CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Cybersecurity and data protection budget allocation challenges

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Organizations face internal budget conflicts between cybersecurity, data protection, and cyber-resilience initiatives. These conflicts arise due to fragmented responsibilities across departments, leading to silos that complicate collaboration and weaken security posture. The challenge is exacerbated by evolving threats and the need for unified, proactive strategies that integrate prevention, detection, and recovery. Budget decisions are influenced by the difficulty in quantifying the value of security investments and the growing trend of vendor consolidation. Regulatory pressures also shape security strategies, often leading to compliance-focused rather than resilience-focused approaches. Effective cybersecurity now requires a holistic approach that aligns prevention and recovery strategies, fosters shared responsibility, and invests in tools that protect across the entire data lifecycle.

Timeline

  1. 14.08.2025 17:00 1 articles · 1mo ago

    Organizations struggle with budget allocation for cybersecurity and data protection

    Organizations face internal budget conflicts between cybersecurity, data protection, and cyber-resilience initiatives. These conflicts arise due to fragmented responsibilities across departments, leading to silos that complicate collaboration and weaken security posture. The challenge is exacerbated by evolving threats and the need for unified, proactive strategies that integrate prevention, detection, and recovery.

    Show sources
    Open in new tab

Information Snippets

  • Security responsibilities are often fragmented across different departments, leading to internal silos.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Cybersecurity teams focus on prevention, while data protection teams prioritize recovery, creating budget competition.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Leadership often views cybersecurity spending as an intangible cost, making it difficult to justify investments.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Vendor consolidation trends require new tools to prove significant enhancements without adding friction.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Regulatory pressures influence security strategies, often leading to compliance-focused rather than resilience-focused approaches.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Modern ransomware is more sophisticated, targeted, and damaging, using techniques like polymorphic malware and AI.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Traditional security tools struggle to detect subtle data-level compromises, highlighting the need for deeper inspection.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

  • Effective cybersecurity requires a unified approach that aligns prevention and recovery strategies and fosters shared responsibility.

    First reported: 14.08.2025 17:00
    1 source, 1 article
    Show sources

Similar Happenings

GitHub Strengthens npm Supply Chain Security with 2FA and Short-Lived Tokens

GitHub is implementing enhanced security measures to protect the npm ecosystem, including mandatory two-factor authentication (2FA) and short-lived tokens. These changes aim to mitigate supply chain attacks, such as the recent "s1ngularity", "GhostAction", and "Shai-Hulud" attacks, which involved a self-replicating worm and compromised thousands of accounts and private repositories. The measures include granular tokens with a seven-day expiration, trusted publishing using OpenID Connect (OIDC), and automatic generation of provenance attestations for packages. Additionally, GitHub is deprecating legacy tokens and TOTP 2FA, expanding trusted publishing options, and gradually rolling out these changes to minimize disruption. GitHub removed over 500 compromised packages and blocked new packages containing the Shai-Hulud malware's indicators of compromise. The company encourages NPM maintainers to use NPM-trusted publishing and strengthen publishing settings to require 2FA. Ruby Central is also tightening governance of the RubyGems package manager to improve supply-chain protections.

Open in new tab

Chinese State-Sponsored Actors Target Global Critical Infrastructure

Chinese state-sponsored Advanced Persistent Threat (APT) actors, specifically the Salt Typhoon group and a newly identified group named RedNovember, have been conducting sustained campaigns to compromise critical infrastructure networks worldwide. The campaigns aim to gain long-term access to telecommunications, government, transportation, lodging, and military networks. This activity has been detailed in a joint advisory by CISA, NSA, FBI, and international partners, including Canada, Australia, New Zealand, the UK, Czech Republic, Finland, Germany, Italy, Japan, the Netherlands, Poland, and Spain. The advisory provides intelligence on tactics used by these actors and recommends mitigations to strengthen defenses. The Czech Republic's National Cyber and Information Security Agency (NUKIB) has issued a warning instructing critical infrastructure organizations to avoid using Chinese technology or transferring user data to servers located in China. The agency has re-evaluated its risk estimate of significant disruptions caused by China, now assessing it at a 'High' level. The NUKIB has confirmed malicious activities of Chinese cyber-actors targeting the Czech Republic, including a recent APT31 campaign targeting the Czech Ministry of Foreign Affairs. The advisory highlights concerns over the transfer of system and user data to China, potentially misused by state, military, or political interests. The Czech government previously accused China of targeting its critical infrastructure through APT 31, an allegation denied by the PRC but condemned by the US, EU, and NATO. The advisory suggests that individuals and organizations consider restricting or prohibiting the use of products and services that transfer data to China. The campaign has targeted at least 600 organizations across 80 countries, including 200 in the U.S. The threat actors have exploited vulnerabilities in Cisco, Ivanti, and Palo Alto Networks devices to gain initial access and have modified routers to maintain persistent access and pivot into other networks. The advisory also notes that the APT actors may target other devices such as Fortinet firewalls, Juniper firewalls, Microsoft Exchange, Nokia routers and switches, Sierra Wireless devices, Sonicwall firewalls, etc. RedNovember has targeted perimeter appliances of high-profile organizations globally, including defense and aerospace organizations, space organizations, and law firms. The group has breached at least two U.S. defense contractors, a European engine manufacturer, and a trade-focused intergovernmental cooperation body in Southeast Asia. RedNovember has used the Go-based backdoor Pantegana and Cobalt Strike as part of its intrusions, along with the Spark RAT and LESLIELOADER. The group has also used VPN services like ExpressVPN and Warp VPN to administer and connect to servers used for exploitation and communication.

Open in new tab

MS-ISAC funding cuts threaten US state and local cybersecurity

The Multi-State Information Sharing and Analysis Center (MS-ISAC) faces funding cuts that will expire on September 30, 2025, potentially leaving state and local governments vulnerable to cyberattacks. Recent ransomware attacks on Nevada, St. Paul, the Lower Sioux Indian Community, and Pennsylvania underscore the growing threat to local governments. MS-ISAC, which detected over 40,000 potential cyberattacks in 2024, will have to start charging for its services without federal funding. This includes cyber threat analysis and threat intelligence distribution to critical infrastructure such as schools, hospitals, and utilities. The Center for Internet Security (CIS), which operates MS-ISAC, has been temporarily funding the center at a cost of over $1 million per month. Without reinstated funding, the MS-ISAC's services will be at risk, leaving many state and local governments unable to maintain the security of their public services.

Open in new tab