CYBER THIS WEEK – NOVEMBER 13, 2022
Is Your Board Prepared for New Cybersecurity Regulations?
Boards are now paying attention to the need to participate in cybersecurity oversight. Not only are the consequences sparking concern, but the new regulations are upping the ante and changing the game.
Is Your Board Prepared for New Cybersecurity Regulations? (hbr.org)
Cyber Criminal Adoption of IPFS for Phishing, Malware Campaigns
Many new Web3 technologies have emerged recently, attempting to provide valuable functionality to users. As these technologies have continued to see increased adoption for legitimate purposes, they have begun to be leveraged by adversaries as well. Organizations should be aware of how these newly emerging technologies are being actively used across the threat landscape and evaluate how to best implement security controls to prevent or detect successful attacks in their environments.
How Cyber-Informed Engineering Can Be the Way Forward For Critical Infrastructure
Cyber Informed Engineering (CIE) is an engineering discipline for operational technology (OT) environments where the primary goal is not security for security’s sake but, rather, maintaining the reliability and resiliency of the operational environment
How Cyber-Informed Engineering Can Be The Way Forward For Critical Infrastructure (forbes.com)
The 15 biggest data breaches of the 21st century
Data breaches affecting millions of users are far too common. Here are some of the biggest, baddest breaches in recent memory.
The 15 biggest data breaches of the 21st century | CSO Online
Financial cyber frauds in India 2022 and learnings for 2023
The key measure to curb these crimes is by increasing consumer awareness as well as being constantly vigilant about one’s banking security. Since banks are already working tirelessly to update their security infrastructure, consumers also need to do their bit too.
Financial cyber frauds in India 2022 and learnings for 2023 (indiatimes.com)
CISA releases vulnerability management methodology
The Cybersecurity and Infrastructure Security Agency (CISA) published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular system.
CISA releases vulnerability management methodology | Security Magazine
Coming Clean: Why Cybersecurity Transparency Is a Strength, Not A Weakness
Despite the technical challenges, compliance is generally straightforward. Organizations must develop discipline in how they detect and defend against cyber threats. In addition, they must improve the way they report on them.
Coming Clean: Why Cybersecurity Transparency Is A Strength, Not A Weakness (forbes.com)
Millions Lost in Minutes — Mitigating Public-Facing Attacks
Companies in the public eye need to be aware of the unique risks they face. From increased media exposure to a large workforce, these companies have much to consider regarding security.
Millions Lost in Minutes — Mitigating Public-Facing Attacks (securityintelligence.com)
The future of cybersecurity: DAST solutions, SBOMs, and APIs to take center stage
From fresh exploits to new attack vectors, things change fast – and those sudden ebbs and flows can make or break how prepared you are to respond to future threats quickly and efficiently. Keeping an eye on trends that indicate how processes, tools, and workflows might change in response to these shifts is critical for staying ahead of the curve and ensuring that your organization is ready when the next big vulnerability makes itself known.
The future of cybersecurity: DAST solutions, SBOMs, and APIs to take center stage | Invicti
Defending Digital Supply Chains Remains a Business Challenge
The survey shows that supply chain cybersecurity risk has not decreased and, in fact, more enterprises than ever have reported being negatively impacted by a cybersecurity disturbance in their supply chain. Enterprises should continuously monitor their supply chain to be able to quickly remediate threats. As companies are being negatively impacted by supply chain disturbances, they must prioritize this risk with the appropriate budget