A Review of the Best News of the Week on Cybersecurity Management & Strategy

DHS Says Voting Systems Not Compromised, Amid Departures at CISA (SecurityWeek, Nov 13 2020)
Two election committees of the U.S. Department of Homeland Security (DHS) issued a joint statement on Thursday saying there was no evidence of voting systems being compromised, noting that the recent election “was the most secure in American history.”

Zoom lied to users about end-to-end encryption for years, FTC says (Ars Technica, Nov 09 2020)
Democrats blast FTC/Zoom settlement because users won’t get compensation.

Greylock’s Asheem Chandna on ‘shifting left’ in cybersecurity and the future of enterprise startups (TechCrunch, Nov 11 2020)
Last week was a busy week, what with an election in Myanmar and all (well, and the United States, I guess). So perhaps you were glued to your TV or smartphone, and missed out on our conversation with Asheem Chandna, a long-time partner at Greylock who has invested in enterprise and cybersecurity startups for nearly…


Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras

Share today’s post on Twitter Facebook LinkedIn


New report quantifies losses for top 100 cyber incidents in past 5 years: $18 billion (SC Media, Nov 10 2020)
Cyentia Institute found that firms that bungle the incident response process show costs that are nearly 2.8 times larger than those without signs of poor response.

Ransomware Attack on Medical Billing Company (Infosecurity Magazine, Nov 11 2020)
Iowa medical billing company enhances cybersecurity after ransomware attack

New Zealand Election Fraud (Schneier on Security, Nov 13 2020)
It seems that this election season has not gone without fraud. In New Zealand, a vote for “Bird of the Year” has been marred by fraudulent votes:
More than 1,500 fraudulent votes were cast in the early hours of Monday in the country’s annual bird election, briefly pushing the Little-Spotted Kiwi to the top of the leaderboard, organizers and environmental organization Forest & Bird announced Tuesday.

What’s stopping job seekers from considering a career in cybersecurity? (Help Net Security, Nov 09 2020)
The cybersecurity industry no longer has an image problem, but many things are still stopping individuals from considering a career in cybersecurity: a high cost of entry (the need for more education /certification / technical knowledge / training), the inability to code and the perception of the field as too intimidating.

San Francisco Police Seek Cybercrime Victims (Infosecurity Magazine, Nov 06 2020)
Police ask underage victims of men charged with online stalking and exploitation to come forward

The Double-Edged Sword of Cybersecurity Insurance (Dark Reading, Nov 10 2020)
With ransomware on the rise, more organizations are opting to purchase cyber insurance — tipping off criminals about how much to demand for access back to pilfered systems and data.

2020 Was a Secure Election (Schneier on Security, Nov 10 2020)
What’s more, the voting itself was remarkably smooth. It was only a few months ago that professionals and analysts who monitor election administration were alarmed at how badly unprepared the country was for voting during a pandemic. Some of the primaries were disasters. There were not clear rules in many states for voting by mail or sufficient opportunities for voting early.

Stop thinking of cybersecurity as a problem: Think of it as a game (Help Net Security, Nov 11 2020)
COVID-19 changed the rules of the game virtually overnight. The news has covered the broader impacts of the pandemic, particularly the hit to our healthcare, the drops in our economy, and the changes in education.

Fifth of UK Firms Planning to Downsize Security Teams (Infosecurity Magazine, Nov 11 2020)
PwC report reveals UK organizations are lagging behind global rivals

‘Bad move, plain and simple’: Microsoft’s new bug reporting format draws criticism (SC Media, Nov 11 2020)
While a well-informed security professional might look at a bug entry in Microsoft’s revised approach and quickly understand how the standard-based table translates to overall risk assessment, not everyone in an organization is equipped to do so.

Hackers Steal 46 Million Records from Kids’ Game Developer (Infosecurity Magazine, Nov 12 2020)
Seven million parental emails stolen from Animal Jam creator WildWorks

Traditional endpoint security is dead. So what now? (SC Media, Nov 12 2020)
Join us for an event Nov. 18-19, where experts from the cybersecurity community, across sectors, will examine today’s endpoint security challenge. And the challenges are many.