Cyber Risk Governance Insights | September 23, 2024

WEEK IN HEADLINES

CRITICAL INFRASTRUCTURE - Workers Offered Dream Jobs

North Korean cyberespionage group UNC2970 has been using fake job offers to lure employees in critical infrastructure sectors. The goal is to deliver malware and gain access to sensitive systems, posing significant risks to national security.

INSIGHT:?The most cost-effective way to protect your organization from cyber threats is through Security Awareness Education (SAE). Educating employees about cyber risks, similar to workplace safety hazards, reduces their likelihood of becoming a digital risk.

NATIONAL SECURITY - Country Warns Citizens Amid Rising Tensions

China has urged its citizens to be vigilant against cyberattacks allegedly originating from Taiwan. This call to action comes amid increasing geopolitical tensions between the two regions. The Chinese government emphasizes the importance of cybersecurity awareness and proactive measures to safeguard personal and national data.

INSIGHT: By implementing Zero Trust Architecture (ZTA) you could significantly enhance your security threats like these, and while ZTA can be a large undertaking, involving substantial resources; the benefits would create a more resilient defense against unauthorized access and lateral movement within the network.

CONSTRUCTION - Firms Exposed to Threat From Industry Software

A significant vulnerability in Foundation Software ’s accounting platform has put numerous construction firms at risk. The flaw allows attackers to exploit the system, potentially leading to data breaches and financial losses. Immediate action is required to patch the software and secure sensitive information.

INSIGHT: First of all, install the patches that were released. Now, while this is a Software Security issue and the responsibility of the developer through better security audits of itself, there are things you can do to reduce your risk from this and other software you rely upon - has your organization done a Business Impact Analysis (BIA)?? Does it have a Incident Response (IR) Plan?? Have you tested your backups and Continuity Plans?? If not, consider doing so, these are things that should be done and can be without a lot of outside consulting, as you are the experts of your organization and how it operates.

EDUCATION - Calculators Needed to Add Up Skyrocketing Costs of Ransomware

A recent report finds a rapidly rising cost associated with ransomware attacks for educational institutions. The average expense of addressing these attacks has surged, emphasizing the need for robust cybersecurity measures in schools to protect sensitive data and minimize financial losses.

INSIGHT: Have a better backup plan.? Regularly backing up data and storing it offline, you can ensure you have secure copies of your data. This allows for quick recovery in the event of a ransomware attack, without needing to pay a ransom, thereby minimizing financial and operational impacts.? Get back to work, and deal with the theft later.

SOCIAL MEDIA - Grieving Families Exploited Via Facebook

Scammers are creating fake Facebook groups that offer live streaming of funeral services, tricking grieving families and friends into providing credit card information. These fraudulent groups exploit the emotional vulnerability of users, highlighting the need for stronger security measures on social media platforms.

INSIGHT: For users, a reminder… Not everything on the interweb is real or true.? As for FB, improve you verification of group admins, FB can also review sensitive content more thoroughly, and improve user reporting tools.

GOOD NEWS - ‘Ghost’ Encrypted Messaging Platform Shutdown

Europol, in collaboration with law enforcement from nine countries, successfully dismantled the “Ghost” encrypted messaging platform, which was widely used by organized crime groups for activities such as drug trafficking and money laundering. This takedown marks a significant victory in the fight against cybercrime and organized criminal networks.

?

INSIGHTS & EXPERT PERSPECTIVES

The Cyber Resilience Blueprint: 5 Lessons Shared

Stanley Li and Sean Mahoney were recently privileged to have hosted Steven-Paul Walker MBA, CISA, CGEIT, CICA to discuss how the recent Patelco Credit Union cyber-attack provides lessons for other financial institutions and how they can extract crucial lessons to fortify your organization's cyber resilience.?

