Blushes Aplenty, Faulty Sniffers, Not So Gentle Persuasion, A Different Kind of Condiment, and Testing the Boundaries - from Two Different Angles. It's CISO Intelligence for Monday, 29th September 2025.

Table of Contents

1. The Irony of 'Secure' Security Providers Getting Hacked
2. The Teen Techies That Cried Wolf: Dutch Heist Capers Against Europol
3. ERP: Extremely Restricted Practices? The EU Takes Aim at SAP
4. Who is Salt Typhoon Really? Unraveling the Attribution Challenge
5. The Breach of Imagination: Rethinking Security with BAS
6. Could Your Factory Survive a Ransomware Attack in 2025?

The Irony of 'Secure' Security Providers Getting Hacked

When security companies lead by example...of how not to secure your systems.

What You Need to Know

A known company specializing in software for monitoring sex offenders, terrorists, and hackers has reportedly fallen victim to a cyberattack. This breach has exposed sensitive data, compromising the trust and effectiveness of security measures we believed to be foolproof. Board members and executive management are urged to reassess current cybersecurity protocols and reinforce defenses. Immediate action and thorough reviews are crucial to mitigate any potential damages and restore faith in security solutions.

CISO focus: Incident Response & Vendor Management
Sentiment: Strong Negative
Time to Impact: Immediate

Hackers have struck again, this time targeting a company ironically involved in offering what should be airtight security solutions. This breach is not only a breach of data but a breach of trust, underlining how critical it is for even the purveyors of cybersecurity to not become complacent.

Breach Unveiled

In a shocking turn of events, a prominent company providing software to monitor and report activities of sex offenders, terrorists, and hackers, among others, has been breached. Sensitive data concerning surveillance tactics and personal information may now be in the hands of cybercriminals. The implications are manifold — from potential endangerment of lives to undermining law enforcement operations relying on this data.

Details of the Breach

• Target: A firm dealing in critical surveillance and security software.
• Compromised Data: Personal information of those monitored and potentially sensitive proprietary systems details.
• Immediate Impact: Disruption in monitoring operations and serious questions about vendor security posture.

Why It Matters

The breach presents a dire image of the current state of cybersecurity, especially among those whose very business is trusted to fortify digital defenses. The ripple effects of such an invasion could potentially disturb public safety and national security landscapes.

Implications for Security Software Users

Entities that employ software from this breached organization now face heightened threats to their own systems. Dependencies on this firm for critical security functionalities are now liabilities until definitive measures are taken to rectify vulnerabilities.

Response and Next Steps

The security breach has put executives on notice to conduct an urgent reassessment of existing cybersecurity protocols:

• Review: An immediate audit of all systems and processes influenced by the breached vendor.
• Policy Reinforcement: Tightening of access controls and thorough review of credentials across network ecosystems.
• Communication: Engage stakeholders promptly and effectively to inform them of potential risks and mitigation steps.

The Monstrous Irony

As entities rely on software from such companies to detect threats, an attack of this order reveals significant gaps in what might have been perceived as a secure offering. The irony is inescapable — a company shaping the landscape of digital safety has fallen prey to the very thing it stands against.

Strengthening External Vendor Relations

This event emphasizes the need for diligence beyond internal measures. Organizations must foster robust relationships and conduct rigorous due diligence with third-party security vendors, treating vendor relationships as extensions of their own cybersecurity ecosystem.

Reinforcing Your Cyber Defenses

In light of this breach, organizations need to reinforce their internal defenses by:

• Performing immediate risk assessments.
• Revising and tightening data handling policies.
• Mandating cybersecurity training for everyone across the organization.
• Adopting a zero-trust framework to ensure stringent verification processes at every access point.

The Real Cybersecurity Show Must Go On

Even as security companies face breaches themselves, the role of robust cybersecurity cannot diminish. The episode serves as a grim reminder that cybersecurity is an evolving domain and demands continued vigilance, innovative defenses, and a culture of proactive risk management.

Vendor Diligence Questions

1. What are the current security measures in place at your organization to prevent unauthorized access or data breaches?
2. How often are your systems audited, and can you share the results of your last security audit?
3. What incident response plans are in place should a cybersecurity breach occur, and how quickly are they activated?

