Cybersecurity Chronicles | September 1 2023
Netswitch Technology Management
Empowering cyber resilience with AI speed and precision. Netswitch: Real-time security insights and measurable ROI.
Headlines of the Week
GOOD NEWS - Attacker Infrastructure Taken Down by Authorities
The FBI has successfully taken down the QakBot malware network, which had infected over 700,000 computers globally, with a significant portion in the United States. Additionally, victims of the Key Group ransomware can now recover their encrypted files thanks to a free decryption tool developed based on vulnerabilities in the ransomware's encryption method.
DECRYPTION - Free Decryption Tool for Ransomware
A cyber intelligence firm has introduced a free decryption tool designed to assist victims of the Key Group ransomware in recovering their data without the need to pay a ransom.
RETAIL - Data Breach Exposes PII of Over 539k Consumers
Forever 21 has notified consumers of a data breach that compromised the sensitive information of over 539,000 individuals, including names and SSNs. The breach occurred between January 5 and March 21.
EDUCATION - Big 10 School Suffers Cyberattack
The University of Michigan informed over 51,000 students of a cyberattack that necessitated it to disconnect from the internet, causing disruptions to online services for students and faculty.
FOOD & BEV -? Ransomware Takes PHI of 1.2M from Manufacturer
Meal delivery service PurFoods suffered a ransomware attack, resulting in the theft of PII and PHI, including SSNs, financial details, and driver’s license numbers, of over 1.2 million individuals.
Insights & Expert Analysis
RISK MANAGEMENT:
Battle Cybersecurity Risk with Cyber Insurance - The Right Way!
Cyber insurance is a contractual agreement between an insurer and a business or individual, serving as protection against the costs and liabilities resulting from cyberattacks or security breaches.
These insurance policies can cover various expenses, including emergency responses, IT infrastructure damage, event and media management, and reputational loss, depending on the policy's extent. In India, there are four main sections of cyber insurance policies:
Each coverage addresses different risks and offers financial compensation for direct costs, legal expenses, extortion demands, and third-party liabilities.
It is advisable to consider purchasing one or more of these insurance covers based on your business's nature and sector to establish a financial safety net against potential risks.
INSIGHTS:? Insurance is the last line of defense for most businesses, and it is a necessary requirement as a? supplier.?
With the cyber attacks affecting the supply chain and increasing regulatory demand, customers will continue to push their suppliers to carry the responsibilities in risk management.?
With rising premiums, the question is - How can you reduce costs, and how to negotiate with your carrier with an acceptable 3rd party analysis of your cyber risk profile?
SECURITY:
How to Shift From App Security to Product Security
The shift to product security from application security in modern enterprises. It emphasizes the need for a comprehensive security approach, with product security teams playing a vital role. Product security encompasses various aspects and complements application security. These teams promote a security-conscious culture and reduce friction for developers. The qualifications and reporting structures for product security professionals are discussed, highlighting their importance in ensuring security throughout the product's lifecycle and fostering a security-aware organizational culture.
INSIGHT: Executives can help their organizations navigate the complex world of cybersecurity and build a strong security foundation that aligns with business objectives.
CEOs and CFOs - you can use the information from the article to improve your organization's cybersecurity posture by considering these strategic actions:
领英推荐
Ways We Can Help You
Elevate Your Cyber Risk Cognizance
Get a Fast and Comprehensive Risk Assessment
Our fully automated Security And Risk Assessment (SARA) performs as an auditor to provide an unbiased audit of your technical and risk controls.
Contact Netswitch for more info.
Attend a LinkedIn Live Event
We host regular LinkedIn Live Events to provide insights to elevate your cognizance.
Our intent is to facilitate communication and collaboration among stakeholders - Business Executives, Technologists, and Governors – to achieve alignment of technical controls to meet GRC objectives and improve processes to meet both.
Keep up to date about future events by following Netswitch.
Signup for Our "Quick Start" Pilot Program?
Know your risk level in cybersecurity and governance at NO COST.
To find out more just contact Netswitch on LinkedIn for more info. and we'll get a Demo Scheduled
Join Our CyberRisk Governance Group
Consider joining risk professional peers in the fast-growing LinkedIn group specifically about CyberRisk Governance.
The aim of the group is to help technologists, risk & compliance managers and business leaders better manage their CyberRisk.?
Would you like to join us?
Here's the link:?https://www.dhirubhai.net/groups/13991569
DISCLAIMER: Any articles, information, or links are provided by Netswitch for reference only. While we strive to keep the information and links correct and safe, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability, or availability with respect to the website or the information, articles, or related graphics contained on the destination website. Any reliance you place on such information is therefore strictly at your own risk.