Measure Success: Key Cybersecurity Resilience Metrics
“Cyber resilience is a newer concept. It can get thrown around when one really
means cybersecurity, and also in cases where no one really cares about the
difference between the two,” says Mike Macado, CISO at BeyondTrust, an identity
and access security company. “And to be fair, there can be some blurring between
the two. ... “Once the resilience objectives are clear, KPIs can be set to
measure them. While there are many abstract possible KPIs, it is crucial to set
meaningful and measurable KPIs that can indicate your cyber resilience level and
not only tick the box,” says Kellerman. And what are the meaningful, core KPIs?
“These include mean time to detect, mean time to respond, recovery time
objective, recovery point objective, percentage of critical systems with
exposures, employee awareness and phishing click-rates, and an overall
assessment of leadership. These KPIs will properly assess your security controls
and whether they are protecting your critical path assets, helping to ensure
they’re capable of preventing threats.” Kellerman adds. ... “The ability to
recover from a cybersecurity attack within a reasonable time that guarantees
business continuity is a crucial indicator of resilience...” says Joseph
Nwankpa
Most cybersecurity pros took time off due to mental health issues
“Cybersecurity professionals are at the forefront of a battle they know they are
going to lose at some point, it is just a matter of time. It’s a challenging
industry and businesses need to recognize that without motivation, cybersecurity
professionals won’t be at the top of their game. We’ve worked with both
cybersecurity and business leaders to understand the challenges the industry
faces. What we’ve discovered shows just how difficult the job is and that there
is a significant gap of understanding between the board and the professionals,”
said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders
to work more closely with cybersecurity professionals to make mental well-being
a priority and actually provide the solutions they need to succeed. It’s not
just the right thing to do, it makes business sense,” concluded Pylarinos.
“Stress, burnout and mental health in cybersecurity is at an all-time high. It’s
also not just the junior members of the team, but right up to the CISO level
too,” said Sarb Sembhi, CTO at Virtually Informed.
Forget Deepfakes: Social Listening Might be the Most Consequential Use of Generative AI in Politics
Ultimately, the most vulnerable individuals likely to be affected by these
trends are not voters; they are children. AI chatbots are already being piloted
in classrooms. “Children are once again serving as beta testers for a new
generation of digital tech, just as they did in the early days of social media,”
writes Caroline Mimbs Nyce for The Atlantic. The risks from generative AI
outputs are well documented, from hallucinatory responses to search inquiries to
synthetic nonconsensual sexual imagery. Given the rapid normalization of
surveillance in education technology, more attention should probably be paid to
the inputs such systems collect from kids. ... Not every AI problem requires a
policy solution specific to AI: a federal data privacy law that applied to
campaigns and political action committees would go a long way toward regulating
generative AI-enabled social listening, and could have been put in place long
before that technology became widely accessible. The fake Biden robocalls in New
Hampshire similarly commend low-tech responses to high-tech problems: the
political consultant behind them is charged not with breaking any law against AI
fakery but with violating laws against voter suppression.
Resilience in leadership: Navigating challenges and inspiring success
Research shows that cultivating resilience is a long and arduous journey that
requires self-awareness, emotional intelligence, and a relentless commitment to
personal growth. A great example of this quality and a leader I admire greatly
is Jensen Huang, President of Nvidia, which is now one of the most valuable
companies in the world with a market cap of more than $2 trillion. As Huang
describes quite candidly in many interviews, his early years and the hardships
he endured helped him build resilience, where he learnt to brush things off and
move on no matter how difficult the situation was. While addressing the grad
students at Stanford Graduate School of Business, Huang revealed that “I wish
upon you ample doses of pain and suffering,” as he believes great character is
only formed out of people who have suffered. These experiences have not only
helped Huang develop a robust management style but have also helped him approach
any problem with the mindset of “How hard can it be?” While Jensen’s life
exemplifies the importance of hardships and suffering, resilience isn't limited
to overcoming hardships; it's also about innovation and adaptability in
leadership.
IDP vs. Self-Service Portal: A Platform Engineering Showdown
It’s easy to get lost in the sea of IT acronyms at the best of times, and the
platform engineering ecosystem is the same, particularly given that these two
options seem to promise similar things but deliver quite differently. For many
organizations, choosing or building an IDP might be what they think is
required to save their developers from repetitive work while looking for a
self-service portal (SSP) to streamline automation. ... By providing a
user-friendly interface to define and deploy cloud resources, an SSP frees up
the time and effort required to set up complex infrastructure configurations.
Centralizing resources provides oversight while also enabling guardrails to be
established to protect against “shadow IT” being deployed. This not only helps
identify resources that aren’t being used to save money but also helps make
cloud practices more eco-friendly by removing unnecessary resources. This is
the main difference between an SSP and an IDP, and understanding which
capabilities an organization needs is critical for ensuring a smooth platform
engineering journey. Like a Russian doll, an IDP is a layer on top of an SSP
that offers tools to streamline the entire software development lifecycle.
