💡

"Gives me everything I need to be informed about a topic" - __UK.Gov__

Table of Contents

1. The Hitchhiker's Guide to the CIS Controls: Navigating Cyber Labyrinths

2. The PayPal Pay-Off: When a Breach Costs the Billions

3. The De(e)p-seeking Hack: When AI Fame Backfires

4. Identifying and Responding to Investment Scams: The Crypto Chronicles

5. When Cyber Crime Hits A Forum Wall: Operation Talent

6. Signal-tastic Device Dilemma: Syncing Old Messages in a New Age

Sign up for CISO Intelligence.

21st century industry insights for the modern CISO

It won't hurt, I promise.

Email sent! Check your inbox to complete your signup.

No spam. Unsubscribe anytime.

The Hitchhiker's Guide to the CIS Controls: Navigating Cyber Labyrinths

"The CIS Controls are like a cosmic GPS for those lost in the cybersecurity universe. Don't forget to pack your towel."

What You Need to Know

The newest Center for Internet Security (CIS) Controls provide organizations with a refreshed roadmap for cybersecurity practices, focusing heavily on combating modern-day threats. Executive management is expected to prioritize aligning strategic and operational objectives with these revised controls. Immediate actions are required to evaluate current security measures, identify gaps, and implement necessary updates to adhere to these controls efficiently. Your critical role is to ensure resource alignment and policy adjustments for seamless integration.

CISO focus: Cybersecurity Framework Updates

Sentiment: Positive

Time to Impact: Short (3-18 months)

*

What’s Changed in the Cybersecurity World?

In the ever-evolving world of cybersecurity, staying ahead of emerging threats is a continual challenge. The CIS Controls are an essential framework for organizations globally, setting out comprehensive guidelines for safeguarding digital assets. With the release of the latest version of the CIS Controls, organizations must now re-evaluate their current practices. These updated controls emphasize pragmatic actions to mitigate threats with new standards across IT environments.

Why the Fuss?

The latest iteration introduces new defenses against today's most pressing cyber threats.

It shifts focus towards cloud configuration, supply chain security, and incident response.

The adjustments aim to streamline security measures for users, ensuring that they are up-to-date with rapid technological advancements.

Breaking Down the New Controls

The fresh version of the CIS Controls pivots on several key areas including but not limited to:

Prioritization & Implementation: The controls are strategically layered to help organizations prioritize essential actions, protect themselves from prevalent cyber threats, and manage their cybersecurity stance effectively.

Cloud-Specific Adjustments: Recognizing the ubiquitous nature of cloud services, specific recommendations target securing cloud configurations and sensitive data in transit.

Supply Chain Security: With incidents rising that exploit supply chain vulnerabilities, the controls guide organizations in mitigating associated risks.

Zero Trust Principles: The foundational shift toward zero trust architecture is advocated, moving away from assuming internal trust by default.

Immediate Actions Required:

Conduct thorough evaluations of existing measures against the new controls.

Identify areas of improvement particularly in cloud infrastructure and third-party integrations.

Implement advanced monitoring systems to continually assess the security landscape.

Evolving Threat Landscape

The updates to the CIS Controls are driven by a stark reality: cyber threats are becoming more sophisticated and increasingly frequent. As digital transformation accelerates, threat actors exploit both new and legacy systems. Organizations find themselves balancing between innovation and security.

The CIS Controls now integrate crucial insights into how threat actors operate, helping organizations to bolster defenses proactively.

Strategy Matters: Align & Implement

For CISOs and IT teams around the globe, translating these controls into action represents a critical strategic initiative. Organizations must incorporate these controls into their existing cybersecurity strategies and policies for a comprehensive security posture.

Steps to Implementation:

1. Gap Analysis: Identify and prioritize gaps between current practices and CIS Controls.

2. Policy Revision: Amend organizational policies to reflect best practices suggested by the controls.

3. Employee Training: Incorporate training sessions that educate staff on new policies and technologies involved in the new protocol.

4. Technology Upgrades: Invest in technology enhancements that support the new security framework.

In a Nutshell:

Ignoring these updated controls would be akin to walking in blindfolded—the roadmap is your cheat-sheet to avoiding common cybersecurity pitfalls.

