June 20, 2024

June 20, 2024

Measure Success: Key Cybersecurity Resilience Metrics

“Cyber resilience is a newer concept. It can get thrown around when one really means cybersecurity, and also in cases where no one really cares about the difference between the two,” says Mike Macado, CISO at BeyondTrust, an identity and access security company. “And to be fair, there can be some blurring between the two. ... “Once the resilience objectives are clear, KPIs can be set to measure them. While there are many abstract possible KPIs, it is crucial to set meaningful and measurable KPIs that can indicate your cyber resilience level and not only tick the box,” says Kellerman. And what are the meaningful, core KPIs? “These include mean time to detect, mean time to respond, recovery time objective, recovery point objective, percentage of critical systems with exposures, employee awareness and phishing click-rates, and an overall assessment of leadership. These KPIs will properly assess your security controls and whether they are protecting your critical path assets, helping to ensure they’re capable of preventing threats.” Kellerman adds. ... “The ability to recover from a cybersecurity attack within a reasonable time that guarantees business continuity is a crucial indicator of resilience...” says Joseph Nwankpa


Most cybersecurity pros took time off due to mental health issues

“Cybersecurity professionals are at the forefront of a battle they know they are going to lose at some point, it is just a matter of time. It’s a challenging industry and businesses need to recognize that without motivation, cybersecurity professionals won’t be at the top of their game. We’ve worked with both cybersecurity and business leaders to understand the challenges the industry faces. What we’ve discovered shows just how difficult the job is and that there is a significant gap of understanding between the board and the professionals,” said Haris Pylarinos, CEO at Hack The Box. “We’re calling for business leaders to work more closely with cybersecurity professionals to make mental well-being a priority and actually provide the solutions they need to succeed. It’s not just the right thing to do, it makes business sense,” concluded Pylarinos. “Stress, burnout and mental health in cybersecurity is at an all-time high. It’s also not just the junior members of the team, but right up to the CISO level too,” said Sarb Sembhi, CTO at Virtually Informed.


Forget Deepfakes: Social Listening Might be the Most Consequential Use of Generative AI in Politics

Ultimately, the most vulnerable individuals likely to be affected by these trends are not voters; they are children. AI chatbots are already being piloted in classrooms. “Children are once again serving as beta testers for a new generation of digital tech, just as they did in the early days of social media,” writes Caroline Mimbs Nyce for The Atlantic. The risks from generative AI outputs are well documented, from hallucinatory responses to search inquiries to synthetic nonconsensual sexual imagery. Given the rapid normalization of surveillance in education technology, more attention should probably be paid to the inputs such systems collect from kids. ... Not every AI problem requires a policy solution specific to AI: a federal data privacy law that applied to campaigns and political action committees would go a long way toward regulating generative AI-enabled social listening, and could have been put in place long before that technology became widely accessible. The fake Biden robocalls in New Hampshire similarly commend low-tech responses to high-tech problems: the political consultant behind them is charged not with breaking any law against AI fakery but with violating laws against voter suppression.


Resilience in leadership: Navigating challenges and inspiring success

Research shows that cultivating resilience is a long and arduous journey that requires self-awareness, emotional intelligence, and a relentless commitment to personal growth. A great example of this quality and a leader I admire greatly is Jensen Huang, President of Nvidia, which is now one of the most valuable companies in the world with a market cap of more than $2 trillion. As Huang describes quite candidly in many interviews, his early years and the hardships he endured helped him build resilience, where he learnt to brush things off and move on no matter how difficult the situation was. While addressing the grad students at Stanford Graduate School of Business, Huang revealed that “I wish upon you ample doses of pain and suffering,” as he believes great character is only formed out of people who have suffered. These experiences have not only helped Huang develop a robust management style but have also helped him approach any problem with the mindset of “How hard can it be?” While Jensen’s life exemplifies the importance of hardships and suffering, resilience isn't limited to overcoming hardships; it's also about innovation and adaptability in leadership. 


IDP vs. Self-Service Portal: A Platform Engineering Showdown

It’s easy to get lost in the sea of IT acronyms at the best of times, and the platform engineering ecosystem is the same, particularly given that these two options seem to promise similar things but deliver quite differently. For many organizations, choosing or building an IDP might be what they think is required to save their developers from repetitive work while looking for a self-service portal (SSP) to streamline automation. ... By providing a user-friendly interface to define and deploy cloud resources, an SSP frees up the time and effort required to set up complex infrastructure configurations. Centralizing resources provides oversight while also enabling guardrails to be established to protect against “shadow IT” being deployed. This not only helps identify resources that aren’t being used to save money but also helps make cloud practices more eco-friendly by removing unnecessary resources. This is the main difference between an SSP and an IDP, and understanding which capabilities an organization needs is critical for ensuring a smooth platform engineering journey. Like a Russian doll, an IDP is a layer on top of an SSP that offers tools to streamline the entire software development lifecycle.


Chinese Hackers Used Open-Source Rootkits for Espionage

Attackers exploited an unauthenticated remote command execution zero-day on VMware vCenter tracked as CVE-2023-34048. If the threat group failed to gain initial access on the VMware servers, the attackers targeted similar flaws in FortiOS, a flaw in VMware vCenter called postgresDB, or a VMware Tools flaw. After compromising the edge devices, the group's pattern has been to deploy open-source Linux rootkit Reptile to target virtual machines hosted on the appliance. It uses four rootkit components to capture secure shell credentials. These include Reptile.CMD to hide files, processes and network connections; Reptile.Shell to listen to specialized packets- a kernel level file to modify the .CMD file to achieve rootkit functionality; and a loadable kernel file for decrypting the actual module and loading it into the memory. "Reptile appeared to be the rootkit of choice by UNC3886 as it was observed being deployed immediately after gaining access to compromised endpoints," Mandiant said. "Reptile offers both the common backdoor functionality, as well as stealth functionality that enables the threat actor to evasively access and control the infected endpoints via port knocking."

Read more here ...

To view or add a comment, sign in

Insights from the community

Others also viewed

Explore topics