CYBER THIS WEEK – JULY 2, 2023

Keeping Cybercriminals Guessing: The Rise of Automated Moving Target Defense

AMTD is a proactive approach that thought leaders in the cyber security space would need to consider in the evolving attack landscape that we see today.

As it is designed to complement the existing cyber security stack and that it doesn’t rely on scanning or require prior knowledge of an attack’s parameters, signatures, or behavior patterns to block attacks gives it an edge as a last line of defense for organizations

Keeping Cybercriminals Guessing: The Rise of Automated Moving Target Defense – CPO Magazine

2020 SolarWinds Breach: Execs Face Potential SEC Legal Action

In 2020, software company SolarWinds was hit with a cyberattack that compromised its Orion supply chain software. The attack impacted thousands of victims. Three years later, the US Securities and Exchange Commission (SEC) is continuing its investigation into the attack. The oversight agency has indicated it may pursue civil enforcement action against current and former employees, including CFO J. Barton Kalsu and CISO Tim Brown.

What kind of liability could these individuals face, and what does the SEC’s investigation mean for other cybersecurity stakeholders?

2020 SolarWinds Breach: Execs Face Potential SEC Legal Action (informationweek.com)

No consensus on creating a unified US cyber incident reporting framework

Comments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.

No consensus on creating a unified US cyber incident reporting framework | CSO Online

How Application Allowlisting Combats Ransomware Attacks

Data encryption at all levels is a powerful measure and critical to implement with depth and weight. But it should be only part of a larger whole. You should consider augmenting encryption with additional controls that identify attackers at the application and process levels. This technique is known as application (or process) allowlisting.

How Application Allowlisting Combats Ransomware Attacks (securityintelligence.com)

What to do after a data breach

The attack itself is inevitable; 62% of companies dealt with a cyber incident or data breach in 2021, according to a KPMG survey. So it isn’t the incident itself that will be the biggest problem. How an organization reacts in the aftermath and how they come out on the other end will make all the difference.

What to do after a data breach | CIO Dive

How ransomware is evolving to evade detection

This year, security leaders are seeing threat actors focus principally on two sets of tactics — specialization and the deployment of new ransomware techniques aimed at avoiding detection.

How ransomware is evolving to evade detection | Security Magazine

Be safe inside your cyber fortress

Cybersecurity standards are developed and maintained by industry experts, regulatory bodies and international organizations to reflect the latest trends and emerging threats, and are one of the most important concepts in keeping both our business and ourselves safe

Complete List Of Cybersecurity Standards And Frameworks – Dataconomy

The 10 Biggest Data Breaches of 2023 (So Far)

Three of the data breaches associated with the MOVEit attacks rank among the 10 biggest data breaches from the first half of 2023, based on the number of impacted individuals in the breaches, according to the nonprofit Identity Theft Resource Center.

The 10 Biggest Data Breaches of 2023 (So Far) | CRN

Q1 Data Breach Analysis – ITRC (idtheftcenter.org)

What You Need to Know About Zero Trust Identity and Access Management

Identity and access management ensures only authorized individuals who are who they say they are can view, edit and move your most precious resources. In order to make this as secure as possible and minimize the risk of a data breach, the best practice is to take a ‘zero trust‘ approach. This means constantly verifying who users are and only providing the minimum level of privileged access needed for a task.

So what do businesses need to know in order to make a zero trust approach to access management an effective solution?

What You Need to Know About Zero Trust Identity and Access Management | BlackFog

How TEEs Can Help Prevent Data Breaches and Protect User Privacy

TEEs can help to protect user data from both external and internal threats. While there are challenges to overcome in implementing TEEs, their potential benefits make them a promising solution for enhancing the security of connected devices and applications

How TEEs Can Help Prevent Data Breaches and Protect User Privacy (citylife.capetown)

Share: