A Review of the Best News of the Week on Cybersecurity Management & Strategy
Trump Fires Security Chief Christopher Krebs (Krebs on Security, Nov 18 2020)
President Trump on Tuesday fired his top election security official Christopher Krebs (no relation). The dismissal came via Twitter two weeks to the day after Trump lost an election he baselessly claims was stolen by widespread voting fraud.
Peiter ‘Mudge’ Zatko Named Head of Security at Twitter (SecurityWeek, Nov 17 2020)
Social media giant Twitter has appointed security expert Peiter Zatko as its head of security.
Verizon Releases First Cyber-Espionage Report (Infosecurity Magazine, Nov 17 2020)
US telecommunications giant publishes first data-driven report on advanced cyber-spying
Filter Out the Noise
Since I started this curated newsletter in June 2017, I’ve clipped ~17,000 articles and narrowed them down into the best 20 per day & best 15 per week. This is my favorite way to cut through all the security marketing and hype. If you’re enjoying it, tell a friend. If you hate it, tell an enemy.
Thanks! – Lucas Samaras
UK Firms Least Likely to Pay Ransom Globally (Infosecurity Magazine, Nov 17 2020)
CrowdStrike data reveals 39% have been hit over past year
FireEye Predicts Ransomware Will Evolve and Expand in 2021 (SecurityWeek, Nov 17 2020)
FireEye Mandiant has delivered its cyber landscape predictions for the coming year, including growing and affiliate-supported espionage, increased targeting of OT by ransomware, and continued targeting of healthcare.
‘We can’t do this every four years’: Critical infrastructure rattled by Krebs DHS departure (SC Media, Nov 18 2020)
Though most agree that career employees at CISA will continue what Krebs started, lack of leadership creates an uncertain limbo for private sector partners.
Industry Reactions to Trump Firing CISA Director Chris Krebs: Feedback Friday (SecurityWeek, Nov 20 2020)
U.S. President Donald Trump this week fired Christopher Krebs, the director of the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), after he refuted claims of electoral fraud and vouched for the integrity of the recent presidential election.
Managing risk remains a significant challenge (Help Net Security, Nov 16 2020)
While COVID-19 has created new concerns and deepened traditional challenges for IT, organizations with complete insight and governance of their technology ecosystem are better positioned to achieve their priorities, a Snow Software survey of 1,000 IT leaders and 3,000 workers in the United States, United Kingdom, Germany and Australia reveals.
Ticketmaster Fined £1.25m Over Data Breach (Infosecurity Magazine, Nov 13 2020)
ICO fines British ticketing company £1.25m for failing to protect customers’ payment details
US gov’s CISO takes leave to help Trump search for election fraud (Ars Technica, Nov 16 2020)
“Voter Integrity Fund” seeks evidence to back up Trump’s baseless fraud claims.
Accept your IT security limits and call in the experts (Help Net Security, Nov 17 2020)
“In terms of defensive tactics, the first two months of the pandemic shifted the previous network-centric thinking to endpoint and remote access. Many firms lacking endpoint detection and response or endpoint protection (next-gen AV) sought to roll out these services across their distributed organization. They also focused on IAM and VPN or SDP services,” Mark Sangster, VP and Industry Security Strategist at eSentire, told Help Net Security.
New manifesto offers CISOs an agile guide to threat modeling (SC Media, Nov 17 2020)
At the core of the document is this message: a threat model that can’t be understood outside of the security team doesn’t make any company safer.
Researchers Say They’ve Developed Fastest Open Source IDS/IPS (Dark Reading, Nov 18 2020)
With a five-processor core, “Pigasus” delivers the same performance as a system with between 100 and 700 cores, according to a team from Carnegie Mellon University’s CyLab.
Vulnerability Prioritization Tops Security Pros’ Challenges (Dark Reading, Nov 17 2020)
Why vulnerability prioritization has become a top challenge for security professionals and how security and development teams can get it right.
How do I select a security assessment solution for my business? (Help Net Security, Nov 18 2020)
A recent research shows high-risk vulnerabilities at 84% of companies across finance, manufacturing, IT, retail, government, telecoms and advertising. One or more hosts with a high-risk vulnerability having a publicly available exploit are present at 58% of companies. Publicly available exploits exist for 10% of the vulnerabilities found, which means attackers can exploit them even if they don’t have professional programming skills or experience in reverse engineering.
CISOs say a distributed workforce has critically increased security concerns (Help Net Security, Nov 18 2020)
73% of security and IT executives are concerned about new vulnerabilities and risks introduced by the distributed workforce, Skybox Security reveals. The report also uncovered an alarming disconnect between confidence in security posture and increased cyberattacks during the global pandemic.
Cybercrime to Drain $44bn from Russian Economy in 2020 (Infosecurity Magazine, Nov 17 2020)
State-owned Russian bank expects Russian economy to lose $44bn to cybercrime this year
Michael Ellis as NSA General Counsel (Schneier on Security, Nov 18 2020)
Over at Lawfare, Susan Hennessey has an excellent primer on how Trump loyalist Michael Ellis got to be the NSA General Counsel, over the objections of NSA Director Paul Nakasone, and what Biden can and should do about it.
56% of organizations faced a ransomware attack, many paid the ransom (Help Net Security, Nov 20 2020)
There’s a continued proliferation of ransomware, heightened concerns around nation-state actors, and the need for acceleration of both digital and security transformation, a CrowdStrike survey reveals. Proliferation of ransomware leads to more frequent payouts, costing millions Survey data indicates ransomware attacks have proven to be especially effective, as 56% of organizations surveyed have suffered a ransomware attack in the last year.