Looking Back to Move Forward
Welcome to the Retrospective – your summary of this week's top news in #cybersecurity. Stay informed and ahead of the curve with this concise and informative roundup, designed to keep you up to speed with all the latest developments shaping the industry.
If you are a C-Suite executive, technology expert, cybersecurity specialist, compliance professional or simply interested in staying secure online, Retrospective has got you covered.
Subscribe to receive updates straight to your inbox.
Today's article is 949 words long, a 4-minute read.
Embracing Optimism and Kindness this Easter Season
Happy Easter, everyone! Let's take this time to appreciate the blessings in our lives while cherishing the moments spent with family and friends. We can also use today as a reminder that, despite our day-to-day challenges, there is always something to look forward to. Whether it's the promise of new opportunities, the beauty of spring blossoms, or the hope of a better tomorrow, this celebration is a beacon of genuine optimism.
During the year's second quarter, let's all make a real conscious effort to remember to spread kindness wherever we go. Small acts can make a big difference, whether it's a kind word, a helping hand, or a simple smile. It is always worthwhile to pause from this busy life, reflect on our objectives, and set new ones for ourselves. These little things add up, inspiring us to strive towards our dreams with more determination and perseverance. In doing so, we can create a positive ripple effect that can touch the hearts of those around us and even beyond — one gesture at a time.
Appreciating the Susceptibility of Technology to Mishaps
Unfortunately, yesterday I accidentally spilt coffee all over my MacBook Pro. To look at the glass half full (pun intended), it is working surprisingly well considering what happened. However, it got me thinking about how much we sometimes take our technology for granted and how vulnerable it can be to mishaps. On a broader scale, it highlights the importance for organisations to have the appropriate measures set in place in case of an emergency — including but not limited to ransomware.
SMBs face many threats, such as phishing emails, stolen credentials and malicious texts. Unlike bigger counterparts, the lack of security controls and skilled resources makes them more susceptible to cyberattacks. No wonder 43% of data breaches happen to this group, as companies with 10 to 49 employees saw a nearly fourfold rise in attacks. What's interesting is that in a CNBC survey, participants that fall in this category said that they don't consider themselves at risk. A major red flag!
Since many incidents go unreported without making national headlines, it fosters an illusion that smaller businesses are less likely to be singled out. This misconception is where regulation steps in. The European Parliament recognised this issue and published the Digital Operational Resilience Act (DORA) to address it. Despite its original purpose of addressing challenges within the financial sector, the design of this legislation extends its impact beyond this realm, gradually permeating other industries.
With the supply chain attacks we saw with AT&T and 3CX, plugging the holes in the #cybersecurity infrastructure is crucial. It's not a question of whether it will happen but when and how prepared one is to respond to it. Of course, capacity remains the most limiting factor, with SMBs struggling to invest in the right solutions and talent — a luxury they cannot afford. It is crystal clear that we need to do more, but with this increased attention in this area, we seem to be moving forward.
Recommended by LinkedIn
Link to regulation: https://buff.ly/43dla2s
Link to 1st report: https://buff.ly/2IUBuwq
Link to 2nd report: https://buff.ly/3nV8pcR
Link to 3rd report: https://buff.ly/3ABFf3v
Twitter's Doge-y Rebranding and Elon Musk's Regulatory Probe
Is Twitter becoming doge-y? In case you missed it, the social media giant rebranded their entire platform with the infamous Shiba Inu — at least for now. On a more serious note, Elon Musk tried to meet Lina Khan (the chair of the Federal Trade Commission), who is investigating their data-sharing practices. However, at face value, the situation may be going to the dogs since things did not proceed as planned.
While it is not unprecedented for CEOs to seek meetings with government agencies during regulatory probes, the billionaire's outreach points to the seriousness of the investigation and its potential consequences. Different news outlets like the New York Times, the Seattle Times and so on tried to get the answers to all these questions. The response? A press request triggered an autoreply email with a poop emoji.
The massive layoffs leave many to wonder if they can weather the storm and come out on top. Without mixing apples and oranges, a recent court filing shows that part of the source code was leaked and published on GitHub. According to the business magnate, such leaks and theft may come from disgruntled former employees.
Mistrust and capacity issues can also permeate the remaining workforce responsible for managing initiatives like the user privacy program, which stems from a 2011 settlement agreement with the FTC. A few months ago, they reportedly dropped the ball resulting in a hefty $150 million fine over alleged violations of the original terms.
Both incidents highlight the need for adequate controls to discourage the mishandling of confidential corporate information. In #cybersecurity, we always recommend setting up DLP to monitor and prevent leaks, including insider threats. Accidental or intentional exposure can happen where you least expect it. It's better to be safe than sorry.
As for the Twitter saga, judging from Elon Musk's previous track record with Tesla and SpaceX, he will likely continue pushing the boundaries and challenging conventional thinking.
Link to 1st article: https://buff.ly/414aaCv
Link to 2nd article: https://buff.ly/3Kzu7fa
Link to 3rd article: https://buff.ly/3KJplfr