Black Bottle IT’s Post

As #AI driven cyber incidents rise, boards must recognize heightened risks from poorly tested updates. Proactively assessing cybersecurity strategies, including a balance of agent-driven and agentless tools, is vital, as well as robust testing processes will be essential to mitigate risks. Cybersecurity is a strategic discussion on business resilience. Delta Air Lines Air Lines Latino Corporate Directors Association (LCDA) HITEC Angeles Investors MAS Global Consulting The CISO Collective

Why are enterprise organizations adopting logical access control solutions? Read our blog to learn why logical access control is your most essential defense against cyberthreats: https://lnkd.in/gtkrqRPP #cyberthreats #logicalaccess #secureauthentication #passkeys #biometricauthentication #rfidtechnology #multifactorauthentication

Proposed DHS rules for critical infrastructure reporting aim to enhance cyber incident response, as highlighted by industry leaders in Security Magazine. Have questions about how to secure your critical infrastructure business? As experts in securing the Federal Government, we have answers! Let us know how we can help. #Cybersecurity #CriticalInfrastructure #PhysicalSecurity #Government #DHS

UK Ministry of Defence has been the subject of a data breach as personal details of forces personnel have been accessed in a hack. With the continued and prevailing threat of cyber attacks targeted against the state, British companies and the economy, the exploitation of personal devices of high profile individuals is also at record levels. Personal devices of high net worth individuals, private family offices, C suite executives, high profile lawyers and accountants provide an easy work around and are routinely targeted despite robust office IT systems. Through our cyber security partners - who are former members of GCHQ and The National Cyber Security Centre - we are able to offer clients tailored cyber security solutions to protect personal devices and to mitigate against cyber threats and attacks. If you are a high net worth individual, private family office, law firm or high net worth adviser then you need to ensure you have adequate counter measures and protections to your personal devices. Data breaches have severe legal, financial and regulatory implications, not to mention catastrophic damage to professional reputations. Mark Manley Harry G. David Omand Ahmad AlOtaibi Amb. Dr. Hillary Emoh Rick Parish Manleys Solicitors Abdulrahman Al-Thani Arun Jain Graham Carney Leanne Carling Graeme Carling Henry Barclay Peter Sugarman Peter Phillips Lauren Swartz David Sherborne Paul Lunt Paul Baird MoD data breach: UK armed forces' personal details accessed in hack https://lnkd.in/e--JkdEm

What is the point of having a government Cyber Safety Review Board if it does nothing? Just like most government initiatives that have tried to tackle the tornado of #cyberattacks and compromises of US government systems and critical infrastructure, and the compromises and disruption of our defense contractors, healthcare services, and other systems that sustain our daily life, this Board seems to be more for show, with no real consequences or measurable improvements… It still feels like our government is happy to keep sticking its head in the sand, pretending that this is not an immediate threat to our way of life, and counting on the private sector to protect itself, while our elected leaders ignore the problem until the next election cycle, and so forth. This attitude has lasted for decades, regardless of the political party in charge. Are we waiting for a catastrophic Pearl Harbor-like event or worse, before we actually do something that makes a difference? https://lnkd.in/eEyfQpYT #security #regulation

💬 See how #Tanium helped BAE Systems gain endpoint visibility, reduce risk, and defend against threats, allowing them to be proactive when it comes to protection against the ever-present risk of security threats. #SuccessStory

The agencies said that #PRC affiliated actors have #CompromisedNetworks at multiple #Telecommunications #Companies to enable the #Theft of #Customer #CallRecord #Data as well as #PrivateCommunications of a "limited number of individuals who are primarily involved in #Government or #PoliticalActivity The joint statement said that the #PRCActors also #CopiedInformation that was subject to #US #LawEnforcement requests pursuant to #CourtOrders ☝🏿🧐💻🔐🇺🇸 #FBI #Risk #Intel #CISA #China #Security #Subpoena #Intelligence #CyberAttack #SecurityRisk #CyberSecurity #ThreatMapping #ThreatLandscape #ThreatIntelligence #IntelligenceReport #HomelandSecurity #RootCauseAnalysis #InformationSecurity https://lnkd.in/grY7nhBt

Layered Resilience As the New York Times reported, everything from airlines to banks to healthcare systems in many countries was hit by a flawed software update by CrowdStrike, an American cybersecurity firm, whose systems are designed to protect users from hackers. CrowdStrike took the responsibility for the software bug, sent in a system update, that caused the outage. This incident is not a cyberattack. Obviously, the resiliency of the operating system was not sufficient to mitigate the vulnerability. Bugs happen all the time and are unavoidable but this time it has been an catastrophic failure because of the remediation procedures. CrowdStrike incident highlihts the importance of Layered Resilience. If I refer to NATO Layered Resilience Concept, both military and civilian assets have to be ready to respond to shocks, the unexpected events, such as climate change, severe weather, military assault or in this case a software bug! We cannot be everything ready, but we can anticipate possibilities, adapt our forces and services and practice. It is all about preparing! #resilience, #layeredresilience, #natolayeredresilienceconcept

🚨 𝗧-𝗠𝗼𝗯𝗶𝗹𝗲 𝗕𝗹𝗼𝗰𝗸𝘀 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗜𝗻𝘁𝗿𝘂𝘀𝗶𝗼𝗻 𝗔𝘁𝘁𝗲𝗺𝗽𝘁 🚨 T-Mobile successfully prevented a network infiltration originating from a connected wireline provider. The attackers, using discovery commands to map the network, were stopped before lateral movement or access to sensitive data. 🔐 𝗞𝗲𝘆 𝗣𝗼𝗶𝗻𝘁𝘀: Connectivity to the wireline provider was cut off. Findings were shared with U.S. authorities. Incident follows recent espionage campaigns targeting U.S. telecoms by China-linked groups like Salt Typhoon. T-Mobile’s layered defenses and quick response ensured no disruption or data breach. #𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 #𝗧𝗠𝗼𝗯𝗶𝗹𝗲 #𝗡𝗲𝘁𝘄𝗼𝗿𝗸𝗜𝗻𝘁𝗿𝘂𝘀𝗶𝗼𝗻 #𝗧𝗵𝗿𝗲𝗮𝘁𝗜𝗻𝘁𝗲𝗹

Organizations have to start protecting sensitive data with the same intensity as the armed forces, intelligence community, and defense industry. A glaring stat from the article stated, “According to the 2023 IBM Security "Cost of a Data Breach Report," the mean time to identify (MTTI) and contain (MTTC) a breach is 277 days.” We have to improve on that. In PCI, if you have no business need to store, process, or transmit sensitive data, then you don’t. That should be the thought process for any type of data an organization classifies as sensitive. But if you do need to, this article gives good rationale for why there needs to be a shift. And before you shout from the hill tops that security is a blocker for productivity, they accounted for that as well. Best security practices always should! https://lnkd.in/gDHhPjEQ