Drawing from his extensive background in operational risk, internal controls, and payment system platforms, Steve provided actionable insights for financial institutions of all sizes.? He also shared his expertise on cyber resilience in the financial services industry. The conversation covered the importance of business impact analysis, risk assessment, and the challenges of justifying cybersecurity investments to C-suite executives and board members. Walker emphasized the need for formalization in risk management processes and highlights the benefits of the OCC's regulatory approach for credit unions. The discussion also touched on emerging technologies and their potential impact on financial institutions' risk profiles and profitability.?

Takeaways:

1. Business Impact Analysis: Preparing a BIA is crucial for prioritizing risks and informing disaster recovery strategies. It should be a living document that considers the entire enterprise and helps determine which services are mission-critical.
2. Formalized Risk Management Processes: When included with enterprise risk management and audit controls, they can positively impact an institution's risk profile and appetite for risk, ultimately benefiting the bottom line.

1. Education: Informing C-suite executives and board members about the long-term benefits of investing in cybersecurity and emerging technologies is challenging but essential for maintaining a strong security posture and competitive edge.?

If your interested accessing more insights to elevate your cyber resilience, please join the Cyber Risk Governance Community

Risk Management - REDUCTION

CISA: Infrastructure Plagued by Low Hanging Fruit Vulnerabilities

A recent Cybersecurity and Infrastructure Security Agency (CISA) report reveals that critical infrastructure sectors are plagued by basic cybersecurity lapses, such as phishing and default passwords. These vulnerabilities make it easy for threat actors, including those linked to China, to infiltrate networks. The report emphasizes the urgent need for improved cybersecurity practices to protect vital systems.

The report find common cybersecurity lapses, such as phishing and the use of default passwords, have left critical infrastructure sectors vulnerable to attacks by global threat actors.

Key Highlights:

Sector-Wide Trends: similar weaknesses are prevalent across various critical infrastructure sectors, suggesting a need for industry-wide improvements in cybersecurity practices.

Common Vulnerabilities: many critical infrastructure sectors share common vulnerabilities, such as phishing, valid accounts, and default credentials.

Attack Path Analysis: CISA provides a detailed analysis of a sample attack path, showing how cyber threat actors can exploit these vulnerabilities to compromise systems.

Mitigation Recommendations: The report emphasizes the importance of implementing secure-by-design principles and addressing misconfigurations to enhance security.

Actionable Remediation: CISA offers prioritized remediation recommendations based on the risk of compromise, helping organizations to focus on the most critical vulnerabilities.

INSIGHT: Focus on the following, so any organizations - even yours - can significantly bolster your cybersecurity defenses.

• Implement Strong Password Policies: Enforce complex password requirements. Regularly update passwords Eliminate the use of default passwords.
• Enhance Phishing Defenses: Provide regular training to employees on recognizing phishing attempts. Implement email filtering and anti-phishing technologies.
• Adopt Secure-by-Design Principles: Integrate security into the design and development of systems and applications. Ensure proper configuration and hardening of systems.

By focusing on these three actions, you can significantly improve your cybersecurity defenses and your overall cyber resilience, making you a better company and safer vendor and/or customer.

Netswitch Sharpen Your Cyber Edge with Netswitch

Master Compliance & Minimize Risks:

1. Independent Security Audit: Identify network risks with our automated Security And Risk Assessment (SARA) . Get a clear picture, prioritize improvements, and optimize resource allocation. Contact Netswitch.
2. Free "Quick Start" Program: Gain a free cyber risk and governance health check. Enroll now and start building resilience.

Deepen Your Knowledge:

• Join Our LinkedIn Group: Collaborate with industry leaders in the CyberRisk Governance Community on LinkedIn. Share insights and stay ahead of the curve.
• Live Events: Participate in interactive LinkedIn Live sessions . Explore cyber risk topics with executives, technologists, and governance professionals.

Don't wait.

Contact Netswitch Technology Management today to take control of your cyber risk.

?Disclaimer: The information and links provided in this newsletter are for informational purposes only. Netswitch does not warrant the accuracy or completeness of such information and is not liable for any damages arising from its use.