Cyber Risk Insights Governance | April 1, 2024

TECHNOLOGY - Over 5,000 Coerced into Cyber Scams

More than 5,000 Indian nationals are trapped in Cambodia, forced to participate in online scams targeting people in India. These “cyber slaves” have amassed a staggering Rs 500 crore over the past six months. Joint efforts by Indian and Cambodian authorities aim to rescue and repatriate these victims.

MIDDLE EAST - Advanced Cyber Threats Target 2 Countries

Over the past two years, 16 advanced persistent threat (APT) groups have relentlessly attacked government agencies, manufacturing firms, and the energy industry in the Middle East. Saudi Arabia and the United Arab Emirates are the primary targets, with well-known groups like Oilrig and Molerats, as well as lesser-known entities, orchestrating cyberattacks. The aim? To gain information that provides political, economic, and military advantages to their state sponsors.

INSURANCE - MSPs Seek Cyber Insurance Inclusion

Managed Service Providers (MSPs) have long been overlooked in the cyber insurance landscape. Despite their critical role in safeguarding businesses, they often lack tailored coverage. As cyber threats escalate, MSPs are advocating for comprehensive insurance solutions that recognize their unique risks and contributions to cybersecurity.

TELECOM - Data Breach Requires Millions to Reset Passcodes

AT&T (T ) acknowledges a data leak affecting over 73 million users (7.6 million current customers and 65 million former customers.) The leaked information includes full names, email addresses, social security numbers, and passcodes. The company has taken steps to reset security passcodes for affected customers. The trove of user data was found on the Dark Web and appears to be data from a 2019 data breach identified in 2021. ?AT&T has already taken steps to reset the passcodes of current users and is communicating with affected account holders.

HEALTHCARE - 1 Month Later, Change Attack Continues, Sensitive Data Stolen

UnitedHealth Group (UNH ) acknowledges a significant data breach affecting its Change Healthcare unit . Sensitive personal, financial, and health information is potentially compromised. The U.S. Department of State offers a $10 million reward to track down the BlackCat/Alphv group behind the attack. UnitedHealth is diligently reviewing affected data, prioritizing health information, claims, and eligibility details. The scope of the breach is still under investigation, but no evidence of data publication on the dark web has been found.

GOVERNMENT - Blame Assigned for Parliament Cyber Attack

The Police of Finland formally blames APT31 (believed to be a Chinese hacking group) for orchestrating a cyber-attack on the country’s Parliament in 2020. The intrusion occurred between fall 2020 and early 2021, involving a complex criminal infrastructure. APT31, also known as Altaire, has been active since at least 2010 and faces international scrutiny for cyber espionage campaigns. The breach highlights the ongoing battle against state-backed cyber threats.

INSIGHTS & EXPERT PERSPECTIVES

COMPLIANCE - Navigating the Next Phase of Cybersecurity Maturity Certification

The Cybersecurity Maturity Model Certification (CMMC) , a vital program within the Department of Defense (DoD), is evolving. As you prepare for CMMC 2.0, your organization must embrace a proactive mindset to enhance your cyber defenses. Consider these key insights:

Credential Management: NIST SP 800-171 Rev.3 emphasizes robust credential management. DoD vendors must verify passwords against common lists, enable password encryption, and enforce complex rules. Strengthening password practices is crucial for security.

Zero Trust: Every DoD member, including contractors, should adopt a zero-trust mindset. This approach prioritizes verification over blind trust. Companies and individuals must take ownership of data security, safeguarding sensitive information.

Beyond CMMC: While CMMC ensures basic cyber hygiene, organizations should go further. Securing passwords before they hit the dark web is essential.

A zero-trust culture extends vigilance beyond compliance.

A concern among many is that CMMC’s focus on certification may lead to a checkbox mentality. There are also concerns among the Level 1 pool of vendors and the self-attestation - will executives clearly understand to what they are attesting?

A holistic third-party audit can provide valuable insights for executives to understand how the investments made in cyber risk management clearly align with business objectives and provide an acceptable ROI, and not just compliance with a checklist of items.

