A Review of the Best News of the Week on Cybersecurity Management & Strategy
Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware (Daniel Miessler, Oct 06 2020)
I think the only reason we survived this long without serious disruption to business—like we’re seeing now—is because attackers didn’t have their acts together. Their tooling wasn’t nearly as good as it is now, and they hadn’t linked their tooling with the business models.
Today there are multiple routes to make money from an insecure business. Once they get in—via rdp or phishing or drive-bys—they are not only extorting people who want to get their data back.
Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work (Krebs on Security, Oct 08 2020)
“today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained.”
How Netflix Makes Security Decisions: A Peek Inside the Process (Dark Reading, Oct 06 2020)
A senior information security risk engineer explains how Netflix’s risk management program helps businesses leaders make key decisions.
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
Operation Fortify: A US Ransomware Plan (Daniel Miessler, Oct 06 2020)
some interesting ideas on how to deal with the surge of ransomware:
“So I have a proposal: Operation Fortify. The Pentagon starts a new program called Operation Fortify, which allocates multiple billions to hardening our essential infrastructure of governments, schools, SMBs, and hospitals.”
Cisco Ordered to Pay $1.9 Billion for Security Patent Infringement (Infosecurity Magazine, Oct 06 2020)
Virginian firm Centripetal in legal triumph
Three common mistakes in ransomware security planning (Help Net Security, Oct 07 2020)
As the frequency and intensity of ransomware attacks increase, one thing is becoming abundantly clear: organizations can do more to protect themselves. Unfortunately, most organizations are dropping the ball. Most victims receive adequate warning of potential vulnerabilities yet are woefully unprepared to recover when they are hit. Here are just a few recent examples of both prevention and incident response failures…
37% of remote employees have no security restrictions on corporate devices (Help Net Security, Oct 06 2020)
ManageEngine unveiled findings from a report that analyzes behaviors related to personal and professional online usage patterns. Security restrictions on corporate devices The report combines a series of surveys conducted among nearly 1,500 employees amid the pandemic as many people were accelerating online usage due to remote work and stay-at-home orders.
Google Readies Redesigned Security Alerts for Google Accounts (SecurityWeek, Oct 08 2020)
Google this week revealed that it’s working on redesigning the security alerts for Google accounts and that it will make them available directly in the applications users are logged into.
NATO Chief Calls for New Strategy on Cyber, China (SecurityWeek, Oct 08 2020)
NATO needs a new strategic concept adjusted to the global rise of new technologies, terrorism and China to replace a plan developed a decade ago, the head of the alliance said on Wednesday.
Apple pays $288,000 to white-hat hackers who had run of company’s network (Ars Technica, Oct 08 2020)
Hacker team led by 20-year-old finds 55 vulnerabilities, 11 of them critical.
Emotet 101: How the Ransomware Works — and Why It’s So Darn Effective (Dark Reading, Oct 09 2020)
In recent weeks, Emotet has emerged as the most common form of ransomware. Managing the risk involves starts with understanding the way it works.
Nudging your employees towards better cyber hygiene (SC Media, Oct 04 2020)
It’s no coincidence that cybersecurity terminology borrows heavily from medicine: bugs, immunity, infections, and viruses. And, as we all know, based on the advice of washing our hands for the umpteenth time and singing “Happy Birthday” twice, prevention often works better than a cure.
John McAfee Indicted on Tax Charges (Dark Reading, Oct 05 2020)
The indictment alleging tax evasion and failure to file returns was unsealed after his arrest in Spain.
The CISO’s Guide to Third-Party Security Management (Help Net Security, Oct 05 2020)
…provides the instructions you need to make your organization’s third-party security program effective and scalable. In particular, it covers how to: Implement compensating internal controls when your suppliers don’t have or won’t reveal their own Collaborate with suppliers to ensure success in the remediation process Create KPIs to help manage, improve the process and demonstrate achievements…
UN Maritime Agency Hit by ‘Sophisticated Cyberattack’ (SecurityWeek, Oct 05 2020)
The United Nations’ International Maritime Organization (IMO) last week said some of its systems were disrupted as a result of a cyberattack.
Priorities and technologies defining the mainframe in the digital enterprise (Help Net Security, Oct 06 2020)
There’s an overwhelming support for mainstreaming the mainframe, new strategic priorities, and a resurgence of next generation mainframe talent, according to a BMC survey. The study queried over 1000 executives and practitioners on their priorities, challenges, and growth opportunities for the platform.
3 Ways Companies are Working on Security by Design (Dark Reading, Oct 07 2020)
Execs from top financial organizations and other companies share insights on building a security culture.
Boards Increase Investment in Cybersecurity in Face of Threats and Regulatory Fines (Infosecurity Magazine, Oct 08 2020)
Research by Thycotic found cybersecurity budgets are increasing
NYC demonstrates ‘gold standard’ in cyber resilience amid pandemic (SC Media, Oct 07 2020)
Because it was prepared, Cyber Command was able to essentially “move from a centralized SOC to a managed, distributed environment," said Quiessence Phillips, deputy CISO of the NYC Cyber Command
Why are certain employees more likely to comply with information security policies than others? (Help Net Security, Oct 08 2020)
Information security policies (ISP) that are not grounded in the realities of an employee’s work responsibilities and priorities expose organizations to higher risk for data breaches, according to a research from Binghamton University, State University of New York. The study’s findings, that subcultures within an organization influence whether employees violate ISP or not, have led researchers to recommend an overhaul of the design and implementation of ISP, and to work with employees to find…