CYBER THIS WEEK – JANUARY 8, 2023
Tips to overcome the limitations of MFA
Organizations need MFA as part of their cybersecurity strategy. But relying on it as a panacea would be a grave mistake. Organizations still need a comprehensive cybersecurity strategy in addition to a robust technology stack to combat and mitigate threats when MFA fails.
Here are a few strategies organizations can implement to improve their security posture in the wake of anti-MFA attacks.
Tips to overcome the limitations of MFA | Security Magazine
Trustwave report says businesses need to get more proactive about ransomware
Trustwave released its 2022 ransomware report, pointing out that just as security researchers continue to develop new methodologies and techniques to keep adversarial groups at bay, ransomware groups continue to do the same.
Why Authorization Is Rising as a Priority in IAM
There is a rapid convergence between traditional IAM, cybersecurity, and data protection, including privacy requirements. This evolution is driving the re-emergence and relevance of authorization and the subsequent need to create, manage, and enforce authorization policies in a simple, user-friendly manner.
Why Authorization Is Rising as a Priority in IAM – CPO Magazine
3 Reasons to Make EDR Part of Your Incident Response Plan
EDR supplies crucial short-term containment measures, stopping the breach from doing further damage to a network. Beyond that, having an EDR solution offers strategic long-term benefits by enabling organizations to strengthen their security posture so that they can defend against emerging, unknown threats.
3 Reasons to Make EDR Part of Your Incident Response Plan (securityintelligence.com)
First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen)
In the past 24 hours, the world has learned of serious breaches hitting chat service Slack and software testing and delivery company CircleCI, though giving the companies’ opaque wording—“security issue” and “security incident,” respectively—you’d be forgiven for thinking these events were minor.
First LastPass, now Slack and CircleCI. The hacks go on (and will likely worsen) | Ars Technica
Why Cybersecurity Should Be Top Of Mind In 2023
As we dive into Q1, executives are thinking carefully about priorities for their operations, internal business processes and budgets. In many cases, cybersecurity will not top these lists. This could have serious consequences
Why Cybersecurity Should Be Top Of Mind In 2023 (forbes.com)
Why we need global rules to crack down on cybercrime
Cybercrime is big business. One industry group estimated that the damages incurred by all forms of cyber crime, including the cost of recovery and remediation, totaled $3 trillion in 2015, $6 trillion in 2021, and could reach $10.5 trillion annually by 2025. Yet despite all this, there are still few clear global norms, standards and rules to mitigate and prevent cybercrime.
Why we need global rules to crack down on cybercrime | World Economic Forum (weforum.org)
14 Cybersecurity Best Practices to Instill In Your End-Users
Preventing cybersecurity attacks starts with preparing your frontline of defense: your employees. Cybersecurity awareness training helps them become more aware, alert, and knowledgeable against the latest cyber threat tactics targeting end-users.
14 Cybersecurity Best Practices to Instill In Your End-Users (bleepingcomputer.com)
An Action Plan for Cyber Resilience
It’s impossible to avoid all cyber risk. Here’s how to make your company more resilient in the face of new threats.
An Action Plan for Cyber Resilience (mit.edu)
What Twitter’s 200 Million-User Email Leak Actually Means
Researchers now say that a widely circulated trove of email addresses linked to about 200 million users is likely a refined version of the larger trove with duplicate entries removed. The social network has not yet commented on the massive exposure, but the cache of data clarifies the severity of the leak and who may be most at risk as a result of it.
Twitter Data Leak: What the Exposure of 200 Million User Emails Means for You | WIRED