Opinion

The spread of ransomware has reached unprecedented levels; every few days, there are headlines about new attacks crippling major companies or organizations. Some of these attacks have resulted in 8 figure ransoms, but the damage caused by downtime and data leaks is much larger than losses to ransoms.
A lot of the profits hackers are raking in get reinvested in enhancing their capability. All of this cash is driving the growth of an increasingly advanced and sophisticated underground economy, and with it, an expansion in hacker capabilities.

With the number and frequency of ransomware attacks increasing, not to mention the innovation in distribution methods, this should be a wake up call for organisations to strengthen their defences. By taking a preventative approach, businesses can take the necessary steps to strengthen their cybersecurity posture. This includes a combination of education, processes, hardware and software to detect, combat and recover from such attacks if they were to arise.

A few weeks ago, an article on the new CIS 18 framework was published on this site. CIS is one of the go to frameworks for security assessments, but the cloud has its own set of controls and a framework developed by the Cloud Security Alliance (CSA). They have recently released a new version of their framework as well. This article will introduce the CSA and its security framework.

Recent high-profile ransomware and cyberattacks expose vulnerabilities in commercial buildings that are far too widespread. In fact, the same headline-making exposures of late can be faced by any company that uses operational technology (OT) and information technology (IT).
Smart leaders across the nation and around the world should be thinking: “Maybe it could happen here.” The question becomes how to prevent similar attacks and how to position your organization to meet upcoming cybersecurity mandates with wide-ranging implications. Those of us in the cybersecurity business are aware of many such incidents, including some stories from my experience.

Less than a month ago, President Biden released his proposed budget for Fiscal Year 2022 that includes $9.8 billion in funding for cybersecurity enhancements. Cyberbreaches are making the headlines too often – almost on a weekly basis – and those are only the attacks that are reported. Not only are the breaches costly, but they also are dangerous. Potential threats to public safety as a result of cyberbreaches, in fact, are daunting. The Administration has made it clear that the Federal government intends to provide as much protection to the nation’s overall infrastructure as possible.

All enterprises have to handle customer data, including PII, but often small businesses do not have the resources to effectively safeguard against cyber threats.

In the latest Cybersecurity Magazine article, Ashley Lukehart offers 10 important cybersecurity statistics regarding the reality of cyberattacks on small businesses, and gives some tips on how small businesses should approach cybersecurity attack prevention

Since the start of the COVID19 pandemic, enterprises worldwide have adopted the work-from-home model. This shift has resulted in an increase in cyberattacks, and some traditional models of security are becoming ineffective as employees increasingly access resources remotely and use personal devices.
In the latest Cybersecurity Magazine article, Varin Khera argues for the use of ‘zero-trust’ security models and examines the best practices for adopting such a model.