CyAN Cyber News Roundup - Long Version

[First off, apologies for the delay in publishing this... what can I say, it was a birthday weekend!]

That said, there was another interesting selection of cyber news in this week’s roundup,?once again collated by Jana Jakubovská and John Salomon of the Cybersecurity Advisors Network (CyAN) .

They all got me thinking; in particular…

Part 1 (Cybersecurity News) -

1. ‘Western Sydney University breach tied to Office 365 environment compromise ’ [SC Media ]

The breach at Western Sydney University, linked to a compromise in its Office 365 environment, underscores the importance of robust cyber security measures in safeguarding organisational data. This incident is (another!) reminder of the ongoing, ever-present imperative for organisations to prioritise security protocols and regularly assess and update their systems to prevent unauthorised access and data breaches.

Which leads us to…

2. Google Urges Feds to Ditch Microsoft Over Security Concerns? [Chris Riotta , Information Security Media Group (ISMG) ]

In a bold move, Google is urging U.S. federal agencies to switch from Microsoft to its own cloud services, citing serious security concerns. This comes after multiple high-profile breaches and vulnerabilities in Microsoft products, raising questions about the security posture of widely-used platforms. For cybersecurity professionals, this development underscores the critical need to continually evaluate and diversify technology stacks to mitigate potential risks.?

All good points, however, we should also note that…

3. Google Discovers Fourth Zero-Day in Less Than a Month [Dark Reading ]

Further to that, Google released a zero-day patch fix (the fourth in the past two weeks) on May 27th.? Pot. Kettle. Cyber. Sigh.

3. Optus loses bid to hide Deloitte report on data breach [Jeremy Nadel iTnews ]

Optus has lost its bid to keep a Deloitte report on its massive data breach confidential, raising some fairly significant transparency and accountability issues. This decision emphasises the critical importance of openness and thorough investigation in the aftermath of cyber incidents. For cybersecurity professionals, it serves as a reminder of the legal and reputational implications of data breaches and the necessity of robust incident response and reporting protocols.?

Strong governance and compliance frameworks are crucial for all organisations, from large enterprises to SMEs. Transparency and accountability are key to rebuilding trust and ensuring that all stakeholders understand the impact of a breach, reinforcing the need for all businesses to prioritise data privacy, security, and governance.

In Part 2 (Analysis & Trends) -

1. 6 Facts About How Interpol Fights Cybercrime [Dark Reading ]

Interpol's fight against cybercrime highlights five key strategies: global coordination, capacity building, cyber threat intelligence sharing, operational support, and public-private partnerships. Their approach demonstrates the importance of international collaboration and resource sharing in effectively combating cyber threats - particularly across multiple jurisdictions.

2. The modern CISO: Scapegoat or value creator? [Gaurav Banga /Balbix , VentureBeat ]

The role of the modern CISO has evolved well beyond just defending organisations against threats. They are responsible not only for successfully defending their organisations against threats but also for providing proof of their efficacy to the board and reporting it to regulatory bodies such as the SEC in the United States, APRA in Australia and the FCA in the UK. This dual responsibility underscores the importance of robust governance and compliance reporting frameworks and tools.

Effective governance and compliance reporting are crucial for demonstrating a CISO’s value to the organization. Business owners and leaders need to make it clear that they expect their CISOs to implement and maintain these robust reporting protocols. By ensuring this clarity, CISOs can guarantee their efforts are visible and quantifiable. This not only builds trust with the board and regulatory bodies but also reinforces the organisation's commitment to data privacy and security. As the landscape of cyber threats continues to evolve, the need for robust governance and compliance measures becomes increasingly vital in supporting the strategic goals of the organization.

What about you; what grabbed you? Would love to know your thoughts!

Did we miss anything cyber that got you thinking or talking this week??

Is there something you would like to see more of??

If so feel free to let me know - or reach out to Cybersecurity Advisors Network (CyAN) directly!?

#ciso?#cso?#cto?#cio?#ceo?#compliance?#cyber #CyberAwareness #cyberdefence?#cybernews?#cyberresilience??#cybersecurity #CybersecurityCommunity ?#cybercrime?#cyberrisks?#cyberthreats?#cyberresilience?#cyberattacks?#cyberaware?#CyberRiskManagement?#cybersecurityawareness?#cyberdefense?#Data #datacompliance #DataEthics?#datagovernance?#datasovereignty?#DataPrivacy?#dataprotection #DigitalLives #DigitalPrivacy #DMaaS #Empowerment ?#Governance?#informationsecurity?#infosec?#MyDataMyChoice #Microsoft #network #OnlineSecurity?#privacy #PrivacyAwareness ?#PrivacyMatters #PrivacyRights #RecallFeature ?#safety?#security?#tech #Transparency?#womenintech?#womenincybersecurity #WomenIntoCybersecurity? Cybersecurity Advisors Network (CyAN) Women in AI Women In Technology (WIT)