From Gold Medals to Cyber: The Intersection of Sports and Cybersecurity

What do the highest athletic pursuit and cyber resilience have in common? More than you might think. In this wide-ranging conversation, Olympic champion Brooke Hanson OLY OAM and host Gareth Russell explore the intersection of cyber resiliency and being the best in your sport. Brooke, an Olympic gold and silver medalist, shares her experiences and the crucial roles of preparation and discipline, drawing parallels to cybersecurity strategies.

?Among the highlights:

• The importance of rigorous preparation and routine in both sports and cybersecurity.
• Teamwork’s critical role in achieving success across both domains.
• Celebrating successes as a key motivational factor.
• The necessity of mental resilience to manage pressure effectively.
• The impact of evolving technology on sports performance and its implications for cybersecurity.

?? Full episode: https://youtu.be/kN4XDzyL5Eo

?Learnings from the CrowdStrike incident

CrowdStrike’s well-chronicled incident highlighted a fundamental challenge in software deployment: the difficulty of fully anticipating how a change will interact with the complex, real-world environments in which software operates.

In a new blog post , Rajiv Kottomtharayil, Commvault’s vice president of product development, details how staggered releases can provide a crucial safety net that can help prevent minor issues from escalating into major disruptions. The key takeaways for software development teams:

• Prioritize risk mitigation:?Always consider the potential impact of a change, no matter how small or beneficial it may seem.
• Test, test, test:?Thorough testing is essential, but it’s impossible to anticipate every scenario. Staggered releases offer an additional layer of validation.
• Phased rollout:?Gradually introduce changes to your user base, starting with a small subset and expanding over time.
• Monitor closely:?Track the performance of the change after each phase of the rollout and be prepared to adjust your plan if necessary.

?STRIVE: A look at Social Media

In the latest episode of STRIVE, host Darren Thomson explores the pressing cyber security risks linked to social media. He identifies five primary risks: phishing, data breaches, identity theft, malware, and data scraping. Darren offers valuable advice on safeguarding against these threats, including the use of two-factor authentication, unique passwords, caution on public Wi-Fi, regular privacy setting reviews, and staying updated on security issues. The episode underscores the necessity of proactive measures to secure social media accounts while enjoying their benefits safely.?

Poll of the Week: Regulatory Compliance

Current poll question: How confident are you in our critical infrastructure's resilience after the recent CrowdStrike outage?

?Things of note that caught our eye:

Roger’s Hacking Stories ( Roger Grimes , KnowBe4 ): Data-driven defense evangelist Roger Grimes shares two hacking stories he’s experienced, including one targeting a Fortune 500 company and another detailing honeypots that went wrong.

Cost of a data breach climbs 10%, but AI is helping to limit some damage ( Eileen Yu , ZDNET ): The bad news: The cost of a data breach is up 10% to $4.88 million. The good news: Organizations that use AI and automation tools absorb fewer financial losses from a data breach.

Every Microsoft employee is now being judged on their security work ( Tom Warren , The Verge ): A few months ago, the software giant announced the executive bonuses would be tied to security contributions. Now, all Microsoft employees will have their performance reviews tied to their security efforts.

Most companies are afraid of unseen cybersecurity threats ( Shaun Nichols , SC Media ): Companies are afraid of the threat posed by unknown threat actors and exploits, according to research from security monitoring specialist Critical Start , which said that, by and large, administrators are more afraid of what they don’t know than flaws and attacks that are already public.

Upcoming events:

• September 10 – 12: Oracle CloudWorld (Las Vegas)
• October 8: SHIFT (London) Save your spot
• October 9 – 10: SHIFT (Virtual)