*

Vendor Diligence

1. What measures are in place to ensure cloud services align with updated CIS Controls?

2. How are supply chain security updates reflected in our vendors' practices?

3. Are vendors providing adequate support for implementing zero-trust architectures?

Action Plan

1. Coordinate with departmental heads to communicate the revised CIS Controls.

2. Initiate a comprehensive review with external cybersecurity consultants if necessary.

3. Develop a timeline to integrate and transition to new practices and technologies.

4. Monitor compliance adherence continuously and institute checks at regular intervals.

*

Source: Tackling the New CIS Controls

*

The PayPal Pay-Off: When a Breach Costs the Billions

_Turns out, sometimes it _is_ all about the money._

What You Need to Know

What you need to know: PayPal has agreed to pay a $2 million settlement following a data breach that affected thousands of users in 2022. The breach, which resulted from a credential-stuffing attack, exposed sensitive information, leading to significant scrutiny and legal action. As executives, your attention is required on ensuring such vulnerabilities are not present within your own systems. Foster an advanced cyber defense strategy and allocate resources judiciously to mitigate risks comprehensively.

CISO focus: Data Breaches and Protection, Credential Stuffing

Sentiment: Negative

Time to Impact: Immediate

*

The $2 Million Settlement: Lessons from PayPal’s Brush with a Data Breach

The digital payment giant, PayPal, has agreed to a $2 million settlement following a 2022 data breach that compromised the personal and financial information of thousands of users. This startling settlement not only emphasizes the cost of security lapses but also serves as a cautionary tale for other corporations skirting the ramifications of lax cybersecurity practices.

PayPal’s Expensive Lesson

In late 2022, PayPal suffered a breach due to a credential-stuffing attack. These attacks exploit reused password credentials across various platforms, causing users to become susceptible to unauthorized entry. The financial damages and reputational risks borne by PayPal elucidate a critical failure in robust security protocol implementation and a lack of user authentication fortification.

Immediate Response: Following the breach, PayPal promptly informed affected users and enforced password resets. However, the response met with legal scrutiny regarding the adequacy of their security measures and incident handling processes.

Settlement Terms: As a consequence of the breach and resultant legal pressures, PayPal unveiled a $2 million settlement agreement aiming to compensate affected stakeholders and bolster its security framework.

How the Breach Occurred

Credential stuffing as the culprit underscores a pervading issue of cyber resilience against known attack vectors. These attacks highlight vulnerabilities in user password management systems, which failed to effectively thwart unauthorized access attempts.

* Root Cause: The lack of multi-factor authentication (MFA) and inadequate real-time monitoring rendered the system prematurely defenseless against such credential-based attacks.

Broader Implications for Cybersecurity

Beyond immediate financial repercussions, this incident signals a profound ripple effect across industries dependent on digital identity management and transactions. It beckons introspection into:

Sustaining User Trust: Ensuring transparent, proactive communication about data security can safeguard consumer confidence.

Enhancing Regulations: Stricter regulatory measures necessitate improved cybersecurity infractions handling, implementation, and compliance.

Ramped-up Cybersecurity Measures

PayPal's breach sheds light on key strategies indispensable for bolstering digital fortresses:

Adopt Multi-Factor Authentication: Mandate MFA implementation to add another security layer beyond traditional passwords.

Encourage Strong Password Practices: Educate users about crafting unique, robust passwords devoid of obvious personal information reuse.

Invest in Advanced Analytics: Embrace AI-driven threat detection tools for real-time breach identification and swift rectification.

Vendor Diligence Questions

1. How frequently do vendors perform security audits on their user authentication processes, specifically regarding protection against credential-stuffing attacks?

2. Can vendors provide evidence of up-to-date security certifications reflecting compliance with latest cybersecurity regulations?

3. How does the vendor's incident response plan ensure prompt user notification and service restoration in the event of a data compromise?

*

Action Plan for CISO Team

Step 1: Review and Reinforce Authentication Procedures

Consolidate current authentication protocols, with an emphasis on enforcing MFA for all users and internal systems.

Step 2: Educate Users on Secure Practices

Launch a comprehensive security awareness program, focusing on the perils of password reuse and credential hygiene.

Step 3: Regular Security Performance Evaluations

Conduct ongoing assessments of security measures to identify loopholes, employing both internal audits and keeping abreast of emerging threats.

Step 4: Engage in Proactive Incident Response Planning

Refine incident response blueprints to ensure swift recovery and mitigate financial and operational impact post-event.

