CYBER THIS WEEK – OCTOBER 9, 2022
The Uber Data Breach Conviction Shows Security Execs What Not to Do
Many now worry that Sullivan’s conviction will make the already daunting role even less appealing to top talent. But the United States Department of Justice is positioning the case as an opportunity to set guardrails around what behavior is—and isn’t—acceptable in the fraught balancing act of corporate breach response.
The Uber Data Breach Conviction Shows Security Execs What Not to Do | WIRED
Security to take an outsized role in IT spending in 2023
Security is taking an outsized role in technology spending and is expected to creep into software, hardware and cloud budgets in 2023, according to Spiceworks Ziff Davis survey of more than 1,400 IT professionals conducted in June and released last week.
Security to take an outsized role in IT spending in 2023 | Cybersecurity Dive
7 Practical Considerations for Effective Threat Intelligence
Threat Intelligence (TI) is evidence-based, contextualized information about adversarial threats — their past, present, and predicted attacks against the organization, produced after careful analysis of available data and information. If your security team is considering, planning, building, or operating a TI capability, here is some practical guidance that can help.
7 Practical Considerations for Effective Threat Intelligence (darkreading.com)
LAUSD Ransomware Attack: Understanding Cybersecurity Risks in Education
The Vice Society ransomware group targeted the Los Angeles Unified School District, ultimately leaking stolen data. How can the education sector address common cybersecurity vulnerabilities and prevent attacks like this?
Ransomware Attack: Understanding Cybersecurity Risks in Education (informationweek.com)
Rise in Cyberattacks Stretches and Stresses Defenders
Cybersecurity specialists who respond to hacks say they are stretched thin as ransomware and other attacks proliferate, often working on multiple cases at once while trying to avoid burnout. Managing stress is a primary consideration in every incident-response team, veterans say. The work is technical, laborious and difficult, often performed in the shadow of a company shutdown that could threaten its existence.
Rise in Cyberattacks Stretches and Stresses Defenders – WSJ
Improving Cybersecurity — A Call for Introspection
When it comes to taking responsibility for cybersecurity, a little introspection can go a long way in maximizing collective cyber defenses.
Improving Cybersecurity — A Call for Introspection | Security Magazine
8 strange ways employees can (accidently) expose data
From eyeglass reflections and new job postings to certificate transparency logs and discarded printers, employees have odd ways to unintentionally expose data.
8 strange ways employees can (accidently) expose data | CSO Online
81% of companies had a cloud security incident in the last year
As many as 81% of organisations have experienced a cloud-related security incident over the last 12 months, with almost half (45%) suffering at least four incidents.
81% of companies had a cloud security incident in the last year (cloudcomputing-news.net)
Travelers Risk Index Shows Cyber Threats Remain Top Overall Business Concern
The Travelers Companies, Inc. recently released its 2022 Travelers Risk Index results, and for the third time in four years, the survey found that cyber threats were the top overall concern for business decision makers.
Travelers Risk Index Shows Cyber Threats Remain Top Overall Business Concern — Security Today
How do we know when cyber defenses are working?
Assessing the effectiveness of cyber defenses is a crucially important part of developing cybersecurity policy and making decisions about where and how to invest in computer networks and infrastructure. But in the absence of good defensive metrics, calibrating these investments remains difficult.
How do we know when cyber defenses are working? (brookings.edu)