CYBER THIS WEEK – JULY 2, 2023
Keeping Cybercriminals Guessing: The Rise of Automated Moving Target Defense
AMTD is a proactive approach that thought leaders in the cyber security space would need to consider in the evolving attack landscape that we see today.
As it is designed to complement the existing cyber security stack and that it doesn’t rely on scanning or require prior knowledge of an attack’s parameters, signatures, or behavior patterns to block attacks gives it an edge as a last line of defense for organizations
2020 SolarWinds Breach: Execs Face Potential SEC Legal Action
In 2020, software company SolarWinds was hit with a cyberattack that compromised its Orion supply chain software. The attack impacted thousands of victims. Three years later, the US Securities and Exchange Commission (SEC) is continuing its investigation into the attack. The oversight agency has indicated it may pursue civil enforcement action against current and former employees, including CFO J. Barton Kalsu and CISO Tim Brown.
What kind of liability could these individuals face, and what does the SEC’s investigation mean for other cybersecurity stakeholders?
No consensus on creating a unified US cyber incident reporting framework
Comments submitted to CISA regarding its creation of cyber incident and ransom payment reporting requirements underscore how tough it will be for the agency to create a one-size-fits-all framework.
How Application Allowlisting Combats Ransomware Attacks
Data encryption at all levels is a powerful measure and critical to implement with depth and weight. But it should be only part of a larger whole. You should consider augmenting encryption with additional controls that identify attackers at the application and process levels. This technique is known as application (or process) allowlisting.
What to do after a data breach
The attack itself is inevitable; 62% of companies dealt with a cyber incident or data breach in 2021, according to a KPMG survey. So it isn’t the incident itself that will be the biggest problem. How an organization reacts in the aftermath and how they come out on the other end will make all the difference.
How ransomware is evolving to evade detection
This year, security leaders are seeing threat actors focus principally on two sets of tactics — specialization and the deployment of new ransomware techniques aimed at avoiding detection.
Be safe inside your cyber fortress
Cybersecurity standards are developed and maintained by industry experts, regulatory bodies and international organizations to reflect the latest trends and emerging threats, and are one of the most important concepts in keeping both our business and ourselves safe
The 10 Biggest Data Breaches of 2023 (So Far)
Three of the data breaches associated with the MOVEit attacks rank among the 10 biggest data breaches from the first half of 2023, based on the number of impacted individuals in the breaches, according to the nonprofit Identity Theft Resource Center.
What You Need to Know About Zero Trust Identity and Access Management
Identity and access management ensures only authorized individuals who are who they say they are can view, edit and move your most precious resources. In order to make this as secure as possible and minimize the risk of a data breach, the best practice is to take a ‘zero trust‘ approach. This means constantly verifying who users are and only providing the minimum level of privileged access needed for a task.
So what do businesses need to know in order to make a zero trust approach to access management an effective solution?
How TEEs Can Help Prevent Data Breaches and Protect User Privacy
TEEs can help to protect user data from both external and internal threats. While there are challenges to overcome in implementing TEEs, their potential benefits make them a promising solution for enhancing the security of connected devices and applications