CISO View – The Week’s Best News – 2020.09.18

A Review of the Best News of the Week on Cybersecurity Management & Strategy

CISA Named Top-Level Root CVE Numbering Authority (SecurityWeek, Sep 17 2020)
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA) and it will be overseeing CNAs that assign CVE identifiers for vulnerabilities in industrial control systems (ICS) and medical devices.

#GartnerSEC: Top Projects for 2020 Include Authentication, Risk Management and Cloud (Infosecurity Magazine, Sep 14 2020)
Gartner’s top projects for security and risk for the next year

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack (Krebs on Security, Sep 17 2020)
The U.S. Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and "supply chain" attacks to steal data from companies and their customers. One of the alleged hackers was first profiled here in 2012 as the owner of a Chinese antivirus firm.

Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~16,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn

Security Through an Economics Lens: A Guide for CISOs (Dark Reading, Sep 14 2020)
An expert in economics and cybersecurity applies opportunity cost and other concepts of the “dismal science” to infosec roles.

#GartnerSEC: #COVID19 Created New Roles, More Data Collection and Flexible Businesses (Infosecurity Magazine, Sep 15 2020)
Gartner explores the challenges and opportunities created by the COVID-19 pandemic

#GartnerSEC: Five Steps to Ensuring Board Engagement (Infosecurity Magazine, Sep 15 2020)
Gartner recommends five steps to ensure management engagement

#GartnerSEC: Moving Towards an Explicit Zero Trust Model of Cybersecurity (Infosecurity Magazine, Sep 14 2020)
Gartner outlines what a zero trust model should look like

Gartner Survey Finds the Evolving Threat Landscape is Top Priority for Security and Risk Management Leaders (Gartner, Sep 15 2020)
The evolving threat landscape was ranked as the top driver impacting the information security organization during the next three to five years, according to a recent survey* by Gartner, Inc.

Gartner Security & Risk Management Summit, Day 1 Highlights (Gartner, Sep 14 2020)
By 2023, 65% of the world’s population will have its personal data covered under modern privacy regulations, up from 10% in 2020.

German Hospital Hacked, Patient Taken to Another City Dies (SecurityWeek, Sep 17 2020)
German authorities said Thursday that what appears to have been a misdirected hacker attack caused the failure of IT systems at a major hospital in Duesseldorf, and a woman who needed urgent admission died after she had to be taken to another city for treatment.

Chinese Hackers Using Publicly Available Resources in Attacks on U.S. Government (SecurityWeek, Sep 15 2020)
Threat actors affiliated with the Chinese Ministry of State Security (MSS) continue to target U.S. government agencies, the Cybersecurity and Infrastructure Security Agency (CISA) says in a new alert.

Due Diligence That Money Can’t Buy (Krebs on Security, Sep 14 2020)
Most of us automatically put our guard up when someone we don’t know promises something too good to be true. But when the too-good-to-be-true thing starts as our idea, sometimes that instinct fails to kick in. Here’s the story of how companies searching for investors to believe in their ideas can run into trouble.

CISOs struggling to prep for security audits (Help Net Security, Sep 15 2020)
Calendars for security and compliance audits are largely unchanged despite COVID-19, yet the pandemic is straining teams as they work remotely, according to Shujinko. Moreover, CISOs are tasked with preparing for more than three audits on average in the next 6-12 months, but struggle with inadequate tools, limited budgets and personnel, and inefficient manual processes. Furthermore, the results show that migration to the cloud is dramatically increasing the scope and complexity of audit preparat

Encrypted Traffic Inference: An Alternative to Enterprise Network Traffic Decryption (Dark Reading, Sep 15 2020)
Finding threats in encrypted inbound network traffic is complex and expensive for enterprises, but a fascinating new approach could eliminate the need for decryption.

Report details how North Korean and Russian cybercriminals are cooperating (SC Media, Sep 16 2020)
Several companies, media outlets and the U.S. government have accused North Korean state-sponsored hackers of purchasing access to pre-hacked servers from criminal groups. But the connections to specific criminal groups have been a little more tenuous. Now a new meta-analysis of previous reports from Intel 471 establish a likely connection to TrickBot. TrickBot, as well…

How the FIN7 Cybercrime Gang Operates (Schneier on Security, Sep 16 2020)
“The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. An excerpt:

The secret of FIN7’s success is their operational art of cyber crime. They managed their resources and operations effectively, allowing them to successfully attack and exploit hundreds of victim organizations. FIN7 was not the most elite hacker group, but they developed a number of fascinating innovations.”

What’s on Your Enterprise Network? You Might be Surprised (Dark Reading, Sep 16 2020)
The strangest connected devices are showing up, and the threats they pose to security should not be overlooked.

Attacks on Mid-Market Organizations Soar (Infosecurity Magazine, Sep 16 2020)
Insurer reports rise of cyber-attacks on middle-market orgs during the pandemic

U.S. Charges Two State-Sponsored Iranian Hackers (SecurityWeek, Sep 17 2020)
Two Iranian hackers were indicted in the United States for allegedly engaging in numerous cyberattacks, some of them conducted on behalf of the government of Iran, the U.S. Department of Justice announced on Wednesday.

The Wayback Machine and Cloudflare Want to Backstop the Web (Wired, Sep 17 2020)
The Internet Archive and the infrastructure company are teaming up to make sure sites never fully go down.

Share on facebook
Share on twitter
Share on linkedin