CYBER THIS WEEK – APRIL 23, 2023
The strong link between cyber threat intelligence and digital risk protection
Digital transformation initiatives and hybrid IT increases risk and drives the need for digital risk protection. Threat intelligence programs must accommodate this requirement.
The Holistic Vulnerability Management Program: Integrating Security Tools From Across the Attack Surface
Recent research from PwC revealed that U.S. executives’ number-one concern – cyberthreats – ranked higher than talent acquisition and production costs. This heightened focus on cybersecurity means vulnerability management (VM) teams are squarely in the spotlight.
Cybersecurity in the Energy Sector: Risks and Mitigation Strategies
The demand for cybersecurity in the energy sector is often understated. There is a misconception that very little IT is involved, and much of it does not impact operations. But 97% of surveyed ICS security professionals in the energy, oil, and gas sector believe cybersecurity is a growing concern.
Triple Extortion and Erased Data are the New Ransomware Norm
The ransomware landscape is like the Wild West. Nearly anything goes, and even actors with limited technical skills can get into the action. In the end, though, threat groups may be shooting themselves in the foot. If attackers destroy your files, what’s the point in paying the ransom?
3CX has a 7-part plan to shore up its security
3CX has launched a major effort to harden its network security as part of a seven-point plan following a report from Mandiant that revealed a historic supply chain attack linked to suspected North Korea-based threat actors.
How to reduce cyber-attacks in the global supply chain
Cyber criminals continue to find vulnerabilities despite evolving security measures. Could better cyber hygiene help?
The Future of Cyber: Perfect the Present, Focus on Future
To remain resilient, cybersecurity leaders must perfect fundamentals while staying forward-thinking. So how can they juggle these to ensure cyber resilience?
The Tangled Web of IR Strategies
Complicating the current IR environment is the fact that enterprise threat landscapes have gotten exponentially more complex in recent years, especially in terms of being porous as well as giving bad guys far more places to hide.
The biggest CISO problem with IR is a lack of preparation, and the biggest IR enterprise weakness today is foundational. The best processes for IR begin with readiness via building a solid organizational threat model and reconciling the threat library of things that could adversely affect the company with an alignment to what preventative, detective, and reactive controls are present against the attack surface of that threat model.
5 Key Takeaways From Mandiant’ s 2023 Threat Report
The report details how major cyber threats, such as ransomware and data theft, evolved last year, and reveals significant improvements in detection and response efforts. The findings also point to shifts in the initial intrusion methods favored by attackers — while highlighting the fact that even as cyber defense makes gains, threat actors continue to switch up their tactics.
Why Your Tech Stack Isn’t Enough To Ensure Cyber Resilience
A people-centric approach is no longer optional. Boards and customers are requiring visibility into cybersecurity risks and demanding proof of resilience. Governments are enforcing standards that were unthinkable mere years ago, and regulations are only growing more complex.