This Week's Top 5 Stories in Cybersecurity

What is Signal, the Messaging App Used by Trump Officials?

Messaging app Signal is dominating headlines after the White House confirmed senior US officials used it for a secret group chat. 

Atlantic Editor-in-Chief Jeffrey Goldberg was added to the chat, where United States national security officials including Defence Secretary Pete Hegseth and Vice President JD Vance discussed strike plans targeting the Houthi group in Yemen. 

Goldberg published an article on 24 March detailing how he was added to the Signal group, explaining that at first he “didn’t think it could be real”.

The US National Security Council has since said the message chain “appears to be authentic” – the Atlantic published a transcript of the text messages on Wednesday 26 March. 

The use of Signal to allegedly discuss highly sensitive military operations and the inadvertent sharing with Goldberg has raised questions about the app, including around its level of security against malicious actors. 

Democrat Senate leader Chuck Schumer said the episode is “one of the most stunning” military intelligence leaks in history. 

Inside the UK Government's Cyber Security & Resilience Bill

The UK’s digital economy is vital to the nation’s success, underpinning technology and innovation, key infrastructure, businesses and essential public services.

But as a result of its importance, the technologies driving growth across these sectors are also increasingly vulnerable to attacks by cyber criminals.

In particular, hospitals, universities, local authorities and key institutions face a growing and complex range of threats. Recent cyber attacks affecting the UK Ministry of Defence and the National Health Service (NHS) demonstrated the potential severity of the attacks. 

In September 2024, the UK Government announced the Cyber Security and Resilience Bill to address these challenges. It is designed to protect essential digital services, update critical infrastructure and security frameworks, and make supply chains and energy services more secure. 

KPMG: How Geopolitical Disruption is Increasing Cyber Risk

The world is in an era of unprecedented global change, with businesses navigating a complex geopolitical environment typified by uncertainty and the potential for profound operational impact. 

According to KPMG, this shifting environment has topped leadership concerns for several years. 

The difference now is a realisation that many of the worst fears are shifting from potential or hypothetical to reality. 

The consulting firm’s Top Geopolitical Risks 2025 report examines this volatile enterprise environment in more detail and provides a comprehensive analysis of the five most pressing challenges leaders expect to face. 

Cyber attacks and the threat of malicious actors, particularly in areas such as supply chains, critical infrastructure and core assets rank highly. 

GitLab: Addressing the Roots of Enterprise Security Issues

GitLab’s survey of DevSecOps professionals revealed several issues related to organisational culture that could inhibit greater alignment between engineering and security teams. 

A majority (62%) of UK security professionals said they have difficulty getting developers to prioritise remediation of vulnerabilities, and 52% said that red tape often slows their efforts to fix vulnerabilities quickly. 

Security professionals also pointed to several specific challenges related to their jobs, including difficulty understanding security insights, excessive false positives and testing happening too late in the software development cycle.

DevSecOps promises stronger integration between engineering and security, but it’s clear that frustrations and misalignment remain. 

That’s because these challenges are symptoms of a more significant problem with how organisations view security, how teams work together and how they allocate time to security.

European Commission Earmarks €1.3bn for Cybersecurity & AI

The European Commission has adopted a €1.3bn work programme to cover cybersecurity, AI and digital skills for businesses and public organisations in the EU. 

The programme, to be delivered between 2025 and 2027 under the Digital Europe Programme (DIGITAL), is designed to boost access to key technologies critical for the continent’s tech sovereignty and improve security posture.

It aims to enhance cyber resilience through solutions like the EU Cybersecurity Reserve, which will improve the security of critical infrastructure such as healthcare institutions and submarine cables. 

The programme targets the deployment and uptake of digital technologies across the public and private sectors and will focus on areas such as AI, cloud computing, cyber resilience and advanced digital skills. 

It will also support public services and education providers through targeted digital upgrades. All initiatives are set to align with existing EU legislation, such as the Artificial Intelligence Act.

Explore the latest edition of Cyber Magazine and be part of the conversation at our global conference series, Tech & AI LIVE and Cyber LIVE.

Discover all our upcoming events and secure your tickets today.

Cyber Magazine is a BizClik brand