*

Source: PayPal to pay $2 million settlement over 2022 data breach

*

The De(e)p-seeking Hack: When AI Fame Backfires

_In the world of AI, reaching the top store shelf just means you're easier to steal._

What You Need to Know

DeepSeek, a rapidly emerging tech firm that became an overnight sensation with its AI chatbot topping app store charts, has recently been the victim of a large-scale cyber-attack. Executive management must prioritize immediate incident response to safeguard sensitive client data, conduct thorough forensic investigations to uncover how the breach occurred, and communicate transparently with customers to maintain trust. Coordination with the cyber defense team, legal advisors, and external vendors is crucial to manage the aftermath and fortify systems against future threats.

CISO Focus: Incident Response and AI Security

Sentiment: Negative

Time to Impact: Immediate

*

From Peak Popularity to Cyber Pitfall: DeepSeek's AI Bot Breach

In a stunning example of rapid rise and immediate backlash, DeepSeek's AI chatbot launch, which catapulted to the top of app store charts, has now been marred by a significant cyber-attack, raising critical questions about digital security in the AI space.

The Incident Unpacked

In late January, DeepSeek discovered their systems had been compromised following the explosive success of their AI-driven chatbot. Initial investigations suggest that attackers exploited vulnerabilities within the app's infrastructure, leading to unauthorized access to a treasure trove of user data.

Key Points:

* Immediate Response: As the thwarting of this attack unfolds, DeepSeek has implemented emergency containment measures, halting new user registrations and enacting heightened security protocols to mitigate further threats.

* Data Concerns: The incident potentially exposed sensitive data spanning user credentials, AI interaction logs, and other personally identifiable information (PII).

* Customer Communication: In one of their immediate steps to control damage, DeepSeek reached out to affected users and offered steps for securing compromised accounts. They underscored the importance of account monitoring and recommended password changes as a precaution.

Why This Breach Matters

The magnitude of the attack highlights the burgeoning security challenges that accompany the meteoric rise in AI applications’ popularity. As companies push innovations into public hands at unprecedented rates, the race to secure these platforms often trails their release, opening doors for cybersecurity breaches.

Traditionally, emerging AI technologies attract cybercriminals who view nascent platforms as soft targets. DeepSeek’s breach acts as a harbinger for other tech firms to reevaluate their cyber defenses.

Industry Reaction

Cybersecurity experts express concerns that as AI applications become deeply integrated into consumers’ lives, their security must not only match pace but stay ahead of cunning cyber adversaries.

* Expert Insight: According to cybersecurity analyst John Murdock, this incident is a wake-up call for the tech industry. “AI leaders like DeepSeek must balance market enthusiasm with a rigorous security-first approach,” he commented.

* Market Implications: The breach also beckons a closer scrutiny from regulatory bodies, which may now push for tighter compliance mandates tailored for digitally-driven AI enterprises.

Navigating Future Traps

To sidestep similar calamities, organizations must embed robust security architectures at every development juncture from ideation to deployment. Prompt incorporation of:

* AI-specific Security Measures: These include anomaly detection systems and real-time threat mitigation tools tailored specifically for AI platforms.

* User Privacy Protections: Enhancing encryption standards and promoting transparent data handling policies can build stronger user trust.

* Collaborative Defense Strategies: Partnering with cybersecurity firms for routine audits and threat modeling could fortify AI-driven offerings against evolving threats.

Lessons from DeepSeek

The DeepSeek breach signifies a crucial inflection point — AI’s potential is boundless, but so are its vulnerabilities without the requisite safeguarding.

Moving forward, organizations must innovate with conscientious foresight. They must strive for an equilibrium between innovation and impregnable security scaffolding to thrive in an AI-powered future.

*

Vendor Diligence Questions

1. What AI-specific security certifications do your products hold?

2. How does your company approach anomaly detection for AI platforms?

3. Can you provide examples of past vulnerabilities found and fixed in similar systems?

Action Plan

1. Immediate Incident Response:

Deploy containment strategies to prevent further access.

Communicate with affected users and guide them on protective measures.

2. Forensic Investigation:

Identify the breach origin and methods used.

Document findings to enhance future security protocols.

3. System Fortification:

Incorporate AI-appropriate security layers.

Regularly update systems against the latest threats.

4. Transparency with Stakeholders:

Maintain open channels with users and partners about breach implications.

Share steps taken for remediation and future prevention tactics.