Organizations should prioritize continuous improvement and adaptability. Rigidity in compliance frameworks can hinder agility and innovation. The journey from point A (compliance) to point B (resilience), you ought to seek a balance with a dynamic, forward-thinking approach to cyber risk management.

RESILIENCE - Empower Leaders to Achieve Robust Cybersecurity

The article, “Six Steps To Help Leaders Achieve A Good Standard Of Cybersecurity ,” provides a comprehensive guide for leaders to enhance their cybersecurity standards. The author emphasizes the importance of adopting a ready-made framework of security controls and regularly assessing information risk. The article also presents a case study of how organizations can improve their defenses against a broad range of threats while aligning their security strategy with their business strategy.

Highlights:

Adopt a Framework: Adopting a ready-made framework of security controls, such as the NIST SP 800-53B, the ISO/IEC 27002:2022, can help you find risks, see gaps in existing controls and processes, and provide assurance to all stakeholders. This is especially important for non-technical executives and the board.

Risk Assessments: Performing information risk assessments on a regular cadence for target environments can help organizations gain deeper insight into their environment and their own risk and security posture.

Aligning Security with Business Strategy: Frameworks provide advice on a broad range of security topics, which can help organizations improve defenses against a broad range of threats while aligning their security strategy with their business strategy, goals, and resources.

While the article focuses on the technical aspects of cybersecurity, it is important to understand that cybersecurity is not a technical issue, or an IT issue - it's a business issue.? You must consider the human element. Employees often serve as the greatest risk and the first line of defense against cyber threats, so invest in regular training. Senior management and organizational leadership must foster a culture of cybersecurity awareness, this can be just as crucial as implementing technical controls. If it is important to the boss, it's important to me.

Also, making information security personal for your employees goes a long way. When employees understand how cyberattacks can affect them personally, they are more likely to take steps to protect themselves and their company. Employees are more likely to

Pay Attention. People are naturally more interested in things that affect them personally. When cybersecurity training is relevant to their own lives, employees are more likely to pay attention and retain the information.

Change Behavior. When employees understand the risks of cyberattacks, they are more likely to change their behavior in order to protect themselves. This could include things like using strong passwords, being careful about what links they click on, and being aware of phishing scams.

Report Suspicious Activity. If employees are aware of the signs of a cyberattack, they are more likely to report suspicious activity to their IT department. This can help to prevent cyberattacks from succeeding.

By making information security personal for your employees, you can help to create a more secure workplace for everyone.

Boost Your Cyber Risk Awareness: Here’s How We Help

Fast and Comprehensive Risk Assessment at Your Fingertips

Experience our fully automated Security And Risk Assessment (SARA) that acts as your 3rd party auditor.

SARA provides an unbiased audit of your technical and risk controls.

Discover gaps, reorient resources, and prioritize your network.

Reach out to Netswitch for more details.

Stay Informed with Our LinkedIn Live Events

Join our regular LinkedIn Live Events designed to provide insights that will elevate your cyber risk awareness.

We aim to foster communication and collaboration among stakeholders - Business Executives, Technologists, and Governors – to align technical controls with GRC objectives and improve processes.

Stay updated about future events by following Netswitch Events on LinkedIn .

Jumpstart Your Cyber Journey with Our “Quick Start” Program

Sign up for our “Quick Start” Pilot Program and take a significant step towards reducing control misalignment, meeting GRC requirements, and improving cyber resilience.

Understand your risk level in cybersecurity and governance at no cost.

Contact Netswitch on LinkedIn for more information and to schedule a demo.

Join the LinkedIn CyberRisk Governance Group

Consider joining your peers in the fast-growing LinkedIn group dedicated to CyberRisk Governance.

The group aims to assist technologists, risk and compliance managers, and business leaders in understanding and lowering their CyberRisk.

Interested in joining us? Here’s the link to our group: https://www.dhirubhai.net/groups/13991569

DISCLAIMER: Any articles, information, or links are provided by Netswitch for reference only. While we strive to keep the information and links correct and safe, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, or related graphics contained on the destination website. Any reliance on such information is therefore strictly at your own risk.