Action Plan

1. Immediate Risk Assessment: Conduct a thorough audit of your current systems to identify potential vulnerabilities.
2. Security Policy Update: Revise security policies with a focus on vendor interactions and data handling procedures.
3. Staff Training: Implement cybersecurity training focused on threat recognition and incident response.

Sources:

• Source: Databreaches.net, "Company that sells software for monitoring sex offenders, terrorists, and hackers was hacked".
• Cybersecurity and Infrastructure Security Agency (CISA)
• National Institute of Standards and Technology (NIST)

--

The Teen Techies That Cried Wolf: Dutch Heist Capers Against Europol

Two kids, a WiFi sniffer, and an international conspiracy—who saw that coming?

What You Need to Know

In a stunning case of unlikely cyber espionage, two Dutch teenagers were arrested for allegedly engaging in espionage activities against Europol on behalf of Russia. Employing rudimentary hacking devices known as WiFi sniffers, these teens targeted locations such as the Europol and Eurojust offices in The Hague. The CISO focus is espionage via wireless networks, with a strong negative sentiment attached due to the implications for national security. Immediate action is warranted as the time to impact is immediate. Executive management needs to review current cybersecurity measures, particularly around WiFi security and communications equipment near sensitive offices, and prepare for increased scrutiny and potential policy overhaul.

CISO Focus: Espionage via Wireless Networks
Sentiment: Strong Negative
Time to Impact: Immediate

In an audacious exploit, two Dutch teenagers were detained after attempting to use hacking techniques to spy on European institutions for Russia. Arrested by Dutch authorities, the teens, aged 17, reportedly employed WiFi sniffers—devices designed for sniffing out and intercepting WiFi signals—to monitor activities at prominent institutions like Europol, Eurojust, and even the Canadian embassy in The Hague.

Cyber Espionage's Raw Youth

The grave nature of the act stems not only from the espionage against critical institutions but also the shockingly young age of the perpetrators. The trend of recruiting easily influenced youths for espionage purposes, as seen previously in minor vandalism and sabotage cases in Germany, provides a concerning trajectory for cybersecurity professionals worldwide. The ramifications of young, tech-savvy individuals being drawn into geopolitical chess games are profound, necessitating robust countermeasures and policy adjustments to deter youth recruitment by hostile entities.

Tactical WiFi Intrusion

WiFi sniffers used by these teenagers are hardware designed to intercept and analyze WiFi signals by receiving radio signals across channels. These gadgets typically serve as tools in the initial stages of a more elaborate attack, yet remain significant threats when wielded against high-value targets. As detailed in a 2024 report by cybersecurity firm Volexity, Russian APT28 hackers have leveraged even basic WiFi networks to mount complex attacks, using techniques like the "nearest neighbor attack" to penetrate U.S. firms' defenses via a nearby organization's WiFi.

Implications for Institutional Security

This episode underscores the lurking vulnerabilities in the wireless networking infrastructure ubiquitous in modern institutions. Security strategists must pivot quickly, enhancing safeguards against unauthorized access and reconnaissance efforts by malign entities. The immediate lesson is clear: WiFi systems near sensitive installations must be fortified both physically and virtually to forestall similar incursions.

Revealing A Larger Game Plan

This episode is emblematic of broader strategic objectives shadowed in cyber fog. By targeting such prominent entities, there's an implication of substantial intelligence-seeking efforts designed perhaps more for headline-stealing shock than achievable data theft. This evokes a storied narrative of espionage intending to project fear and influence over genuine extraction of information.

Driving Forward

To promulgate an effective cybersecurity stance, emphasis must shift towards proactively identifying and securing potential vulnerabilities before they become exploitable threats. Given the escalating scale and sophistication of these threat actors, a comprehensive revision of security protocols especially around public-facing wireless communications is prudent.

Vendor Diligence Questions

1. What protocols do you offer for enhancing the layers of security in public-facing wireless networks?
2. How do your solutions detect unauthorized access attempts within proximity to secure sites?
3. What measures can be put in place to prevent devices similar to WiFi sniffers from intercepting institutional data?

Action Plan

1. Conduct an immediate audit of all wireless networks associated with the organization, focusing on control and access restrictions.
2. Work with law enforcement and cybersecurity agencies to update and enforce protocols targeting infiltration tactics like those used in WiFi sniffers.
3. Launch a security awareness campaign targeted at youth in the tech community to discourage recruitment approaches by foreign entities.

