Mastering Cyber Security: Key Takeaways

Mastering Cyber Security: Key Takeaways

Welcome to the second full issue of Cyber Careers Insider. We really value your feedback on this edition. Please take a moment to share your thoughts and comments on this month's content selection. Your input is highly appreciated and helps us improve our offerings.

Contents

  1. This month's articles of interest
  2. Top Tip of the Month
  3. Recommended Courses

No alt text provided for this image

This month's articles of interest

"4 Areas of Cyber Risks That Boards Need to Address "

In our society reliant on technology, the cyber risk governance of companies directly impacts their stock prices and overall shareholder value. The new SEC cybersecurity rules establish transparency, serving as a strong foundation. However, assessing the long-term effectiveness of a cyber risk management strategy can be challenging. This article highlights four vital areas for investors to consider when evaluating its long-term efficacy.

"How Do Some Companies Get Compromised Again and Again? "

It's actually quite common for companies to experience repeated attacks. According to a global study by Cymulate, around 67% of attacked companies are targeted again within a year. Shockingly, around 10% of companies face 10 or more incidents in just one year. When it comes to ransomware attacks, an international survey by Cybereason found that 80% of companies suffer from repeated ransomware attacks. This begs the question: Why are repeat attacks so widespread, and what should companies do to prevent repeat attacks?

"Cyberattacks Surge to 61% of Small and Medium-Sized Businesses, Says Study "

According to a study conducted by security company BlackFog in June 2023, more than half of small and medium-sized businesses in the U.S. and U.K. experienced successful cyberattacks in the last year. Additionally, 39% of these businesses lost customer data due to cyberattacks.

"The Importance of Disaster Recovery and Backup in Your Cybersecurity Strategy "

No one wants to experience a security breach. However, the statistics indicate that it can happen to anyone. And the consequences go beyond just financial losses. Informing customers about your inability to fulfil commitments due to system downtime can severely damage your reputation and affect repeat business. To prevent such situations, it is crucial to have a disaster recovery system that ensures uninterrupted business operations, swift data recovery, and prevention of additional damage.

"What Every CEO Should Know About Generative AI "

With generative AI tools like ChatGPT, Bard, Claude, Midjourney, and others gaining popularity, CEOs are wondering: Is this technology just hype or a game-changing opportunity? And if it's the latter, what value does it hold for my business? Generative AI is advancing rapidly, and CEOs are still grappling with its business value and risks. Check out this McKinsey post for key essentials on generative AI.

No alt text provided for this image

Top Tip of the Month

Deloitte recently published an insightful piece for those in the financial sector affected by the DORA regulations, with implementation needing to be in place by early 2025.?

The Digital Operational Resilience ACT (DORA) is the first European legislation addressing digital operational resilience for financial services, representing the EU's key regulatory initiative on operational resilience and cybersecurity in the sector.?

Applying to most financial services firms operating in the EU, the DORA mandates firms to adopt a wider business perspective of resilience, establishing clear accountability at the senior management level. The Act sets binding rules for Information and Communication Technology (ICT) risk management, incident reporting, resilience testing, and third-party risk management.

It also introduces the world's first supervisory framework for Critical ICT Third Party Providers (CTPPs), including Cloud Service Providers (CSPs). Now that a final agreement on DORA has been reached and published, firms have a basis to prepare for its implementation, expected to be finalised in October's European Parliament Plenary session.

In anticipation, firms should conduct a gap analysis to develop a roadmap for designing and implementing an improved operational resilience framework by Q4 2024, adhering to DORA's new requirements. In addition, firms should consider how DORA can be a catalyst in managing digital risks and understanding the impact of operational disruptions on their business and customers.

You can read more about this in Deloitte's guide here:

https://www2.deloitte.com/content/dam/Deloitte/ie/Documents/ie-risk-advisory-digital-operational-resilience-act-dora-05102022.pdf

No alt text provided for this image

Recommended Courses

If your organisation is impacted by the DORA regulations, this self-paced eLearning course offers education on a risk management framework aligned with ISO 31000:

This program teaches you how to implement the NIST Cybersecurity Framework, e.g., Governance], Identify, Protect, Detect, Respond, and Recover:

You can purchase individual self-paced eLearning NIST Cyber Security Professional (NCSP?) courses right here:

No alt text provided for this image


Dewayne Hart CISSP, CEH, CNDA, CGRC, MCTS

CEO at Secure Managed Instructional Systems (SEMAIS) a SDVOSB l Official Member @ Forbes Tech Council | Author of "The Cybersecurity Mindset" l Keynote Speaker l Cybersecurity Advisory Board Member @ EC-Council

1 年

It's great to have joined this newsletter. Here is more of myself. I am a published author of “The Cybersecurity Mindset” I also speak on various cybersecurity topics and write for Forbes. The links below are where you can find my work and connect with my newsletter on Linkedin. Please follow me as well. Website: www.dewaynehart.com Newsletter: https://www.dhirubhai.net/newsletters/6969225591791239168/ Forbes: https://councils.forbes.com/profile/Dewayne-Hart-President-SEMAIS/94008863-848d-4ef8-bd96-5b7f7e6b1aa9

  • 该图片无替代文字

要查看或添加评论,请登录

DigitalTrust? Professionals的更多文章

社区洞察

其他会员也浏览了