Today’s Edition: Protecting the Digital World During Cybersecurity Awareness Month

A cyber attack occurs every 39 seconds.

Cybersecurity Awareness Month serves as a timely reminder of the ever-present and evolving cyber threats that individuals and organizations face. In recent years, the scale and sophistication of cybercrimes and data breaches have surged, underlining the urgent need for vigilance.?

For the first time ever, the WEC's 2023 Global Risks Report added "widespread cybercrime and cyber insecurity" to its list of the top 10 threats to global socioeconomic health over the next decade. These attacks not only compromise sensitive data but also have severe financial and reputational consequences.?

Today’s edition of Trusted sheds light on the risks posed by evolving threats and what to do about them. So, let’s get into it. ??

DRATA BITS

Nylas speaks with our CISO, Matt Hilary, on compliance automation and security

A Short History of Cybersecurity and the Data Breaches That Forced the World to Pay Attention to Data Privacy

The consequences of cybercrimes are becoming more unpredictable as the landscape continues to innovate. Whereas earlier cyber crimes typically resulted in consequences like data breaches or identity theft, more recent attacks have caused power grids to shut down, equipment damage at nuclear facilities, and more.

To evaluate how public perception toward cybersecurity has changed over time, we reviewed the most impactful cyber crimes and their consequences, including:

• The 'Morris Worm' (1988)
• The 'Press Release' Hacks (2012)
• Yahoo (2013)
• Ukrainian Power Grid (2015)
• And more!

Revisit cybersecurity history here.

From Drata's Experts

What You Need to Know About the Cybersecurity Workforce Gap

Nearly 5 million people currently hold jobs in cybersecurity, including 464,000 individuals that joined last year. But there is still a cybersecurity workforce shortage of 3.4 million people. We discuss why and possible strategies to help in this article.

States Most Impacted by Healthcare Data Breaches in 2022

This article takes a look at Department of Health and Human Services data to determine which states felt the largest impacts due to healthcare data breaches in 2022.

5 Incident Response Templates to Help Get You Started

These five incident response plan templates give you a solid foundation for building a plan that aligns with your organization and its threat environment.

5 Internal Threats to Your Compliance Program and How to Solve for Them

According to the 2023 Compliance Trends Report, 87% of organizations with a reactive compliance maturity approach face negative consequences as a result. This can create a greater risk of losing digital trust with customers and prospects.

Join Drata and KnowBe4 on Nov. 7 at 11 a.m. PT for a fireside conversation on the top internal threats to an organization’s compliance program and practical ways to solve for those threats.

Come prepared to:

• Gain an understanding of point-in-time compliance and its potential harm to your organization.
• Discover the basics of compliance automation and how it can save your organization time while accelerating growth.
• Learn ways to continuously build trust with your customers and prospects through security and compliance transparency, both before and after the audit.

Register now to secure your spot!

Join Us for the First Ever Drataverse Digital

Drataverse Digital: Access and Control is a virtual product launch that’s set to be a game-changer for the world of GRC.?

Here’s a quick look at the event:

• Discover Drata’s Newest Features: We're pulling back the curtain on a few features that will redefine how you manage access and control within your organization.
• Network With Industry Peers: Chat with fellow professionals, swap stories, and walk away with more than a few a-ha moments.
• Your Questions, Your Voice: Come with questions and ask them in real time during the show, or share your feedback directly in Drata.

Registration is now open—don’t miss out!

Around the Web

CISA shares vulnerabilities, misconfigs used by ransomware gangs | Bleeping Computer

It’s official: Microsoft closes $68.7B Activision Blizzard acquisition as UK approves restructured deal | Tech Crunch

Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023? | The Hacker News

Troy's Takes: Expert Answers

Question: What exactly does the new SEC Cybersecurity Disclosure rule require public companies to disclose?

Troy’s Take:

The SEC’s new cybersecurity disclosure rule requires public companies to disclose material cybersecurity incidents in Form 8-K. While technically not in effect yet, The Clorox Company has decided to start disclosing information about a recent incident in their Form 8-Ks. For public companies looking to understand what information to disclose in Form 8-K when they are impacted by a material cyberattack, this is a great example (see attached image).

As a reminder Form 10-K will require public companies to disclose the following information beginning with the annual report for any period ending on or after December 15, 2023:

• Processes for assessing, identifying, and managing material risks from cybersecurity threats in sufficient detail for a reasonable investor to understand those processes.
• Information about cybersecurity risk governance.?
• Information about management’s role in assessing and managing material risks from cybersecurity threats.?

For more details, check out Troy’s LinkedIn.

Secured Jobs

Professional Cybersecurity IAM | AT&T | Dallas, TX

Compliance Operations Manager | Stripe | Seattle, WA

Information Security - GRC Analyst | G2 | Chicago, IL

Helpful Resources

Trusted is currently published twice a month and is designed to share the latest resources from around the compliance, risk management, and cybersecurity space. If you have suggestions or would like to include a recent article or podcast, please let us know.

?? Secured, The Drata Community

↘? Trusted: Share our newsletter with others

?? Upcoming webinars

??Drata Customer Stories