Is your company’s cybersecurity policy as effective as it should be amid these tumultuous times? And if you’re not an employee but the owner of a small business – typically someone with much less sophisticated cybersecurity protection – how does your online security stack up? The answer: Cybersecurity has improved, but markedly more has to be done to secure networks in 2021, the second year of the pandemic, as the number of cyberattacks has become staggering.
CISA has released Emergency Directive (ED) 21-01 Supplemental Guidance version 3: Mitigate SolarWinds Orion Code Compromise, providing guidance that supersedes Required Action 4 of ED 21-01 and Supplemental Guidance versions 1 and 2.
The U.S. Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), NASCAR, the Daytona International Speedway, state and local first responders, law enforcement officials, and local businesses held a tabletop exercise today to test response plans around hypothetical public safety incidents on the day of the DAYTONA 500.
As we look ahead to 2021 and to defending against an ever-evolving variety of exploits and attacks, it’s important to consider the cybersecurity attack vectors that will be most prevalent in the upcoming year.
Fortified Health Security, Healthcare’s Cybersecurity Partner released the 2021 Horizon Report, which details findings that illustrate how, as healthcare organizations continue to respond to the pandemic, cybercriminals have continued to persist in their attacks on providers, health plans and business associates – compromising sensitive patient data while impacting the delivery of care to patients.
Synopsys, Inc.'s The Cost of Poor Software Quality In the US: A 2020 Report's findings reflect that the cost of poor software quality (CPSQ) in the US in 2020 was approximately $2.08 trillion. This includes poor software quality resulting from software failures, unsuccessful development projects, legacy system problems, technical debt and cybercrime enabled by exploitable weaknesses and vulnerabilities in software.
The National Security Agency released a cybersecurity product detailing how to detect and fix out-of-date encryption protocol implementations. Networks and systems that use deprecated forms of Transport Layer Security (TLS) or Secure Sockets Layer (SSL) for traffic sessions are at risk of sensitive data exposure and decryption.
Michael Oberlaender has had cybersecurity leadership positions and CSO/CISO titles at enterprises around the world. He’s recovered companies from data breaches, built cyber-hardening strategies and policies, implemented cybersecurity budgets, forged relationships and communications with the C-suite, analyzed risks, and dealt with privacy laws around the world.
FBI, ODNI, CISA & NSA issued a joint statement saying their investigation indicates an APT actor "likely Russian in origin, is responsible for most or all of the recently discovered, ongoing cyber compromises of both government and non-governmental networks."
As global tensions continue to escalate, the Internet may find itself used as a weapon, something we are already starting to see happen, by nations attempting to exert their influence and enforce greater internal control over digital commerce and communication. Nations must recognize the threat of escalation beyond the point of no return and take steps to ensure that the interconnectivity of the open Internet remains intact long-term. This will prevent a “cyber dark age” in which governments implement national Internet protocols and stop the free flow of data across borders.
RSS
