Latest Cybersecurity News 2023-10-16

Follow ISA Cybersecurity on LinkedIn for the latest cybersecurity news

Weekly CyberTip: Device locking

Remember that locking your device when it’s unattended is just important at home as it is in the office or on the road: be sure to enable idle time auto-locking for mobile phones, tablets, and computers whenever possible. With biometrics built into many devices, “waking up” your device is a trifling inconvenience – and certainly worth the additional security that locking your gear provides. Here’s a quick reference to setting idle times for some popular operating systems: 

  • iOS: Settings, Auto-lock 
  • Android: Menu, Settings, “Screen” or “Display”, “Timeout” or “Screen Timeout.” 
  • Windows: Right click Desktop, select Personalization, Lock Screen, Screen time out 
  • MacOS: Apple menu, System Preferences, Click Desktop & Screen Saver, Screen Saver 

New report examines the changing role of the CISO

Splunk has released a new study exploring the latest challenges facing CISOs, from keeping up with AI technology to changing the security culture within their organizations.  

The wide-ranging report delivers six key takeaways: 

  • AI is here to stay, and CISOs need to be aware the opportunities and risks it presents; for example, 70% of CISOs believe that AI provides greater advantages to threat actors than it does for defenders, but only 35% are experimenting with it for cyber defense 
  • there is still a problem with misalignment between CISOs and their boards, so communication is important to support successful security initiatives 
  • nearly half of CISOs surveyed now report directly to the CEO, with boards becoming more active security stakeholders than in previous years 
  • 90% of CISOs surveyed reported that that their organizations had experienced at least one disruptive cyber attack in the past year, with 83% of organizations saying they had paid attackers in the wake of a ransomware attack (directly, through cyber insurance, or through a negotiator) 
  • 93% of CISOs expect an increase in the budgets in the coming year 
  • collaboration is essential in delivering organizational resilience 

The report also noted that among North American CISOs, 90% of respondents said their role as CISO had changed so much it was almost a different job than when they had started, and 25% of respondents consider the number of high priority breaches, incidents and reportable events as a security success metric – the highest percentage of any group surveyed. 

New report analyzes cyber insurance claims

A new report from NetDiligence presents a detailed analysis of cyber insurance claims in 2023. The report had a particular focus on the claims experience of SMBs, where ransomware continues to represent the leading cause of loss in insurance claims. The sectors making the most claims were professional services, healthcare, manufacturing, and financial services. 

  

Key statistics in the report include: 

  • 254 SMB claims surpassed $1M (all figures USD) 
  • 265 SMB claims were between $500K and $1M 
  • the average cost of SMB business interruption alone was $370K 
  • while the average incident cost for SMBs dipped slightly from 2021 to 2022, average ransom payments rose nearly 8% from $514K to $555K 

Everest hacking group recruiting your staff for remote access

According to an October 12 report in The Register, the Everest ransomware gang appears to be pivoting to become an insider access broker (IAB) and is actively seeking the help of employees to provide unauthorized access to their own corporate networks.  

 

In a bulletin on their dark web site, Everest has posted an advertisement announcing: “We monetize your corporate access” with a request for unauthorized network connections via remote access tools like RDP, AnyDesk, or TeamViewer in exchange for a “good percentage for partners,” and promising “full transparency of work and confidentiality”. The posting has a particular focus on targets in the United States, Canada, and Europe.  

 

The news is a reminder of the importance of delivering security awareness training to staff to watch for suspicious activities, restricting system access to a “need-to-know” basis, implementing detailed logging and controls to monitor for anomalous behaviour, and using an EDR as an early warning system for the deployment of ransomware.  

NEWSLETTER

Get exclusively curated cyber insights and news in your inbox

Contact Us Today

SUBSCRIBE

Get monthly proprietary, curated updates on the latest cyber news.

SUBSCRIBE

Get monthly proprietary, curated updates on the latest cyber news.