Source: Bleeping Computer

More of this gripping tale awaits as we delve into the strange world where teenagers and state espionage collide.

Sources: Bleeping Computer, Volexity Report (2024), De Telegraaf

ERP: Extremely Restricted Practices? The EU Takes Aim at SAP

When enterprise software goes on its own little power trip, the EU starts asking tough questions.

What You Need to Know

The European Commission has launched an investigation into SAP, a leading player in the ERP software market, over alleged anti-competitive practices. At the center of the scrutiny is the interoperability of SAP's software support frameworks, which the EU suspects might be designed to stifle competition. Executives should be aware that regulatory pressures on major vendors like SAP can lead to changes in business operations and software procurement strategies. Boards should ensure their companies are aligning with fair use and competitive practices to mitigate any related risks.

CISO Focus: Regulatory Compliance
Sentiment: Negative
Time to Impact: Short (3-18 months)

EU Investigates SAP’s ERP Practices: A Deeper Dive

The European Commission is setting its sights on SAP, a tech giant in the ERP (Enterprise Resource Planning) domain, for potentially leaning heavily on its dominant market position to suppress competition. This investigation underscores a broader effort by the EU to keep major technology firms in check and to ensure fair competition remains the backbone of the industry. Here's what you need to know.

Allegations and Potential Implications

At the heart of this investigation are concerns about SAP's software support structures, specifically how they might restrict interoperability with third-party services. Such practices, if proven, could mean that SAP is leveraging its dominance to unfairly curb competitors by making it difficult for businesses to switch to other service providers. The implications are significant, ranging from potential fines for SAP to a reshuffling of service provider options for enterprises relying on ERP solutions.

Key Points of Interest

• ERP and Market Dominance: SAP's ERP systems are deeply integrated into the management processes of many enterprises globally. The potential misuse of this integration to limit third-party service access raises questions about market dominance.
• Regulatory Crackdown: This investigation is part of a broader EU crackdown on major tech companies believed to be engaging in monopolistic practices. Should the EU find evidence of anti-competitive behavior, SAP might face stringent penalties and could be forced to alter its business practices.
• Impact on Businesses: Enterprises using SAP's services may have to reconsider their partnerships and evaluate if their systems’ interoperability is truly in their best interest.

The EU’s Intent

Margrethe Vestager, European Commissioner for Competition, articulated the EU's commitment to maintaining a competitive market, stating that the focus is on ensuring that no company abuses its size for unfair advantage. With the increasing consolidation in the tech space, this probe into SAP could be just the beginning, as the EU looks to scrutinize other tech behemoths.

Historical Context: Not the First Rodeo

SAP is no stranger to scrutiny but having the European Commission probe allegations of anti-competitive activities may represent a significant challenge. Historically, tech firms embroiled in these investigations face both financial penalties and reputational damage. For SAP, public perception could hinge on not only the investigation's outcome but on their transparency and responsiveness to the EU's concerns.

A Ripple Effect Through the Industry

SAP's case has heightened awareness across the industry about compliance with competition laws. Vendors and enterprises are prompted to evaluate their systems and ensure that their services do not inadvertently hinder fair competition.

Navigating the Future

For SAP, navigating the regulatory labyrinth and ensuring alignment with competition laws will be crucial in sustaining its market dominance. Moreover, this could catalyze other firms to explore alternative ERP solutions, disrupting current market dynamics.

Vendor Diligence Questions

1. How does the vendor ensure compliance with EU competition laws and practices?
2. What are the interoperability measures in place with third-party services, and how are these communicated to customers?
3. Has the vendor been historically compliant with antitrust regulations, and what steps have they taken to address any past issues?

Action Plan

1. Evaluate existing SAP contracts and analyze dependencies on their proprietary support structures.
2. Develop a roadmap for enhancing interoperability with third-party solutions as part of risk mitigation strategies.
3. Establish a task force to monitor regulatory communications and emerging compliance requirements directly affecting ERP deployment.

Source: EU probes SAP over anti-competitive ERP support practices

Who is Salt Typhoon Really? Unraveling the Attribution Challenge

Attribution: Where Everyone's Guilty Until Proven Innocent

What You Need to Know

In the multifaceted world of cyber espionage, "Salt Typhoon" has emerged as a purportedly state-sponsored group with potential links to Chinese companies, posing serious attribution challenges. The Executive Management is expected to assess the immediate threat to organizational security postures, understand the geopolitical implications, and consider engaging legal and diplomatic channels as necessary.

