CYBER THIS WEEK – SEP 17, 2023
Security’s important place in the broader digital trust ecosystem
Cybersecurity deserves the attention it has come to command, yet it’s not the be-all, end-all, when it comes to what ultimately matters most for companies: building and preserving trust with existing and prospective customers. Still, security practitioners have a major part to play in this overarching priority of advancing digital trust at their organizations.
Automotive supply chain vulnerable to attack as cybersecurity regulation looms
Almost two-thirds (64%) of automotive industry leaders believe their supply chain is vulnerable to cyberattacks, with many businesses inadequately prepared for a connected automotive era. From July 2024, UN155/156 (as set out by UNECE WP.29) will require all original equipment manufacturers (OEMs) and their supply chains to include multi-layered cybersecurity solutions to protect against current and future cyberattacks.
New SEC Disclosure Rule: Do the Benefits Outweigh the Concerns?
One of the most critical components of incident response following a data breach is notifying affected employees, partners, customers, and shareholders. But when and how this should occur is often a hot topic amongst security professionals. The SEC adopted a new law requiring all public companies to disclose breaches within four days. In addition, organizations must also share cybersecurity risk management practices and executive security expertise annually.
A Review of NIST’s Draft Cybersecurity Framework 2.0
The National Institute of Standards and Technology’s (NIST’s) Framework for Improving Critical Infrastructure Cybersecurity (CSF) is often touted as the gold standard for building a robust cybersecurity program. But voluntary compliance with the framework has largely failed to generate effective cybersecurity, leaving critical infrastructure and other organizations vulnerable to serious cyber threats such as ransomware
Being Flexible Can Improve Your Security Posture
Being flexible is perhaps one of the hardest things we as humans can be. Why is this? It could be because, distilled to its essence, being flexible means realizing that we might be wrong and that there might be a better way. Regardless of the why, being flexible has the potential to vastly improve our security programs.
OT Security: Risks, Challenges and Securing your Environment
With the rise of the internet within the industrial sector, OT systems are also being exposed to the same disruptive threats that exist for all internet-connected devices, such as intellectual property theft, Distributed Denial of Service (DDoS) botnets, and ransomware attacks.
What Cybersecurity Gets Wrong
Cybercriminals, of course, are constantly adapting, so we can’t lay all the blame at the feet of the industry that is supposed to defend us from them. At the same time, though, many organizations are falling behind — floundering as they try to address the latest threats or simply ignoring them and hoping for the best.
5 areas where zero trust can’t protect your organization
With growing adoption of zero trust, CISOs must look at all possible blind spots across the organization, be that unmonitored IoT devices or third-party systems, to ensure attackers can’t find a way in.
The Duality Of AI In Cybersecurity: Risk Factor And Enabler
Every time a new tool or technology is introduced, there’s bound to be a blend of excitement and fear—and it’s at this juncture that we figure out how to use it to empower growth and progress. Harnessing that excitement and framing it with the right security, ethical and moral principles is what will enable us to use AI to empower innovation.
5 Ways DDoS Attacks Disrupt Healthcare Services
The evolving threat landscape of DDoS attacks in the healthcare sector. Healthcare institutions are required to provide uninterrupted access to medical information and services, ensuring timely and efficient patient care. Any disruption to these essential systems due to DDoS attacks can have severe consequences, jeopardizing patient safety, compromising data integrity, and affecting the reputation of the institution.