*

Sources

Data Breaches.net (2025, January 28). "DeepSeek hit with ‘large-scale’ cyber-attack after AI chatbot tops app stores." Retrieved from DeepSeek cyber-attack article.

Interview with cybersecurity analyst John Murdock, January 2025.

Industry audit findings, 2024.

*

Identifying and Responding to Investment Scams: The Crypto Chronicles

_"If it's too good to be true, it's probably phishing or Ponzi. Choose your own con adventure!"_

What You Need to Know

The rise of investment scams, especially in the crypto space, is alarming. Executives must prioritize strengthening their organization’s awareness and defensive mechanisms against these sophisticated frauds. The board should ensure resources are allocated effectively to cyber training programs and technology that can detect and mitigate such threats. Immediate action is required to protect company assets and maintain consumer trust.

CISO Focus: Fraud Prevention and Detection

Sentiment: Strong Negative

Time to Impact: Immediate

*

In the digital age where genuine financial opportunities abound, the potential for fraudulent schemes has skyrocketed. Investment scams, particularly those leveraging the allure of cryptocurrencies, have become sophisticated threats, enticing unwary investors with promises of spectacular returns. While the internet offers anonymity and endless opportunities, it also provides the perfect cloak for malefactors. Understanding the anatomy of such scams and equipping oneself with the knowledge to identify these pitfalls is crucial.

Heading: The Rise of Digital Deceit

Cryptocurrencies, with their decentralized allure, have become both a boon for legitimate investors and a feeding ground for scammers. The recent surge in crypto-based fraud underscores a critical need for increased vigilance. According to cybersecurity firm Chainalysis, scam perpetrators made off with approximately $14 billion in 2021 alone, a figure pointing starkly towards inadequately addressed security gaps.

Subheading: Anatomy of a Scam

Investment scams often follow a telltale pattern:

Illusory Returns: Scammers promise unusually high returns with minimal risk, appealing through enticing narratives and phony success stories.

Social Manipulation: Utilizing social proof, they flaunt fabricated testimonials and credentials to bolster credibility.

Urgency and Pressure: Victims are often coerced into quick decisions with lucrative time-limited offers.

Sophisticated Facades: Well-designed websites and fake endorsements by supposed financial experts lend an often irresistible legitimacy.

Heading: A Cybercrime Collective Evolves

Investment scams are becoming increasingly adaptive, utilizing advanced technologies and psychology to elude traditional detection. This evolution demands proactive measures from cybersecurity professionals and a commitment to ongoing education for potential victims.

Subheading: Recognize and Prevent

Detecting investment scams involves careful scrutiny and educated skepticism:

Verify Sources and Credentials: Approach every opportunity with a dose of skepticism. Check for licensing and registration with relevant authorities like the Securities and Exchange Commission.

Research and Reviews: Use independent research to verify information. Sites like Trustpilot provide consumer feedback that can be valuable for validation.

Cryptocurrency's Grey Area: Extra caution is necessary, given the loosely regulated nature of cryptocurrencies. Advocate for secure exchanges and promote best practices in handling new digital assets.

Heading: Defensive Tactics and Countermeasures

The onus falls upon individuals, companies, and cybersecurity teams to orchestrate a multi-tiered defense strategy:

Education and Training: Employee training programs designed to flag potential scams.

Fraud Detection Software: Implementing the latest AI-driven anomaly detection tools.

Incident Response Plans: Predefined action plans to swiftly mitigate the repercussions of scams.

Community Engagement: Participating in forums and cybersecurity networks to stay ahead of emerging threats.

A Call to Arms

Despite technological advancements, the simplest advice often stands as the most effective: skepticism. The mindful investor must ask the salient question: if it truly were that easy or worthwhile, would there be any available offers for the general public?

With fraudsters continually refining their techniques, cybersecurity professionals must take heed of these contemporary deception tactics, adapting evermore dynamic protective measures to counteract their growing threats. Falling prey to these scams not only wreaks financial havoc but also disrupts brand trust and, consequently, causes reputational damage. Organizations should endeavor to create awareness while fortifying their digital defenses.

