CYBER THIS WEEK – NOV 12 , 2023
What Happens When You Lose Your Cyber Insurance?
In a world where a cybersecurity incident is considered a “when, not if” scenario, having insurance coverage can be an important way to reduce financial risk.
What Happens When You Lose Your Cyber Insurance? (informationweek.com)
Organizations turn to zero trust, network segmentation as ransomware attacks double
Report finds network segmentation is considered critical to thwarting ransomware attacks, but adoption is slow in organizations.
Organizations turn to zero trust, network segmentation as ransomware attacks double | CSO Online
Lessons From 100+ Ransomware Recoveries
In our combined experience as a team, we’ve navigated 100+ ransomware recoveries. Here’s what we’ve learned.
Lessons From 100+ Ransomware Recoveries – CPO Magazine
The road ahead for identity management
As attacks continue, layoffs and economic uncertainty remains, and we live an increasing portion of our lives online, the greater the need for strong, modern identity management and governance.
The road ahead for identity management | Security Magazine
NIST’s security transformation: How to keep up
Like the digital transformation, the security transformation will evolve to fit your organization’s needs. There may be some push to move quickly — you want protections or policies in place for a ransomware attack sooner rather than later, for instance.
NIST’s security transformation: How to keep up (securityintelligence.com)
What We Can Learn From Major Cloud Cyberattacks
In a study of six major cloud security incidents in 2021-2022, Mohamed Shaaban, solution architect at Sysdig, found that attacks on the cloud are becoming more advanced, particularly in the volume of attacks and in attacker’s use of automated tools, meaning defenders need to speed up their detection and response capabilities in order to thwart them
What We Can Learn From Major Cloud Cyberattacks (darkreading.com)
How Security Observability Can Impact AppSec Teams
The key to implementing a healthy and cost-effective AppSec program is understanding context and visualizing how the software works. One way for AppSec to do this is with security observability tools that automatically create full-context digital security blueprints by watching the software as it actually runs.
How Security Observability Can Impact AppSec Teams (forbes.com)
The ransomware warning sign we should all have on our radar
The cybersecurity community talks a lot about ransomware attacks: who the latest ransomware gangs are, common attack vectors, how much companies are shelling out in ransom payments and what the proper incident response protocols are for security teams.
The ransomware warning sign we should all have on our radar | World Economic Forum (weforum.org)
Looking Ahead: Highlights from ENISA’s Foresight 2030 Report
The European Union Agency for Cybersecurity (known as ENISA) recently released a report breaking down some of the most pressing concerns for cybersecurity that are likely to arise or become more prevalent in the next several years.
Looking Ahead: Highlights from ENISA’s Foresight 2030 Report | Tripwire
Foresight 2030 Threats — ENISA (europa.eu)
Key questions to ask when evaluating an identity and access security vendor
Before embarking on a search for the right IAM solution, or indeed any kind of information-security product or service, an organization must conduct a thorough self-assessment to firmly understand its own capabilities, deficiencies, requirements, and future plans. Only by truly knowing itself can an enterprise learn what it needs.