CISO focus: Threat Attribution and State-Sponsored Actors
Sentiment: Neutral
Time to Impact: Immediate

In late August 2025, a joint cybersecurity advisory lifted the curtain on a nebulous threat actor known as "Salt Typhoon." Allegedly tied to several Chinese companies, this elusive group leaves governments and enterprises hustling to decipher their digital signature amidst an obscured geopolitical landscape. Let's explore what makes Salt Typhoon the current focal point in the intricate game of cyber cat and mouse.

Who Are the Unlikely Suspects?

The joint advisory named three Chinese entities: Sichuan Juxinhe Network Technology Co., Ltd., Beijing Huanyu Tianqiong Information Technology Co., Ltd., and Sichuan Zhixin Ruijie Network Technology Co., Ltd. These companies are suspected of providing essential services to Salt Typhoon and related groups like OPERATOR PANDA, UNC5807, and GhostEmperor.

The key issue? Proving these ties. Despite the U.S. and its allies' reputation for top-tier cyber-sleuthing, attribution in the digital wild west rarely yields a smoking gun. Mischief-makers often encrypt communication, adopt transient digital footprints, and exploit globalized supply chains to muddy the waters.

Why Is Attribution A Challenge?

Three elements blur the attribution lines: plausible deniability, phishing expeditions, and bureaucratic diffusion. Nations use the digital realm to softly assert influence, complicating the identification of state goals within cyber offensives. Each phishing link clicked or Trojan deployed skews motives and falls short of absolute conclusive evidence, leaving space for international dispute and diplomatic chess games.

Chinese firms operate in an environment where state influence is assumed, making attribution a systemic rather than individual problem. Such mingling entangles the global supply chain in an inescapable web of financial interests and opaque ownership, leaving networks scrambling to fortify defenses against an amorphous adversary.

Why Salt Typhoon Matters to Your Bottom Line

While Salt Typhoon may appear as just another state-aligned actor, its theoretical operations underscore wider implications — IP theft, data manipulation, and potential kinetic cyber warfare capabilities. These could disrupt business operations, destabilize markets, and cause regulatory headaches globally.

Enterprises must enhance defenses proactively. Maintaining vigilance in vendor management and cybersecurity policy formulation isn't just wise; it's imperative. The lesson? Assume compromise is imminent and proceed accordingly.

Deep Diving into Cyber Surveillance and Espionage

How should companies act? First, enhanced threat intelligence sharing becomes paramount. Collective knowledge tightens the gaps Salt Typhoon and its ilk exploit. Second, differentiate legitimate cyber activity from hostile engagements by cross-referencing data from trusted CISOs, cybersecurity agencies, and intelligence communities.

For investment, consider analytics tools leveraging AI to flag anomalous network behavior, spinning a web tight enough to catch subtle intrusions. Retaining seasoned cybersecurity experts also allows for contextual interpretation of data — crucial in matching the Titanic stakes of cyber survivability.

The Advocacy for Diplomatic Hunts

Navigating Salt Typhoon's currents demands global policy collaboration. Harmonizing sanctions can exert international pressure while supporting obligations to cybersecurity in trade agreements advances the hunt for digital invaders. Such policies underscore a significant lesson: cyber peace relies as much on communication as algorithms do.

Pondering the High Seas Metaphorically

In conclusion, as enterprises fathom Salt Typhoon's depth, they realize it's about navigating the high seas without a compass in a storm of zero-days. In today's climate, sailing portraits of code like Salt Typhoon epitomize evolving challenges, injecting urgency into our collective cyber wisdom.

Vendor Diligence Questions

1. What measures does the vendor have in place to prevent unauthorized modifications to your workstations?
2. How does the vendor assess the potential risks posed by state-sponsored groups such as Salt Typhoon?
3. Can the vendor demonstrate compliance with international cybersecurity standards and regulations?

Action Plan

1. Risk Assessment Review: Conduct an immediate review of all vendor relationships and supply chain vulnerabilities.
2. Cyber Drill Execution: Initiate company-wide cybersecurity drills simulating supply chain attacks and intrusions.
3. Update Threat Detection Systems: Ensure all systems incorporate the latest threat intelligence feeds and patches.