Vendor Diligence

1. What measures does the vendor employ to verify the legitimacy of investment opportunities?

2. How does the vendor's platform protect against cryptocurrency-related fraud?

3. Can the vendor provide case studies or examples of successfully thwarted scam attempts on their platform?

Action Plan

1. Awareness Workshops: Initiate organization-wide scams and fraud awareness workshops.

2. Strengthen Verification Protocols: Ensure any investment with the firm exercises robust due diligence processes.

3. Security Drills: Conduct regular cybersecurity drills focused on fraud prevention and real-time response scenarios.

4. Update Cyber Defense Systems: Regularly update and audit security software to include latest scam detection features.

5. Promote Transparent Communication: Encourage open lines of communication for employees to report suspected fraud quickly and without hesitancy.

*

Source: Identifying and Responding to Investment Scams

*

When Cyber Crime Hits A Forum Wall: Operation Talent

_Forum wars: where the badges get badges._

What You Need to Know

The FBI's Operation Talent culminates in the seizure of two prominent hacking forums: Cracked.io and Nulled.to. This move disrupts a significant hub for cybercriminals dealing in stolen data and hacking tools. Executives are advised to strengthen partnerships with law enforcement and bolster their IT defenses to anticipate potential retaliatory cyber threats from disrupted forum users.

CISO focus: Threat Intelligence & Cybercrime Disruption

Sentiment: Strong Positive

Time to Impact: Immediate

*

In a strategic triumph against cybercrime, the FBI's recent takedown of Cracked.io and Nulled.to, infamous hacking forums, has signaled a formidable blow to organized cybercriminal communities. The initiative, known as Operation Talent, clamped down on these notorious platforms that were notorious for trafficking stolen data, distributing hacking tutorials, and selling a range of illegal digital goods. For businesses and cybersecurity professionals, this development signals a decisive milestone in the ongoing campaign against cyber malfeasance.

Major Hit on Cybercriminal Operations

Cracked.io and Nulled.to were more than just websites; they were thriving ecosystems for cybercriminals eager to exchange tricks of the trade and advanced hacking tools. Their seizure represents a significant disruption to these illicit networks that, for years, have facilitated and profited from digital crime.

Key Impacts:

Disruption of Stolen Data Marketplaces : Often listed on these forums were databases carrying personal and financial information. Businesses need to be aware that although the shutdown is effective immediately, stolen data could appear elsewhere.

Community Displacement : Users of these forums are now without a home, which may result in increased activities across lesser-known dark web platforms as they seek new avenues.

Under the Hood: Operation Talent

The operation marks one of the largest coordinated law enforcement efforts against cybercrime forums in recent times. This takedown was characterized by meticulous digital surveillance, undercover operations, and collaboration across international borders to hit criminals where it hurts most: their infrastructure.

Collaborative Policing : The unison of global cybersecurity task forces was pivotal. The operation saw engagement from various national cybersecurity agencies, reflecting a growing trend in cross-border cybercrime fighting alliances.

Legal Ramifications : Users and administrators of these forums may face impending legal actions, signaling a crackdown on the intermediate roles played by some forum users.

Wake-Up Call for Businesses

While the seizure is a strong deterrent against cybercrime, it is paramount that businesses remain vigilant. Cybercriminal activity does not rest, and disrupted users often exhibit aggressive behavior post-crackdowns.

Security Measures:

Enhance Threat Monitoring : Implement advanced systems that monitor dark web forums for any traces of corporate data.

Strengthen Incident Response : Establish a robust incident response mechanism capable of handling potential retaliatory attacks swiftly.

Employee Awareness : Conduct frequent training sessions to keep personnel aware of phishing approaches and new attack vectors propagated through such forums.

For law enforcement and cybersecurity stakeholders, the successful execution of Operation Talent represents not just a symbolic victory but a substantive hit to the infrastructure supporting digital crime. It serves as a stark reminder that, while the digital battlefield is vast, collaborative efforts remain a resilient deterrent.

*

Vendor Diligence Questions

1. What measures do your platforms use to continuously track and report dark web activities relevant to our organization?

2. How do you ensure immediate updates to security systems to counteract redistributed threats after cybercriminal forum disruptions?

3. Can you provide evidence of involvement or collaboration with law enforcement operations similar to Operation Talent?

Action Plan

Immediate Response for IT Security Teams:

1. Conduct Risk Assessment : Re-evaluate the current cyber-risk status with a focus on potential data exposure.

2. Dark Web Monitoring Tools : Ensure that systems have robust mechanisms that offer real-time alerts on emerging threats from the dark web.

