Cyber Resilience: Thriving in the Face of Inevitable Attacks

...And 12 Cybersecurity Posts from around LinkedIn

In this Issue

Foreword | 12 Posts on Cyber |?Featured Leader | From Cyngular's Founder | Afterword

Foreword

We're excited to share 12 more posts about cybersecurity from across LinkedIn. Useful content this week includes an article discussing forensic cyber psychology, a mindmap for conducting network attacks, and cloud security best practices.

We highlight a Featured Leader again this week.

Finally, a piece from the founder of Cyngular Security that touches on the negatives of powering our cloud environments with outdated agent-based EDR solutions.

We're happy to send out our twenty-first issue, written to deliver the most valuable and digestible content.

We welcome all feedback, submissions, and input from our readers. If you have questions, submissions, or concerns, contact Rebecca Fera .

12 Posts on Cyber

Useful LinkedIn Posts This Week in Cybersecurity

Aryaa Mathur outlined a useful guide called, "The Purple Book on Cybersecurity"

Ben Tagoe detailed the importance of incident response based on the recent CrowdStrike event

A breakdown of the importance of transparency in cybersecurity was shared by Dr. Erdal Ozkaya

An article discussing forensic cyber psychology was written and shared by Marshall S. Rich

G M Faruk Ahmed, CISSP, CISA compiled a useful list of 100 free security tools

An ISMS implementation checklist for ISO 27001:2022 was detailed by Andrey Prozorov

A mindmap for conducting network attacks was highlighted by ümit Yal??n

Staying ahead in cybersecurity with the ultimate search engine is explained by Hakan Karatash

Cloud security best practices were broken down by Han?m Eken

A popular post by Jason Makevich, CISSP discusses the urgency around AI-powered cyberattacks

Alexandre Borges dove into TUDOOR attacks, exploring logic vulnerabilities in DNS response pre-processing

ABDELRAHIM AQQAD, M.Sc., CIA, CISA, CRISC, CGMA, ACCA DipIFR, PMI-RMP, CSSGB shared his latest article called, "Case Studies in Cybersecurity Breaches and Hacking Attacks: A Guide for Internal Auditors"

Featured Leader

Don Cox

With over 20 years of experience in cybersecurity and IT service management, this week we feature Don Cox - MBA, CISM who is the CISO and VP ITSM at American Public Education, Inc. (APEI) , a leading online education provider. Don is currently responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected and for providing the best-in-class IT service management experience across the organization.

Don's robust foundation in IT comes from 6 years and over 300 investigations as a high-tech crime investigator and computer forensic specialist, working collaboratively with federal agencies on cybercrime matters. As a CISM, PMP, QTE, and CIO-certified professional, Don is known to possess a track record of strategic success and business acumen that adds financial and brand value. Don has also led digital transformation and innovation initiatives, improved compliance programs and risk management, and advised top leadership on emerging technologies and digital trends. As a leader and mentor known for unwavering positivity, growth mindset, and servant leadership, Don is well-respected within his field. Aside from his current responsibilities, Don is also passionate about generative AI and its applications and implications for the future of online search, ethics, and accountability.

From Cyngular's Founder

Israel - October 7th - What Does It Have to Do with #Cyber #IncidentResponse?

The brutal attack on Israeli villages serves as a stark reminder: even with robust security measures in place, complacency can be devastating. Despite having fortified fences, military bases, scouts, and advanced alert systems, the unthinkable happened.

The misconception was that an attack might occur but was unlikely. Thus, even though many villages had local defense platoons, they were either unarmed or inadequately supplied with ammunition. In contrast, those prepared with trained, armed, and well-equipped platoons faced far fewer consequences.

The SWAT teams and military units that eventually arrived to salvage them were inferior to the situation as they had no intelligence regarding the houses and places where the terrorists were hiding or about the hostages that were killed or kidnapped. Although they eventually overcame the devastating situation, the consequences were insurmountable. More than 1,200 people were killed, including over 300 soldiers who were killed while intervening. Houses were burned, and 250 citizens were kidnapped.

Now, what does all of this have to do with cyber?

When a cyberattack strikes, you can either be overwhelmed and inferior to the situation, paying an enormous price, or you can shine. It all depends on your state of mind and preparedness. It's agreed that cyberattacks are not a question of if, but when. Thus, preparation should start yesterday.

So, what does 'preparedness' mean?

Preparedness encompasses a lot of maintained routines. It starts with a state of mind that you are constantly under attack and that a threat actor has already infiltrated your environment. It continues with full situational awareness regarding your operational situation, proactively hunting for these threats to uncover them, rapidly investigating every suspicious activity or alert you might observe, getting fast insights about it, and if it's a threat, responding to it effectively.

Maintaining such a routine within your organization will dramatically reduce the probability that you will have to deal with your own cyber "October 7th", like we did in Israel.

This issue becomes even more crucial when dealing with #cloud computing, mainly because of the nature of the cloud and the way it works, which is totally different from the known on-prem environment. Maintaining preparedness in the cloud requires a different approach, adequate technologies, and a different skill set at your SOC.

A few questions:

Are you using adequate technologies, people, and supportive processes to meet the goals mentioned above?

Can you promptly ensure that there is no nesting threat in your cloud environment?

Can you positively ensure that you are in full #situationalawareness?

If you scratched your head trying to think of how to answer these questions, Cyngular Security’s #THIRDhub platform might be the answer you are looking for.

Visit Our Website to See the Solution

Afterword

That's all for this week's newsletter. Our next issue will include another piece from Cyngular's Founder, a Featured Leader, and a new batch of 12 useful posts. Connect with us if you have anything to submit for our next issue or want to know more about Cyngular.

Notice:

The posts in this issue reflect the views only of the individual LinkedIn users and do not reflect the views of Cyngular Security, its employees, or any other entities. The links shared in this issue were written by LinkedIn users and do not constitute an endorsement of Cyngular Security, any other entities, or this newsletter by those users, entities, or the "Featured Leader."

Reach out to Rebecca Fera if you have any concerns about CISO Signal.