their activity in times of crisis. New levels of supply chain and ransomware attacks were a powerful reminder that we must all work together, and in new ways, to protect the cybersecurity of the planet.

We see transparency and information sharing as essential to the protection of the ecosystem. Knowledge brings power, and to that end, security professionals need diverse and timely insights into the threats they are defending against.

Microsoft serves billions of customers globally, allowing us to aggregate security data from a broad and diverse spectrum of companies, organizations, and consumers. Informed by over 24 trillion security signals per day, our unique position helps us generate a high-fidelity picture of the current state of cybersecurity, including indicators that help us predict what attackers will do next. Our goal in creating the Microsoft Digital Defense Report is to bring together integrated data and insights from more teams, across more areas of Microsoft than ever before. We will share what we’re seeing to help the global community strengthen the defense of the digital ecosystem, and we will include actionable learnings that companies, governments, and consumers can use to further secure individuals and environments.

Click to download

NIST continues to coordinate a National Cybersecurity Awareness and Education Program that includes activities such as the widespread dissemination of cybersecurity technical standards and best practices; efforts to make cybersecurity best practices usable by a variety of individuals and stakeholders; increasing public awareness of cybersecurity, cyber safety, and cyber ethics; increasing the understanding of the benefits of ensuring effective risk management of information technology and the methods to mitigate and to remediate vulnerabilities; supporting formal cybersecurity education programs at all levels to prepare and improve a skilled cybersecurity workforce; and promoting initiatives to evaluate and forecast future cybersecurity workforce needs of the Federal Government and develop strategies for recruitment, training, and retention.

National Initiative for Cybersecurity Education

The National Initiative for Cybersecurity Education (NICE) is a partnership among government, academia, and the private sector. NICE is focused on cybersecurity education, training, and workforce development. NIST’s leadership of the program helps position it to support the country’s ability to address current and future cybersecurity challenges through standards and best practices.

NICE’s mission is to energize and promote a robust network and ecosystem of cybersecurity education, training, and workforce development. This mission supports the vision of helping to secure the nation by increasing the number of skilled cybersecurity professionals.

Click to download

Many artificial intelligence (AI) technologies rely on enormous amounts of data – which may include personal information – in order to train and test algorithms. When Victorian public sector (VPS) organisations collect personal information to train an AI model, feed personal information into an AI system, or use AI to infer information about individuals, the Information Privacy Principles (IPPs) of the Privacy and Data Protection Act 2014 (PDP Act) apply.

The purpose of this guidance is to assist VPS organisations to consider their privacy obligations when using or considering the use of personal information in AI systems or applications. It will cover the collection, use, handling and governance of personal information within this context. Organisations should also conduct a privacy impact assessment (PIA) when designing or implementing AI systems, to help identify potential privacy risks associated with the collection and use of personal information in the AI system. PIAs are discussed later in this guidance.

What is AI? Artificial intelligence, or ‘AI’, is a way for computers to perform tasks that require abstraction and which would ordinarily be performed by humans. AI is used as an umbrella term to describe a collection of different techniques and technologies, including machine learning, speech recognition, natural language processing, robotics, and predictive analytics. AI is present in many of the day-to-day interactions in our personal lives – for example, when we give voice commands on our mobile phones, or the movie recommendations on streaming services.

The use of AI applications and systems is also growing in the public sector, enabled by the generation, availability and variety of sources of data accessible to government. Organisations are increasingly turning to AI to help carry out their functions, automate decision making processes, inform policy, and deliver services to the public. Common applications of AI include identifying objects, making predictions, translating language and processing very large amounts of information. For example, an increasingly common use of AI in the public sector is the use of chat bots to provide customer service and advice to individuals on a website.

While the use of an AI system to process personal information can deliver significant benefits, VPS organisations should consider whether the deployment of such a system is necessary to address an identified problem, and whether it is the best solution to that problem – AI systems should not necessarily be deployed simply because they are available.

Click to download

Pacific Island countries have unique demographic attributes characterized by low and scarce populations and high migration rates. Due to this, the economic heft of the Pacific Islands is also limited, with a cumulative regional GDP of USD 32 billion (GDP per capita of USD 3,600) as of 2020, as compared to neighboring Australia with ~USD 1.3 trillion (GDP per capita of USD 51,812).

The Pacific Islands are also one of the least densely populated regions in the world, with ~34 people per square kilometre. Apart from the demographic constraints, the Pacific Island countries have limited natural resources and a large proportion of the Pacific Islander population living overseas in Australia and New Zealand, thus leaving the region highly dependent on inward remittances.

Despite efforts taken by individual Pacific Island countries to develop payments infrastructure, several challenges have constrained progress. Firstly, the demographic challenge of small and scarce populations, characterized by low economic resources and poor financial and technology literacy rates, has limited the uptake of newer technologies.

Secondly, the ecological fragility of the countries’ locations makes infrastructure projects such as undersea data cables challenging. Thirdly, the current payment infrastructures are not interoperable, making cross-border transactions highly cumbersome. Finally, a lack of uniform regulations to govern digital payments, rigid existing regulatory requirements, and the lack of ancillary regulations covering areas such as data privacy and cybersecurity further exacerbates the challenge and has left one-third of the region’s population lacking access to formal financial services.

Click to download

To help you investigate the vast expanses of the open, deep, and dark web, Authentic8 engineers used Silo for Research (Toolbox) to build a list of 21 useful tools that could make your research work easier and more productive. OSINT Framework indexes a multitude of connections to different URLs, recommending where to look next when conducting an investigation.

It also provides suggestions on what services can help analysts find specific data that might aid in their research. Few tools offers to perform reverse name, address and phone number look up and returns high-level information on any individual or business.

Click to download