A recent publication in the 2025 IEEE Symposium on Security and Privacy evaluates the impact of common enterprise security training methods, including annual cybersecurity awareness training and embedded anti-phishing exercises. Conducted by Stefan Savage (UC San Diego) and collaborators, the eight-month study involving over 19,500 employees at a large healthcare organization found minimal differences in phishing simulation failure rates between trained and untrained users.

In remarks at the United Nations Security Council on November 8, 2024, Anne Neuberger, Deputy National Security Advisor of the United States, highlighted the grave impact of ransomware attacks on healthcare systems worldwide. Stressing the critical need for global cooperation, Neuberger called for adherence to international frameworks, stronger law enforcement actions, and collective efforts to disrupt ransomware operations. The remarks emphasized that ransomware targeting healthcare infrastructure endangers lives, destabilizes societies, and violates international norms.

OAKLAND UNIVERSITY DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Faculty Positions in the Department of Computer Science and Engineering

The Cybersecurity and Infrastructure Security Agency (CISA) invites feedback on its new guidance addressing “Product Security Bad Practices.” This guidance identifies security practices in product design and deployment that increase vulnerability to cyber threats. By highlighting and mitigating these bad practices, CISA aims to strengthen security standards across products and systems. Researchers, industry experts, and government stakeholders are encouraged to review the document and contribute comments to shape effective, secure product development practices.

The newly released 2025 RSA ID IQ Research Report provides in-depth insights into identity security trends, challenges, and innovations shaping the cybersecurity landscape. This comprehensive report explores how organizations can strengthen their identity and access management strategies to counter evolving threats. For researchers and cybersecurity professionals, the findings offer valuable data on the latest best practices, risk mitigation techniques, and technology advancements in identity security. Access the full report to stay informed on key developments impacting the field.

A recent incident involving pager system vulnerabilities highlights critical lessons for modern supply chain security. Hackers exploited an outdated pager network used by hospital staff, exposing sensitive information and underscoring the importance of updating legacy technology. This breach reveals potential risks when outdated systems are integrated into critical supply chains, emphasizing the need for continuous monitoring and timely modernization.

At the recent Singapore International Cyber Week, cybersecurity experts stressed the urgency of addressing the unique security challenges posed by the rapid adoption of artificial intelligence (AI). Discussions highlighted the potential risks of data poisoning, adversarial attacks, and model integrity issues, emphasizing the need for a multi-layered, cooperative approach to safeguard AI systems.