As SolarWinds continues to be – and rightly so - a major discussion topic in cyber risk circles, I have noticed more conversation regarding the execution of the attack and less discussion as to what appears to be a lack of cyber hygiene at the infected organizations....
Cyberattacks
How the Grinch Stole Christmas: SolarWinds and the Immediate Effect on Your Third Parties
Just when you could not wait to get through 2020 another big headache (perhaps “migraine” is more appropriate) hit the world, only this time in cyberspace. The cyber risk world was rocked recently with the news of a very sophisticated attack on SolarWinds, a much-used...
Cyber Attacks: Better Vendor Risk Management Practices in 2021
Recent Cyber Attacks Highlight Importance of Proactive and Preventive Measures to Counter Intrusions Through Your Supply Chain The Recent State Attack On US Companies and Government Agencies In what has been called one of the most sophisticated cyber attacks in recent...
Future of Connected Devices: World War or Peace
As National Cybersecurity Awareness Month 2020 comes to a close, NCISA (the National Cybersecurity and Infrastructure Security Agency) has identified this final week’s focus to be “The Future of Connected Devices.” This theme brings to mind the Futurama Kitchen of...
Where Does Your Data Sleep?
On Thursday morning, February 20, 2020, people in tune with cybersecurity news woke to read that the private information of almost 11 million guests that stayed at the MGM Grand hotel and casino was posted publicly on a hacking forum. Justin Bieber, Twitter CEO Jack...
A Recent History of Cyberattacks: Lessons from Stuxnet and NotPetya
The new decade got off to a promising cybersecurity start, according to the Wall Street Journal. The publication reports that most information technology (IT) leaders expect their companies to increase cybersecurity spending in 2021 -- some by “double-digit...
Third Party IoT Security: Interpreting Survey Results in the Context of a Shifting Security Paradigm
Shared Assessment’s just published Ponemon research report The Internet of Things (IoT): A new Era of Third Party Risk provides a great snapshot of current IoT Risk management both within an organization’s four walls and with the third parties that so often support...
The Evolving Threat Landscape and New Challenges for Healthcare Security
In this series, Shared Assessments Advisory Board Committee member Ken Peterson talks about managing cyber risk in the Healthcare space. We look forward to hearing more on this topic from Ken and the NH-ISAC at the 10th Annual Shared Assessments Summit. Q&A...
Shared Assessments Program Addresses Recommendations of Russian Hack Report for Improved Security
The Threat Horizon The December 29th joint analysis report (JAR) GRIZZLY STEPPE – Russian Malicious Cyber Activity, contains specific indicators of cyberattacks and steps organizations can take to mitigate the “the tools and infrastructure used by the Russian civilian...
At the Heart of the Cyber Security Skills Shortage
Three recent studies demonstrate that organizational and IT department leadership sit squarely at odds with several important challenges to improving IT-related risk postures: Predictions that organizations do not plan to increase the level on hand security expertise;...