Cyber Risk Governance Insights | January 15, 2024

Week in Headlines

PRO SERVICES - Breach Disclosed After Accountant Gets Phished

A phishing attack on Framework Computers' accounting service provider has led to a data breach. The attacker impersonated the CEO and tricked an accountant into sharing a spreadsheet containing customers’ personally identifiable information (PII) associated with outstanding balances for Framework purchases. The breach was discovered on January 11, 2024, and the company has notified affected individuals

RETAIL - Popular Site Probes Breach After Hacker Leaks Data

Halara , a popular online clothing store, is investigating a data breach after a hacker leaked the personal information of 950,000 customers. The leaked data includes names, phone numbers, and addresses of the customers. The company is urging its customers to be cautious of potential smishing attacks and the misuse of their information for fraudulent purposes.

ELECTIONS - Voter Data Leaks, Now Doubts Over '24 Presidential Election

Resecurity’s HUNTER investigators have found that Indonesia is increasingly being targeted by cyber-threat actors who have staged attacks that pose significant long-term risks to the integrity of the country’s elections. The leaked data includes personally identifying information (PII) of Indonesian voters obtained from various network intrusions, which could be exploited for targeted information warfare campaigns during the 2024 Indonesian election and beyond. One particularly alarming breach tracked by HUNTER analysts led to the leak of 6.8 million voter records related to the 2017 Jakarta gubernatorial election on the ‘eleakstore,’ and on the Hydra Market cybercriminal forums in TOR network.

JUDICIARY - State Court ID's Ransomware Group Behind Cyber Attack

Kansas Chief Justice Marla Luckert has confirmed that a Russia-based ransomware group was responsible for the cyber-attack that disrupted Kansas courts’ online access for months in 2023. The group demanded a ransom, which the state refused to pay. Since then, the state has implemented new protections and measures to limit damage in case of another penetration.

HEALTHCARE - Provider Suffers Data Breach of PHI from 80,000 Patients

HMG Healthcare , a Texas-based healthcare services provider, recently confirmed that up to 80,000 individuals had their protected health information exposed and potentially stolen in a cyberattack that was detected in November 2023. The files that were removed from its network likely contained information such as names, dates of birth, contact information, general health information, medical treatment information, Social Security numbers, and/or employment records. The exact nature of the attack was not disclosed, but it is believed that the hackers gained access to an HMG Healthcare server and stole unencrypted files.

INSIGHTS & EXPERT PERSPECTIVES

RISK MANAGEMENT - Cyber Risks to DIB Supply Chain ‘Substantially Worse’

A new report by RAND Corp . finds that cybersecurity and supply chain risk management (SCRM) are in many instances at odds with each other, and simply adding those together can lead to an increase in cyberattacks.

Researchers compared cyber-related risks against conventional hazards that standard SCRM tends to address, including weather-related events, health-related risks, and kinetic risks, where people physically infiltrate production sites.

They found that the damage cyberattacks can inflict on supply chains is significantly worse than and different from the damage conventional hazards present to defense industrial products.

The report provides recommendations on how to have a comprehensive approach when addressing the needs of cybersecurity and SCRM together.

INSIGHTS: The recommendations from RAND are important, but there are other steps organizations can take immediately to help in their security posture without a heavy lift of some of RAND's recommendations.

?We'd suggest the following in addition to RAND.? Some of these include:

1. Encrypt Sensitive Data: This will protect data from unauthorized access.
2. Implement MFA: This prevents unauthorized access to your systems.
3. Conduct Security Assessments: You need to identify vulnerabilities in your systems and networks.
4. Update Software: Ensure recent security patches and updates are installed.
5. Regularly Backup: If you back up your data regularly, you'll be less likely to have to pay a ransom.

These are simple and less expensive steps you can take to elevate your cyber risk posture.

The Security Assessments are best when performed by a 3rd Party to ensure you have objective and unbiased guidance from the information in the final strategic report.

REMEMBER - cybersecurity is an ongoing process, and organizations must remain vigilant and adapt.

