CYBER THIS WEEK – OCT 29, 2023
The critical need for independent CISOs in modern organizations
It’s impossible for a CISO to know what new technology will emerge next that allows bad actors to infiltrate their systems, but they can ensure that a company operates in compliance with all the latest policies and standards and that security is a priority, which will prepare an enterprise for an inevitable attack.
The critical need for independent CISOs in modern organizations | Security Info Watch
Reliance on Self-Attestation is not working for the Cyber Insurance Industry
The main problem is reliance on self-attestation by policyholders. It is not that companies are intentionally deceitful when filling out questionnaires or committing to following cybersecurity mandates set by insurance companies. IT environments are simply too complex and too dynamic for self-attestation, based on manual processes, to ever work.
Reliance on Self-Attestation is not Working for the Cyber Insurance Industry – CPO Magazine
Litigation Preparedness Following a Data Breach
Many companies can do more upon discovery of a data breach to arm themselves to defend against the increasingly common class action litigation that follows. By putting in place a litigation hold promptly, only providing identity theft protection services where required or where the risks to personal data call for such services, and making better use of breach notification letters, companies can better position themselves to defend against data breach litigation—particularly where there is no evidence of injury or damage.
Seven ways to reduce a company’s digital footprint
A vast digital footprint implies a wider attack surface. With more web assets, software, and online platforms, there are many more entry points for cybercriminals to exploit. Vulnerabilities in any of these assets are often in the crosshairs, fueling data breaches and unauthorized access.
Seven ways to reduce a company’s digital footprint | SC Media (scmagazine.com)
Rationalizing The Security Complexity Conundrum
When organizations are more focused on battling the complexity of their own internal environment, they can’t effectively or proactively defend against external cyber threats. Solving this complexity conundrum is key to turning the tables and empowering organizations to stay one step ahead of cybercriminals.
Rationalizing The Security Complexity Conundrum (forbes.com)
6 most common types of software supply chain attacks explained
The umbrella term “software supply chain attack” covers any instance where an attacker interferes with or hijacks the software manufacturing process (software development lifecycle) such that multiple consumers of the finished product or service are impacted detrimentally.
6 most common types of software supply chain attacks explained | CSO Online
A Cybersecurity Framework for Mitigating Risks to Satellite Systems
Cyber threats on satellite technology will persist and evolve. We need a comprehensive cybersecurity framework to protect them from attackers.
A Cybersecurity Framework for Mitigating Risks to Satellite Systems (darkreading.com)
The evolution of 20 years of cybersecurity awareness
Since 2004, the White House and Congress have designated October National Cybersecurity Awareness Month. This year marks the 20th anniversary of this effort to raise awareness about the importance of cybersecurity and online safety
The evolution of 20 years of cybersecurity awareness (securityintelligence.com)
Demystifying the top five OT security myths
Even in the face of several high-profile attacks on OT systems in recent years, complacency about OT security persists.
Demystifying the top five OT security myths | Computer Weekly
Okta’s breach shows why identities come first in a zero trust world
Okta’s unfortunate breach shows how ingenious attackers are in exploiting any opportunity there is to steal privileged access credentials, down to intercepting Okta session cookies and attempting attacks with live sessions. The attempted breach illustrates why the core concepts of zero trust have immediate practical benefits.
Okta’s breach shows why identities come first in a zero trust world | VentureBeat