CYBER THIS WEEK – MARCH 5, 2023
Authorization Oversight: The Data Security Pitfall Keeping You at Risk
Authorization oversight occurs when organizations fail to properly manage and monitor access rights. Over privileged rights are a giant liability for companies. Many companies – especially large enterprises – don’t use or monitor all of their data access permissions, dramatically increasing the potential risk of sensitive data exposure.
Authorization Oversight: The Data Security Pitfall Keeping You at Risk – CPO Magazine
What is the Future of Cyberattacks in 2030 (and beyond)?
As more people are “born into” technology, their technical proficiency could very well increase compared to us today. Those in the infosec world today are there by choice and desire; future generations will just be in it. Survival will depend on their ability to navigate it, and “how to hack” may be a kindergarten lesson.
What is the Future of Cyberattacks? (securityintelligence.com)
Best and worst data breach responses highlight the do’s and don’ts of IR
Over the past few years, there have been numerous examples of high-profile data breaches that severely impacted the company’s fortunes. Think Equifax, Sony, and SolarWinds. Here are some recent examples of the best and worst responses to data breaches, based on the criteria cited above.
Best and worst data breach responses highlight the do’s and don’ts of IR | CSO Online
The Biden-Harris Administration Releases New National Cybersecurity Strategy
The new strategy comes more than two years after President Biden took office and more than four years after the Trump administration issued its National Cyber Strategy in September 2018. The release also occurs in the wake of a range of significant cyber intrusions and ransomware attacks
FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy | The White House
Organizations need a strategic approach to attack surface management
Organizations are often stuck in firefighting mode, attempting to put out fires and handle critical alerts such as misconfigurations, vulnerabilities and breaches as soon as they are discovered. As the attack surface continues to change and expand, this means organizations may not have the visibility they need to know which fires are most important, and some alerts may go unresolved altogether.
Organizations need a strategic approach to attack surface management | Security Magazine
The DDoS Attack on German Airport Websites and What IT Leaders Can Learn
DDoS attacks occur when a threat actor disrupts the traffic of website or network with an overwhelming amount of internet traffic, like a traffic jam. The impact of DDoS attacks can be anywhere from subtle (slower websites) to very serious (outage/unavailability).
Any infrastructure that relies on constant website communication with the public must have the ability to increase bandwidth substantially at any given moment. This includes both downtime from either accidental or malicious causes.
The DDoS Attack on German Airport Websites and What IT Leaders Can Learn (informationweek.com)
Mind these five mistakes when responding to infosec threats
Organizations have access to all the security tools they need to combat cyber incidents. Companies need to adjust their approach to ensure they architect their defenses correctly. Here are a five common mistakes businesses keep making despite having the right tools and talent on board.
Mind these five mistakes when responding to infosec threats | SC Media (scmagazine.com)
Threat intelligence: Why Attributing Cyber-Attacks Matters
Attribution can help identify if victims are a target or collateral damage, better understand the tactics, techniques and procedures (TTPs) used during an attack to enhance detection and response, and help the board see the investment value in new security tools
Your Biggest Cybersecurity Risks Could Be Inside Your Organization
Managing both internal and external risks is vital to the security of any organization. Each comes with their own challenges, but what makes insider risk management especially tricky is the need to balance people, processes, and technologies.
Your Biggest Cybersecurity Risks Could Be Inside Your Organization (hbr.org)
3 Ways Security Teams Can Use IP Data Context
IP address intelligence data isn’t the panacea for securing a network, but it can go a long way in providing the context security teams to identify when unusual activities are occurring and to investigate further
3 Ways Security Teams Can Use IP Data Context (darkreading.com)