COMPLIANCE - Critical Conversation on Board Liability and Cybersecurity Strategy

Dive into the heart of cybersecurity accountability with our recent webinar, where industry experts J.P. Wilson and Stanley Li shed light on the groundbreaking SEC Cyber Rule . This engaging and thought-provoking discussion explores the seismic shift in board and executive responsibility, transcending the conventional boundaries of cybersecurity measures. ?

The recent SEC cyber rule has ushered in a new era of accountability for board members and C-suite executives. No longer can they delegate cybersecurity responsibility; personal liability looms if adequate measures are not taken. The landscape has shifted, making cyber resilience a core aspect of fiduciary duty. This shift necessitates a proactive approach, going beyond industry standards and embracing a comprehensive cybersecurity strategy.

Key Highlights:

1. Personal Liability in the Cyber Age
2. Beyond Delegation: The New Era of Cyber Resilience
3. Third-Party Risk and Continuous Adaptation

WATCH / LISTEN HERE

INSIGHTS: There is an urgency that you must understand and take action for your company to elevate your cybersecurity awareness.?

You must move beyond minimum compliance requirements and actively contribute to the overall resilience of your company and industry.

If you are a nth party supplier to anyone who has an SEC entity as a customer, you are obligated to have an information security policy and practices documented and have appropriate cybersecurity in your company.

Here are some immediate action items for you to consider after watching or listening to the webinar.

1. Board and Executive Involvement: The days of delegating cybersecurity entirely are over. Boards and C-suite executives must actively engage in understanding cyber risks, making it a part of their fiduciary responsibility. They need to embrace a logical approach to cybersecurity, ensuring that the organization is laser-focused, effective, and efficient in its actions.
2. Third-Party Risk Management: With supply chain attacks becoming more prevalent, organizations need to extend their cybersecurity oversight to third-party vendors and service providers. The SEC may seek information about the cybersecurity measures of third parties connected to the organization. Relying solely on the financial strength of a global consulting firm is no longer sufficient; independent assessments are crucial.
3. Continuous Improvement and Adaptation: Cybersecurity measures that had been considered best practices in the past may no longer be effective. Boards and executives need to ensure continuous improvement and adaptation in their cybersecurity measures. Demonstrating year-on-year improvement is essential in facing regulatory scrutiny, and organizations should be prepared to answer the question: "What are you doing now that's better than before?"

These action items underscore the urgency for organizations to elevate their cybersecurity awareness, move beyond minimum compliance requirements, and actively contribute to the overall resilience of their industry.

Ways We Can Help You

Elevate Your Cyber Risk Cognizance

Get a Fast and Comprehensive Risk Assessment

Our fully automated Security And Risk Assessment (SARA) performs as an auditor to provide an unbiased audit of your technical and risk controls.

• Identify Gaps
• Reorient Resources
• Prioritized For Network

Contact Netswitch for more info.

Attend a LinkedIn Live Event

We host regular LinkedIn Live Events to provide insights to elevate your cognizance.

Our intent is to facilitate communication and collaboration among stakeholders - Business Executives, Technologists, and Governors – to achieve alignment of technical controls to meet GRC objectives and improve processes to meet both.

Keep up to date about future events by following Netswitch.

https://www.dhirubhai.net/company/netswitch-technology-management/events/

Signup for Our "Quick Start" Pilot Program

• Reduce Control Misalignment
• Meet GRC Requirements
• Improve Cyber Resilience

Know your risk level in cybersecurity and governance at NO COST.

To find out more just contact Netswitch on LinkedIn for more info. and we'll get a Demo Scheduled.

Join Our CyberRisk Governance Group

Consider joining risk professional peers in the fast-growing LinkedIn group specifically about CyberRisk Governance.

The aim of the group is to help technologists, risk & compliance managers, and business leaders better manage their CyberRisk.

Would you like to join us?

Here's the link: https://www.dhirubhai.net/groups/13991569

DISCLAIMER: Any articles, information, or links are provided by Netswitch for reference only. While we strive to keep the information and links correct and safe, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, or related graphics contained on the destination website. Any reliance you place on such information is therefore strictly at your own risk.