Scott Ikeda

Senior Correspondent at CPO Magazine

Featured in: Favicon

cpomagazine.com Favicon

ukmediaobserver.com Favicon

realcleardefense.com Favicon

creditandcollectionnews.com Favicon

canadanewsjournal.com Favicon

businesspostexaminer.com Favicon

hongkongbusinessreporter.com

Articles

Microsoft Makes All New Accounts Passwordless As of May 1, Pushes Biometric Passkeys

1 week ago | cpomagazine.com | Scott Ikeda

As of the beginning of May, those signing up for a new account with a Microsoft service may have noticed that they were not asked to set a password. Microsoft has formally gone passwordless across its services, and while it offers users a selection of “several” alternatives it makes the most direct push for them to use a passkey. These passkeys are stored on the user device and can be protected by facial recognition, fingerprints or a PIN.
JPMorgan Chase CISO Warns Security of SaaS Models is Unsustainable, Third-Party Security Must Improve to Prevent Catastrophe

1 week ago | cpomagazine.com | Scott Ikeda

An open letter from JPMorgan Chase CISO Pat Opet, timed to coincide with the start of RSA Conference 2025, calls on software-as-a-service (SaaS) vendors to make immediate and stark improvements to their secure-by-design and authorization models or be party to the eventual crashing of global financial markets.
HiddenLayer Prompt Injection Attack Able to Break the Guardrails of All Major AI Models

1 week ago | cpomagazine.com | Scott Ikeda

Researchers with AI security firm HiddenLayer have developed a single prompt injection attack that works across all of the major AI models currently in use. The attack breaks the safety guardrails of essentially any model it’s thrown at, convincing it to reveal its system prompt as well as engage in all manner of potentially harmful exchanges.
Google Threat Intelligence: 75 Zero-Days Exploited in 2024, Majority Linked to Spyware

2 weeks ago | cpomagazine.com | Scott Ikeda

A new report from Google’s Threat Intelligence Group (GTIG) finds that 75 zero-days were exploited in the wild last year, with a little over half involving spyware. The spyware comes from a mix of foreign espionage groups, particularly those based in China and North Korea, and international commercial providers such as Paragon Solutions and NSO Group. Some of 2024’s most notable zero-days hit Cisco, Palo Alto Networks and Ivanti.
Health Insurance Provider Blue Shield of California Discloses Accidental Sharing of Customer Health Data Via Google Analytics

2 weeks ago | cpomagazine.com | Scott Ikeda

A major data breach at health insurance giant Blue Shield of California appears to be a case of misconfiguring advertising analytics tools. Between April 2021 and January 2024, Google Analytics was misconfigured on some of the insurer’s websites causing some personal information and potentially sensitive health data related to claims and searches to be available to Google’s ad network.
2025 Verizon DBIR: Cyber Attacks Increasingly Driven by Vulnerability Exploitation, VPNs and Edge Devices Heavily Targeted

2 weeks ago | cpomagazine.com | Scott Ikeda

Verizon’s annual Data Breach Investigations Report (DBIR) is out, and the headline finding is another surge in vulnerability exploitation as a leading initial access method in cyber attacks. Though not as big as the 180% spike seen in 2024, the growth is substantial and nearly catches exploits up to credential abuse as the leading initial entry method. The researchers think that this newer and smaller spike may be fed to some degree by a more general increase in incident reporting.
Google Seemingly Surrenders on Third Party Cookies, Even As Privacy Sandbox Project Rolls On

3 weeks ago | cpomagazine.com | Scott Ikeda

While Google has been signalling for at least some months that it was planning to remain flexible on the use of third party cookies in Chrome, an April 22 blog post seems to indicate the central purpose of the “Privacy Sandbox” project has now been scuttled.
X Faces Investigation in Ireland Over Collection of AI Training Data

3 weeks ago | cpomagazine.com | Scott Ikeda

The Irish Data Protection Commission (DPC) has announced that it will be investigating X’s use of the platform’s posts, replies and user information as AI training data for its embedded “Grok” feature. A key point will be X’s default opt-in of all users, something that may run afoul of General Data Protection Regulation (GDPR) personal information consent requirements. Like many international tech giants, X keeps its EU headquarters in Dublin.
Extension to Federal Information Sharing Cybersecurity Law Introduced Ahead of September Expiration Date

3 weeks ago | cpomagazine.com | Scott Ikeda

A bipartisan bill has been introduced to the Senate that would extend the terms of the Cybersecurity Information Sharing Act of 2015, widely seen as a vital national cybersecurity law. The current terms are set to expire in September of this year. The act creates a partnership between the Department of Homeland Security (DHS) and private industry partners that promote sharing of software vulnerabilities, malware, or malicious IP addresses.
WSJ: China Admitted to Volt Typhoon Cyber Attacks in Secret Meeting

3 weeks ago | cpomagazine.com | Scott Ikeda

Reports indicate that Chinese officials admitted to the string of cyber attacks by Volt Typhoon that were aimed primarily at US infrastructure, though it is not a public admission. The Chinese government usually responds to any linking of cyber attacks to its state-sponsored APT groups with a fierce denial and deflection.

Contact details

Emails

[email protected]

Socials & Sites

Try JournoFinder For Free

Search and contact over 1M+ journalist profiles, browse 100M+ articles, and unlock powerful PR tools.

Start Your 7-Day Free Trial →

Scott Ikeda

Articles

Microsoft Makes All New Accounts Passwordless As of May 1, Pushes Biometric Passkeys

JPMorgan Chase CISO Warns Security of SaaS Models is Unsustainable, Third-Party Security Must Improve to Prevent Catastrophe

HiddenLayer Prompt Injection Attack Able to Break the Guardrails of All Major AI Models

Google Threat Intelligence: 75 Zero-Days Exploited in 2024, Majority Linked to Spyware

Health Insurance Provider Blue Shield of California Discloses Accidental Sharing of Customer Health Data Via Google Analytics

2025 Verizon DBIR: Cyber Attacks Increasingly Driven by Vulnerability Exploitation, VPNs and Edge Devices Heavily Targeted

Google Seemingly Surrenders on Third Party Cookies, Even As Privacy Sandbox Project Rolls On

X Faces Investigation in Ireland Over Collection of AI Training Data

Extension to Federal Information Sharing Cybersecurity Law Introduced Ahead of September Expiration Date

WSJ: China Admitted to Volt Typhoon Cyber Attacks in Secret Meeting

Contact details

Emails

Socials & Sites