A Review of the Best News of the Week on Cybersecurity Management & Strategy

Maintaining the SOC in the age of limited resources (Help Net Security, May 27 2020)
With COVID-19, a variety of new cyber risks have made their way into organizations as a result of remote working and increasingly sophisticated, opportunistic threats. As such, efficiency in the security operations center (SOC) is more critical than ever, as organizations have to deal with limited SOC resources.

Cisco takes aim at supporting SASE (Network World Security, May 28 2020)
Cisco will upgrade and integrate access-control, networking and security products to address the goals of secure access service edge

Virtual Black Hat USA Offers Unparalleled Access to Expert Security Insights (Dark Reading, May 27 2020)
Attendees can look forward to the same high-quality Briefings and Trainings from the comfort of their own desk.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~14,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Nearly One Fifth of Law Firms Show Signs of Compromise (Infosecurity Magazine, May 27 2020)
BlueVoyant report warns sector is critical to national security

Cybersecurity among six sectors booming during Covid-19, with Q1 funding exceeding $1.5B (SC Media, May 27 2020)
As the Covid-19 pandemic continues to hobble economies around the world, cybersecurity is one of six sectors currently booming, with first quarter funding topping $1.5 billion. That figure is close to a record high…

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office (Krebs on Security, May 26 2020)
“A group of Romanians operating an ATM company in Mexico and suspected of bribing technicians to install sophisticated Bluetooth-based skimmers in cash machines throughout several top Mexican tourist destinations have enjoyed legal protection from a top anti-corruption official in the Mexican attorney general’s office, according to a new complaint filed with the government’s internal affairs division.”

HackerOne Bounties Hit $100M Milestone (Dark Reading, May 27 2020)
The bug-hunting platform has now paid more than $100 million in bounties since October 2013.

House pulls vote on FISA bill (SC Media, May 28 2020)
The House late Wednesday nixed a planned vote on the FISA bill passed earlier this month by the Senate and which would authorize three surveillance initiatives in the USA Freedom Act.

Americans Care About Security But Don’t Follow Through (Dark Reading, May 26 2020)
Most Americans say they’re very concerned about online security but still behave in insecure ways, according to a new survey.

Huawei CSO: Secure Networks Do Not Trust Anyone (Infosecurity Magazine, May 27 2020)
If the U.S. government wants to forgo a comprehensive approach to risk management and simply seek alternatives to Huawei, it has several options

National Guard Helps Maryland with Cybersecurity (Infosecurity Magazine, May 26 2020)
National Guard’s pandemic response includes $1m in cybersecurity support for Maryland

C-suite execs often pressure IT teams to make security exceptions for them (Help Net Security, May 28 2020)
The C-suite is the most likely group within an organization to ask for relaxed mobile security protocols (74%) – despite also being highly targeted by malicious cyberattacks, according to MobileIron.

Why is SDP the most effective architecture for zero trust strategy adoption? (Help Net Security, May 29 2020)
Software Defined Perimeter (SDP) is the most effective architecture for adopting a zero trust strategy, an approach that is being heralded as the breakthrough technology for preventing large-scale breaches, according to the Cloud Security Alliance.

IT Leaders Overestimate Staff’s Commitment to WFH Security (Infosecurity Magazine, May 28 2020)
IT leaders who think staff follow security best practices while working from home are misguided