Chinese Hackers Used Open-Source Rootkits for Espionage
Attackers exploited an unauthenticated remote command execution zero-day on
VMware vCenter tracked as CVE-2023-34048. If the threat group failed to gain
initial access on the VMware servers, the attackers targeted similar flaws in
FortiOS, a flaw in VMware vCenter called postgresDB, or a VMware Tools flaw.
After compromising the edge devices, the group's pattern has been to deploy
open-source Linux rootkit Reptile to target virtual machines hosted on the
appliance. It uses four rootkit components to capture secure shell
credentials. These include Reptile.CMD to hide files, processes and network
connections; Reptile.Shell to listen to specialized packets- a kernel level
file to modify the .CMD file to achieve rootkit functionality; and a loadable
kernel file for decrypting the actual module and loading it into the memory.
"Reptile appeared to be the rootkit of choice by UNC3886 as it was observed
being deployed immediately after gaining access to compromised endpoints,"
Mandiant said. "Reptile offers both the common backdoor functionality, as well
as stealth functionality that enables the threat actor to evasively access and
control the infected endpoints via port knocking."
What are the benefits of open access networks?
Toomey says there are various benefits to open access networks, with a key
benefit being the fostering of competition. “This competition drives
innovation as providers strive to offer the best services and technologies to
attract and retain customers,” she said. “Additionally, open access networks
can reduce costs for service providers by sharing infrastructure, leading to
more affordable services for end-users. “These networks also promote greater
network efficiency and resource utilisation, benefiting the entire telecom
ecosystem.” But there are challenges with building an open access network, as
Toomey said there are high costs in building and maintaining the necessary
infrastructure. Enet invested €50m in 2022 to expand its fibre network, but
saw its profits fall 47pc to €3.7m in the same year. “Additionally, there is a
risk of overbuild, where multiple networks are constructed in the same area,
leading to inefficient resource use,” Toomey said. “Another challenge is the
centralised thinking on network roll-out in cities, which can neglect rural
and underserved areas, creating a digital divide. “Addressing these challenges
requires strategic planning and investment, as well as collaboration with
government and industry stakeholders to ensure balanced network
development.”
CIOs take note: Platform engineering teams are the future core of IT orgs
The core roles in a platform engineering team range from infrastructure
engineers, software developers, and DevOps tool engineers, to database
administrators, quality assurance, API and security engineers, and product
architects. In some cases teams may also include site reliability engineers,
scrum masters, UI/UX designers, and analysts who assess performance data to
identify bottlenecks. And according to Joe Atkinson, chief products and
technology officer at PwC, these teams offer a long list of benefits to IT
organizations, including building and maintaining scalable, flexible
infrastructure and tools that enable efficient operations; developing
standardized frameworks, libraries, and tools to enable rapid software
development; cutting costs by consolidating infrastructure resources; and
ensuring security and compliance at the infrastructure level. ... You can’t
have a successful platform engineering team without building the right
culture, says Jamie Holcombe, USPTO CIO. “If you don’t inspire the right
behavior then you’ll get people who point at each other when something goes
wrong.” And don’t withhold information, he adds.
What is the current state of Security Culture in Europe?
Organizations prioritizing the establishment and upkeep of a security culture
will encourage notably heightened security awareness behaviors among their
employees. Examining this further, research has shown that organizations in
Europe have a good understanding of security culture as both a process and a
strategic measure. However, many have yet to take their first tactical steps
toward achieving that goal. Those who have done so realize that shaping
security behaviors is essential in developing a security culture. ... Delving
deeper, smaller European organisations score higher in security culture due to
more effective personal communication, stronger community bonds and better
support for security issues. This naturally leads to enhanced Cognition and
Compliance, with improvements in communication channels posited as a key
driver for better security policy understanding and proactive security
behaviours that outperform global averages. Conducting an examination of which
industries displayed the best security culture within Europe, it is certainly
gaining traction among security experts within sectors like finance, banking
and IT, which are all heavily digitized.
Data Integrity: What It Is and Why It Matters
While data integrity focuses on the overall reliability of data in an
organization, Data Quality considers both the integrity of the data and how
reliable and applicable it is for its intended use. Preserving the integrity
of data emphasizes keeping it intact, fully functional, and free of corruption
for as long as it is needed. This is done primarily by managing how the data
is entered, transmitted, and stored. By contrast, Data Quality builds on
methods for confirming the integrity of the data and also considers the data’s
uniqueness, timeliness, accuracy, and consistency. Data is considered “high
quality” when it ranks high in all these areas based on the assessment of data
analysts. High-quality data is considered trustworthy and reliable for its
intended applications based on the organization’s data validation rules. The
benefits of data integrity and Data Quality are distinct, despite some
overlap. Data integrity allows a business to recover quickly and completely in
the event of a system failure, prevent unauthorized access to or modification
of the data, and support the company’s compliance efforts.
Quote for the day:
“Failures are finger posts on the road
to achievement.” -- C.S. Lewis
No comments:
Post a Comment