CYBER THIS WEEK – JANUARY 1, 2023
The 13 Costliest Cyberattacks of 2022: Looking Back
Cyberattacks continue to target critical infrastructures such as health systems, small government agencies and educational institutions. Ransomware remains a popular attack method for large and small targets alike. While organizations may choose not to disclose the costs associated with a cyberattack, the loss of consumer trust will always be a risk after any significant attack.
Let’s look at the 13 costliest cyberattacks of the past year and the trends that defined major threats from now to the beginning of 2022.
The 13 Costliest Cyberattacks of 2022 (securityintelligence.com)
Are You Aware of the Shared Responsibility Model? The SaaS Data Loss Risk You Might Not Know You’re Taking
SaaS vendors are responsible for ensuring the security of their cloud environments, but each customer is responsible for securing their data in those clouds. Unfortunately, too many companies falsely believe that their solution provider protects their data and that a reliable third-party backup solution is an unnecessary investment.
2022 in Cybersecurity – That’s a Trap
Every year, the ENISA Threat Landscape (ETL) report does a great job of presenting what has been happening over the last 12 months, and giving us actionable information that we can use in presentations and board papers. In short, it gives us threat intelligence at a strategic level, and if you’re not already thinking strategically, now is the time to begin, using this report.
2022 in Cybersecurity – That’s a Trap | Tripwire
ENISA Threat Landscape 2022 — ENISA (europa.eu)
Security needs a new mindset
A proactive security mindset is all about preventing incidents. It is about anticipating the new normal and the new threats it could bring, and embedding protection at the design stage itself. Apart from employees, partners and customers should also be included in security awareness and education programs. Above all, organizations should beware of complacence. Being alert and anticipative – conducting regular cybersecurity drills.
Security needs a new mindset | Security Magazine
Cyber security professionals share their biggest lessons of 2022
With a new year just around the corner, many cyber security professionals are reflecting on the challenges they’ve faced over the past year and coming up with lessons on how to improve in 2023.
Cyber security professionals share their biggest lessons of 2022 | Computer Weekly
Why Cyber Pros and Forensic Accountants Should Work Together to Mitigate Security Risk
Forensic accountants and cybersecurity professionals have the same goal: to safeguard important information. When they use their unique skill sets to collaborate effectively, a corporation has the best chance of evading the consequences of a devastating cyberattack.
Cyberattacks could soon become impossible to insure
The costs of cyberattacks will soon become so high that insurance companies will not be able to do business with the affected parties anymore. According to Mario Greco, chief executive of Zurich Insurance Group, cyber-risks will soon take the place of pandemics, climate change and other natural disasters as systemic risks which are essentially “uninsurable.”
Cyberattacks could soon become impossible to insure | TechSpot
How Low-Code/No-Code App Development Affects IT Security
Applications are the lifeblood of your business. So, if you’re taking advantage of low-code/no-code app development — or would like to — security needs to be top-of-mind. It needs to come first.
How Low-Code/No-Code App Development Affects IT Security | Radware Blog
CISO Budget Constraints Drive Consolidation of Security Tools
The consolidation of security tools onto platforms may become a budgetary necessity but also offers opportunities for the highly fragmented nature of IT security.
CISO Budget Constraints Drive Consolidation of Security Tools (informationweek.com)
How to Monitor and Manage Fourth-Party Supplier Risk at Scale
Following a series of high-profile hacks in recent years, third-party cyber risk management has taken a front seat. And, with the help of effective tools, many risk managers are making progress towards program maturity. But what about fourth-party supplier risk?
The same level of analysis and monitoring should be used when evaluating your extended ecosystem, i.e. your vendor’s vendors. Yet most organization’s end their monitoring with their third parties, trusting those organizations are monitoring their suppliers with the same diligence.
How to Monitor and Manage Fourth-Party Supplier Risk at Scale | BitSight