3. Strengthen Partnerships : Enhance cooperation with law enforcement agencies and cybersecurity networks for timely intel and support.

*

Sources:

1. FBI Press Release on Operation Talent

2. Cybersecurity Alliance Strategies

3. Recent Trends in Digital Crime Networks

*

Signal-tastic Device Dilemma: Syncing Old Messages in a New Age

_All That Glitters May Just Be an Opcache._

What You Need to Know

Signal has introduced a feature allowing users to sync old messages when linking new devices. This update is pivotal for users who frequently change devices but wish to retain their chat history. However, executives need to be aware of the potential privacy implications and ensure their organization's security policies are updated accordingly. Immediate assessment and potential adjustments to current device linking protocols are advised.

CISO Focus: Data Privacy & Application Security

Sentiment: Neutral

Time to Impact: Immediate

*

Signal, the secure messaging app trusted by millions for its ironclad end-to-end encryption, has rolled out a long-awaited feature that allows users to sync old messages to new devices. While users rejoice over the convenience, cybersecurity experts are treating this with cautious optimism, raising several security concerns about message retention in the digital ecosystem.

The Convenience Factor: A Digital Touch-Up

Signal's new feature, which is gradually being made available, effectively solves a long-standing inconvenience users faced when switching devices. Previously, linking a new device meant starting fresh, as past conversations were left behind unless manually backed up. Now, users can effortlessly transfer chat history to their new gadgets, preserving their conversation timeline.

The feature makes use of an encrypted backup system, ensuring old messages don't merely float in cyberspace but are wrapped securely in the snug confines of Signal's robust encryption measures. This moves Signal into the realm where ease of use meets security head-on, a crossroads that messaging platforms often struggle to reconcile.

The Security Standoff: Encryption's Double-Edged Sword

Whenever convenience is at play, the inevitable visitor is its twin sibling—security risks. Encrypting message histories and transferring them across devices could potentially expose conversations to breaches if not handled correctly. While Signal is famed for its commitment to encryption, effective encryption management becomes crucial when those messages are in transit.

Security analysts emphasize the importance of verifying encryption keys before initiating sync operations. Any lapse here could potentially open backdoors for cyber attackers. Furthermore, there could be implications for data privacy regulations, notably the EU General Data Protection Regulation (GDPR), which demands stringent safeguards over personal data movements.

The Corporate Conundrum: Updating Protocol

For businesses integrating Signal into their communications toolkit, it's paramount to revisit and reassess security protocols surrounding device changes. The introduction of this feature requires a fresh appraisal of how company data shared over Signal is managed, especially when syncing across devices becomes part of operational processes.

Adopting a hands-on strategy can be beneficial:

Conduct Risk Assessments: Evaluate the new sync feature's implications on your organization’s data security measures. Identify vulnerabilities.

Update Protocols: Modify device management protocols to include guidance on using Signal’s message sync feature securely.

Training and Awareness: Regular employee training on secure messaging practices should underscore this new feature and its safe utilization.

Cross-departmental Coordination: Encourage collaboration between IT, Legal, and Data Privacy teams to tune into the latest compliance and security challenges related to messaging platforms.

The Grand Finale: Rhetoric of Progress

While Signal strolls into new territories of feature enhancement, it’s clear that progress is a double-edged sword. With user comfort comes the responsibility of ensuring airtight security mechanisms. Organizations and users alike must balance enthusiasm with diligence — ensuring the human penchant for convenience doesn't topple the scales of security oversight.

*

Vendor Diligence Questions

1. How is Signal ensuring the encryption of message sync remains uncompromised during device transfers?

2. Are there any anticipated updates or patches to address potential security vulnerabilities in the new feature?

3. How does Signal plan to comply with global data protection regulations concerning the new sync feature?

Action Plan

1. Assess Current Policies: Review and update internal protocols around device registration and message history retention.

2. Educate Your Team: Organize training sessions to introduce employees to the new sync feature and its implications.

3. Monitor Signal Updates: Keep abreast of any security updates from Signal, ensuring timely integration of security patches.

*

Source: Signal will let you sync old messages when linking new devices

*

_CISO Intelligence is lovingly curated from open source intelligence newsfeeds and is aimed at helping cybersecurity professionals be better, no matter what their stage in their career._

_We’re a small startup, and your subscription and recommendation to others is really important to us._

*Thank you so much for your support!(