September 24, 2023 by cyberthisweek No CommentsUncategorized

CYBER THIS WEEK – SEP 24, 2023

How NIST Cybersecurity Framework 2.0 Tackles Risk Management

The updated CSF 2.0 puts a stronger emphasis on risk management. By emphasizing supply chain risk and security, it also follows guidelines released by other areas of the federal government.

How NIST Cybersecurity Framework 2.0 Tackles Risk Management (securityintelligence.com)

What Are the Biggest Lessons from the MGM Ransomware Attack?

Ransomware profit declined in 2022, but that doesn’t mean threat actors are going to abandon these attacks. The billions made from ransomware payments thus far are a significant motivator to continue searching for new victims to extort.

Biggest Lessons from the MGM Ransomware Attack (informationweek.com)

Changing Role of the CISO: A Holistic Approach Drives the Future

While senior business leaders and boards of directors understand that cybersecurity is a critical risk, they face challenges in determining how it compares to other factors such as credit, liquidity, and market risk. It’s no longer enough to identify risk; now security leaders must be armed with information that allows them to justify investments, work hours, and importantly — budget.

Changing Role of the CISO: A Holistic Approach Drives the Future (darkreading.com)

6 Actions CEOs Must Take During a Cyberattack

Beyond strengthening a company’s cybersecurity out of self-interest and to avoid a national security crisis, business leaders also play a bigger role and can be considered guardians of trust in technology overall. Fundamentally, cybersecurity revolves around trust. Ransomware and numerous other cyberattacks exploit this trust. CEOs should therefore not hesitate to seek help from outside a company to help develop, test, or refine a plan or review existing processes and policies.

6 Actions CEOs Must Take During a Cyberattack (hbr.org)

Be the threat: Case for hands-on threat simulations in cybersecurity

Simulation exercises have emerged as indispensable tools in the arsenal of cybersecurity teams, enabling them to prepare for the relentless and ever-evolving cyber threats they face. By simulating real-world attack scenarios, organizations can identify and bridge skills gaps, fine-tune their defenses and improve incident response capabilities.

Be the threat: Case for hands-on threat simulations in cybersecurity | Security Magazine

Six patch management mistakes and how to avoid them

Patch management has changed dramatically over the last five years as organizations try to keep pace with attackers. It’s never been more important for IT teams to have a solid patch management strategy, so consider using the list we’ve outlined here to get started.

Six patch management mistakes and how to avoid them | SC Media (scmagazine.com)

How cyber attacks on Taiwan are hurting global business

State-sponsored cyber attacks from China have become far more common in recent years, but it’s not just Taiwan in the firing line. The implications for global semiconductor supplies could be critical

How cyber attacks on Taiwan are hurting global business – Raconteur

Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report

While the report provides a list of the specific top routinely exploited vulnerabilities, it also contains some key recommended broad mitigations and practices that can help mitigate risk from malicious actors’ activities.

Key findings from the CISA 2022 Top Routinely Exploited Vulnerabilities report | CSO Online

2023 Network and Application Threat Landscape

Cybercriminals have redirected their attacks in 2023, targeting online applications and their surrounding infrastructure. While overall global DDoS activity held steady compared to 2022, attention has shifted from network DDoS attacks to more sophisticated, application-level Web DDoS attacks. Organizations must adapt as attackers turn to the cloud for additional scale, agility, and control.

2023 Network and Application Threat Landscape – Radware Blog

Mastercard preps for the post-quantum cybersecurity threat

A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today.

Mastercard preps for the post-quantum cybersecurity threat | CIO

Comments are closed.