Source: https://nattothoughts.substack.com/p/who-is-salt-typhoon-really-unraveling

The text above has been carefully paraphrased for brevity and clarity from the original source provided. For full details, please visit the link above.

The Breach of Imagination: Rethinking Security with BAS

"Think your defenses are airtight? BAS begs to differ."

What You Need to Know

The cybersecurity landscape is evolving, and adversaries are getting smarter. Breach and Attack Simulation (BAS) solutions offer a proactive approach to testing the resilience of your security infrastructure. Executives need to prioritize these simulations to anticipate potential threats and ascertain the strength of existing defenses. They're expected to allocate resources for integrating BAS into the current security protocols, collaborating with IT and security teams to use BAS insights for fortifying defense mechanisms.

CISO Focus: Cyber Defense Enhancement
Sentiment: Positive
Time to Impact: Short (3-18 months)

Recalibrating Security with BAS

In an ever-evolving threat landscape, organizations are shifting from reactive to proactive strategies with Breach and Attack Simulation (BAS). This new frontier in cybersecurity replicates real-world cyberattack scenarios to test the mettle of your defenses, offering a reality check for even the most seasoned security setups. With cyber threats growing increasingly sophisticated, relying solely on traditional defenses could be a recipe for disaster.

Proactive Over Reactive

The persistent question of "how secure are we?" remains unanswered for many organizations. BAS steps into this vacuum by allowing companies to continuously validate the effectiveness of their cybersecurity measures. Instead of dealing with the aftermath of a breach, security teams can preemptively detect vulnerabilities that would otherwise go unnoticed until exploited by malicious actors.

Why BAS is the Future

1. Realistic Attack Simulation:

   • Unlike conventional penetration testing, which may only occur annually, BAS offers continuous threat simulations, mimicking evolving attack vectors hackers use in real-time.

2. Cost-Effective:

   • BAS solutions are notably less expensive than potential losses from a significant breach, allowing organizations to test cybersecurity postures without the hefty price tag of actual damage.

3. Improvement in Incident Response:

   • BAS not only tests defenses but also assists in fine-tuning incident response procedures, ensuring that when an attack does happen, the organization can contain and neutralize threats swiftly.

Implementing BAS: Challenges & Opportunities

Despite BAS being a powerful ally in the cybersecurity armory, its implementation isn't devoid of challenges. The primary hurdles include the initial setup complexity, potential integration issues with existing IT infrastructure, and the need for continuous updating of threat scenarios. However, these are surmountable with a dedicated and skilled security team.

Why Every CISO Should Consider BAS

1. Peace of Mind:

   • Regular simulations ensure that defensive strategies are robust against the latest threats, easing the worry of unknown vulnerabilities lurking within the network.

2. Data-Driven Decisions:

   • Armed with insights from BAS, CISOs can prioritize fixing the most critical vulnerabilities based on real-world attack patterns, optimizing resource allocation for maximum impact.

3. Compliance Booster:

   • Given the ever-tightening regulatory landscape, BAS supports compliance efforts, showcasing to regulatory bodies that proactive measures are in place to protect sensitive data.

Vendor Diligence Questions

**

1. How frequently are the BAS threat scenarios updated to reflect the latest cyber threats?
2. What is the process for integrating the BAS solution with existing security tools and systems?
3. Can the BAS solution provide customizable reporting for compliance and audit purposes?**

Action Plan

1. Evaluate Current Security Landscape:
   Conduct a comprehensive assessment of existing cybersecurity measures to identify potential integration points for BAS.

2. Select the Right BAS Vendor:
   Research and engage with BAS vendors that align with organizational security goals and infrastructure capabilities.

3. Develop a Testing Schedule:
   Establish a routine for conducting BAS exercises, focusing initially on high-risk areas before expanding to other aspects of the network.

4. Training and Skill Development:
   Ensure that security personnel are trained in interpreting BAS findings and implementing appropriate countermeasures.

5. Monitor and Review Outcomes:
   Continuously analyze the outcomes of BAS exercises, updating security protocols and incident response plans as necessary.

Source: Crash Tests for Security: Why BAS Is Proof of Defense, Not Assumptions

Could Your Factory Survive a Ransomware Attack in 2025?

Ransomware loves factories—when supply chains are your Achilles' heel!

