CYBER THIS WEEK – DECEMBER 18, 2022
5 Top Cyber Issues Facing the Corporate Boardroom In 2023
Despite the sophistication, impact and rapid emergence of cyber risks, corporate governance policies and practices on cyber risk have lagged their reality. But a perfect storm of issues is putting pressure on corporate boards and their directors to adapt their approach to cyber governance. The year 2023 could be the year that cybersecurity and cyber risk regulatory reform finally arrives in the boardroom
5 Top Cyber Issues Facing The Corporate Boardroom In 2023 (forbes.com)
Google introduces vulnerability scanner for open-source projects
Open-source development projects often must rely on many external dependencies, saving developers the work of building new functionality from scratch. Google’s new tool is the latest part of its efforts to help such projects track and solve vulnerabilities the dependencies introduce, building on top of its community database.
Google introduces vulnerability scanner for open-source projects | TechSpot
Digging into the numbers one year after Log4Shell
Be sure to get your organizational bill of materials under control. If I told you about a new vulnerability right now, and you cannot answer me if you are using that component anywhere in your portfolio, you should better get started because the next Log4Shell may be right around the corner
Digging into the numbers one year after Log4Shell | SC Media (scmagazine.com)
Now is the time to prioritize your organization’s security communications strategy
As external stakeholders demand more information and insight into your organization’s security practices and protocols, a comprehensive security communications strategy must be implemented. Devising a detailed communications plan will improve how information is shared, foster trust with your customers, and help your team stay ahead of evolving threats.
The Professionalization of Ransomware: What You Need to Know
The skill on display in terms of ransomware development, including encryption methodologies and their ability to leverage initial access brokers, points toward signs that ransomware gangs are reaching a new level of professional acumen
The Professionalization of Ransomware: What You Need to Know (informationweek.com)
Analysis Shows Attackers Favor PowerShell, File Obfuscation
The use of PowerShell, obfuscating files, and exploiting public-facing applications are the three most popular techniques for attackers, the analysis found.
Analysis Shows Attackers Favor PowerShell, File Obfuscation (darkreading.com)
Leveraging the Attack Surface – A Novel Approach in Navigating the Threat Landscape
ASM is the process by which organisations assess themselves as attackers would. This approach is helpful in prioritising maintenance, upgrades, patching, tool procurement and policy enactment because it forces decision makers to consider where attackers will hit first
Leveraging the Attack Surface – A Novel Approach in Navigating the Threat Landscape – CPO Magazine
How to Embed Gen Z in Your Organization’s Security Culture
The key to engaging Gen Z in cybersecurity is to make it meaningful and top of mind. An inclusive security culture will create a more aware employee base and, in turn, lower your organization’s risk in the long run.
How to Embed Gen Z in Your Organization’s Security Culture (securityintelligence.com)
2023 Cybersecurity Almanac
As we are looking for what trends 2023 will hold in store for us, it is important to comprehend that cybersecurity is a perpetual battle against the cyber threats. Despite the increasing number of high-profile attacks that make the headlines, everyday businesses win fights against criminals who become more advanced. However, to win the war we need to become more innovative and stop chasing the attacker’s tail.
2023 Cybersecurity Almanac | Tripwire
The State of Cybersecurity: Why Industry Experts Are Optimistic
According to industry experts, the state of cybersecurity is actually looking brighter than ever before. Let’s take a look at what is driving this growing optimism and what it could mean for the future of cybersecurity.
The State of Cybersecurity: Why Industry Experts Are Optimistic (hackread.com)