CYBER THIS WEEK – FEBRUARY 26, 2023
NIST plots biggest ever reform of Cybersecurity Framework
The US National Institute of Standards and Technology (NIST) is planning significant changes to its Cybersecurity Framework (CSF) – the first in five years, and the biggest reform yet.
Here’s What 10 Cybersecurity CEOs Are Prioritizing In 2023
From reaching customers that are buying security solutions in new ways, to fighting cybercrime and emerging threats alongside their trusted channel partners, here’s what some of the world’s biggest security CEOs are prioritizing this year.
Over 90% of CISOs report frequent 40+ hour work weeks
The lack of bandwidth and resources is not only impacting CISOs, but their teams as well. According to the report, 74% say they are losing team members because of work-related stress issues, with nearly half (47%) of these CISOs having more than one team member exit their role over the last 12 months.
GoDaddy Hit with Multiyear Breach
Website hosting company GoDaddy has announced that it has been subject to a multiyear cybersecurity breach. Over the course of the campaign, threat actors were able to install malware on the company’s systems and steal code, according to a 10-K filed with the US Securities and Exchange Commission
Evolving cyberattacks, alert fatigue creating DFIR burnout, regulatory risk
The evolution of cybercrime is weighing heavily on digital forensics and incident response (DFIR) teams, leading to significant burnout and potential regulatory risk.
Why You Should Listen to Twitter on Two-Factor Authentication
Twitter’s announcement of this change was initially confusing and alarming for many. But to be clear, Twitter is pushing users to adopt stronger safeguards — and it has created an opportunity for us all to bite the bullet and improve the security of our online accounts.
Cyberthreats, Regulations Mount for Financial Industry
For the most part, the financial industry needs to make its information infrastructure and processes more resilient — not only in resisting an attack, but also in the organization’s ability to recover following an attack
Why good threat hunters are hard to find
Enterprises have put a priority on threat hunting to improve their overall security posture, but in many cases do not provide sufficient funding to acquire the level of skilled experience that could make a difference in their organizations
How Digital Twins Could Protect Manufacturers from Cyberattacks
Detailed virtual copies of physical objects, called digital twins, are opening doors for better products across automotive, health care, aerospace and other industries. According to a new study, cybersecurity may also fit neatly into the digital twin portfolio.
With 40% of Log4j Downloads Still Vulnerable, Security Retrofitting Needs to Be a Full-Time Job
Vulnerabilities like Log4j remain responsible for security breaches a full year after the discovery of the flaw. In the months after widespread reporting about the vulnerability, 40% of Log4j downloads remained vulnerable to exploitation.