CYBER THIS WEEK – NOVEMBER 20, 2022
Information security compliance: why it’s more important than ever
Companies may face fines for breaches, but it’s hard to also put a number on the losses they suffer due to reputational damage. Ensuring information security compliance is necessary, and there are some measures companies can put in place to help.
Information security compliance: why it’s more important than ever (tripwire.com)
How the DNSChanger Shutdown Changed Cybersecurity
On the morning of July 9, 2012, the world braced for an “internet doomsday”: a full-scale crash of the global internet. Except it didn’t happen. And that non-event represented the culmination of a long and successful coordinated action taken between a huge number of organizations, spearheaded by the FBI.
How the DNSChanger Shutdown Changed Cybersecurity (securityintelligence.com)
The real cost of ransomware is even bigger than we realised
It’s well known that ransomware attacks are one of the most significant cybersecurity challenges facing the world today, and often the financial impact on victims is the most obvious and most discussed consequence. But that’s far from the only cost.
The real cost of ransomware is even bigger than we realised | ZDNET
5 ways to find hidden IT talent inside your organization
An internal talent marketplace can also reduce internal hiring bias and increase networking that promotes diversity. Hiring managers can focus just on skill sets and years of experience rather than education by removing that visible field, for instance.
5 ways to find hidden IT talent inside your organization | CIO
Credential Access via Information Stealers
Many think cybercrime is a single-sourced operation, but that’s rarely the case. Behind most compromises is an extensive criminal network that includes, among many threat actors, initial and wholesale access brokers who harvest and sell user credentials
Credential Access via Information Stealers | Radware Blog
Are We Ready for AI-Generated Code?
Autocompleted code is convenient and quick, but it may expose your organization to security and compliance risks. The technology industry, need to start asking how such code is being generated, how it’s used, and who will take responsibility when things go wrong.
Are We Ready for AI-Generated Code? (darkreading.com)
3 ways microsharding technologies can mitigate ransomware
Microsharding is a coordinated, three-step process that consists of shredding, mixing and distributing data across multiple storage repositories. It’s based loosely on the concepts of RAID 5 and traditional sharding — a process used to distribute a single dataset across multiple databases to increase a system’s total storage capacity.
While there are many ways that microsharding can ensure the integrity of sensitive data in general, it has three features that are particularly well-suited to protecting against a ransomware attack.
3 ways microsharding technologies can mitigate ransomware | Security Magazine
Global 2000 companies failing to adopt key domain security measures
Lookalike/fake domains are targeting Global 2000s to leverage the trust placed on well-known brands and launch phishing attacks or other forms of digital brand abuse/IP infringement
Global 2000 companies failing to adopt key domain security measures | CSO Online
Domain Security Report | CSC (cscdbs.com)
The CISO playbook for 5G security
The core model of 5G requires adequate security for the user plane and control plane, network slice, segregation of virtualized functions, protection against DDoS, API security etc. This assumes higher significance as core 5G functions can now be consumed as an API.
The CISO playbook for 5G security | The Financial Express
Seven deadly sins hiding in the company’s attack surface
Every modern organization’s digital attack surface continues to expand. This will remain the case for the foreseeable future. Businesses must take responsibility for their expanding digital attack surface and prioritize protecting it.
Seven deadly sins hiding in the company’s attack surface | SC Media (scmagazine.com)