What You Need to Know

Ransomware attacks have surged in 2025, and manufacturing is their prime target. As leaders, understanding that industrial operations stand on the frontline is crucial. The emphasis needs to be on addressing software vulnerabilities and strengthening identity management. Executive teams must prioritize investing in sophisticated cybersecurity defenses and cultural change to mitigate risks effectively.

CISO focus: Ransomware Targeting Industrial Systems
Sentiment: Strong Negative
Time to Impact: Immediate

In the digital battleground of 2025, factories stand vulnerable at the front line of ransomware attacks. This year, manufacturing has absorbed the majority share of these assaults, with criminals exploiting software flaws and hijacking logins to breach systems. The "State of Ransomware 2025" report by Sophos underscores exploited software vulnerabilities as the predominant technical root cause for these breaches, outranking compromised credentials and malicious emails.

Why Factories?

Recent data from Cybernews highlights factories as the prime targets due to the critical role they play in global supply chains. As ransomware groups evolve, their tactics shift towards entities with the most leverageable assets. This reality sets a daunting stage for schools and local governments, which face collateral damage as attackers refine their methods.

Method of Infiltration

Interestingly, the strategies of cyber adversaries are changing faster than the defense mechanisms. CrowdStrike’s 2025 Global Threat Report shows a notable increase in "malware-free, identity-based" intrusions. Cyber criminals are increasingly leveraging valid accounts, remote management tools, and exploiting outdated authentication methods—indicating that the weakest link remains human error.

Defensive Measures

The guidance is clear: organizations must tighten their grip on two major fronts—vulnerabilities and identity management. According to the US Cybersecurity and Infrastructure Security Agency’s (CISA) StopRansomware Guide, maintaining prompt patches on VPNs, firewalls, and remote access tools is crucial. Equally important is the deployment of phishing-resistant multi-factor authentication systems, ensuring a robust line of defense against identity-based intrusions.

The Human Factor

Despite technological advances, humans continue to play a pivotal role in cybersecurity challenges. Legacy systems and outdated processes are ripe for abuse, making the implementation of educational programs and cultural shifts toward cybersecurity awareness more necessary than ever.

However, achieving this requires a concerted effort from top management down to every employee. Investments in cybersecurity should not only focus on technology but also on creating a culture where employees are motivated and equipped to act as the first line of defense.

Ransomware’s Love Affair with Industrial Targets

The allure of industrial targets for cybercriminals lies in their operational impact. A successful attack on a manufacturing plant can disrupt supply chains worldwide, offering criminals significant leverage. By targeting these critical infrastructures, attackers gain not just financial extortion opportunities but also a potential geopolitical tool.

What Can Be Done?

Corporate boards and CISOs must examine how well their cybersecurity strategies match the evolving threat landscape. This includes investing in continuous threat intelligence and readiness assessments to adapt swiftly to new threats.

Protecting Factories: Recommended Steps

• Frequent vulnerability assessments on all critical infrastructures.
• Enhanced identity verification processes and enforcing password hygiene.
• Employee training programs focusing on phishing awareness and incident reporting.

Vendor Diligence

1. How do you ensure continuous monitoring and quick updates for all security patches?
2. Can you provide references of recent implementations addressing ransomware defenses in the manufacturing sector?
3. What is your strategy to integrate legacy systems into a zero-trust security framework?

Action Plan

For Teams Reporting to the CISO:

• Immediate Review: Conduct assessments of current software vulnerability management processes.
• Train Workforce: Launch mandatory training sessions on identity protection and phishing awareness.
• Enhance Authentication Measures: Implement phishing-resistant multi-factor authentication across all systems.
• Incident Readiness: Develop and drill a comprehensive incident response strategy tailored for industrial systems.

Source: Cybernews Ransomware Article

If you're ready to tackle these challenges head-on, consider attending the cybersecurity conference in Kuala Lumpur this December to gain even deeper insights and strategies. We offer no guarantees, but attending could provide the lifeline your organization's cybersecurity strategy desperately needs.

CISO Intelligence is lovingly curated from open source intelligence newsfeeds and is aimed at helping cybersecurity professionals be better, no matter what their stage in their career.

We’re a small startup, and your subscription and recommendation to others is really important to us.

Thank you so much for your support!

CISO Intelligence by Jonathan Care is licensed under Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International