|
Your monthly update of ICT continuity news and information
NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/ictnewsapr2023.html
FEATURE ARTICLES
The intersection of DORA, operational resilience, and business continuity
As impacted organizations start to look at DORA compliance, Michael Bratton considers its scope, highlights provisions that align to other regulations, and outlines areas that may help practitioners seeking to build cohesive resilience programs and frameworks that encompass multiple risk disciplines.
Read the article
• World
The role of APIs in rebuilding and securing digital supply chains
Since the Sunburst attack at the end 2020, digital supply chains have been in the spotlight as an area of organizational vulnerability. Jason Kent looks at the issue and explains why APIs are part of the solution.
Read the article
• World
Using gamification to help build cyber resilience
Human errors are present in most cyber attacks says Dr John Blythe; and standard prescriptive training programmes are not proving to be very effective in improving this situation. In this article he explains why gamification can improve employee learning, outcomes, and overall cyber resilience.
Read the article
• World
Why the Internet needs orchestration for resilience
Internet connectivity has become the central fabric of our modern economy and for many organizations is critical to operations and services. What can individual organizations do to improve Internet resilience? Nick Sacke explores…
Read the article
• World
Enhance your cyber resilience with The Cyber Response Builder
The Cyber Response Builder is designed to help you proactively build your cyber resilience capabilities to anticipate, respond to, and recover from cyber attacks. The guide provides an assessment to help you quickly evaluate your current capability and then walks you through a framework to strengthen and build out your response.
Read the article |
NEWS ARTICLES
Report calls for a more joined up approach to cyber legislation and regulation around the world
(ISC)² and the Royal United Services Institute (RUSI) have released a new research report titled ‘Global Approaches to Cyber Policy, Legislation and Regulation’.
Read the article
• World
Developers opening their organizations up to breaches by knowingly deploying vulnerable code
Checkmarx released its Global Pulse on Application Security study at the 2023 RSA Conference in San Francisco. Developed with Censuswide, the research uncovered global trends around current security challenges faced by CISOs, application security (AppSec) leaders and software developers...
Read the article
• World
Cloud Security Alliance paper explores the ‘Security Implications of ChatGPT’
The Cloud Security Alliance (CSA) has released Security Implications of ChatGPT, a whitepaper that provides guidance across four areas relating to ChatGPT use.
Read the article
• World
New BCI report highlights the developing use of technology in the resilience profession
The BCI has released its latest survey and interview-based report, Technology in Resilience Report 2023. Sponsored by iluminr, this examines technologies and their impact on the resilience industry.
Read the article
• World
Ransomware threat decreasing but concerns increase over quantum computing-based risks: 2023 Thales Data Threat Report
The 2023 Thales Data Threat Report has been released, providing an annual report on the latest data security threats, trends and emerging topics based on a survey of nearly 3000 IT and security professionals in 18 countries.
Read the article
• World
The State of Kubernetes Security in 2023
Red Hat’s ‘The State of Kubernetes Security for 2023 report’ looks at the specific security risks organizations face regarding cloud-native development, including risks to their software supply chain, and how they mitigate these risks to protect their applications and IT environments.
Read the article
• World
Research highlights cyber threat intelligence struggles that organizations are facing
Enterprise Management Associates (EMA) has published a new research report, ‘Cyber Threat Intelligence – Transforming Data Into Relevant Intelligence’. This shows that many organizations struggle with effectively leveraging cyber threat intelligence (CTI).
Read the article
• World
Two-thirds of British manufacturers believe their technology environment is too difficult to defend
BlackBerry Limited has today released the BlackBerry Manufacturing Cybersecurity Study, with a warning that outdated and unsupported legacy operational technologies (OT) are exposing substantial vulnerabilities for UK manufacturers facing escalating threats from nation-state attacks.
Read the article
• UK
Survey shows huge lack of confidence in business continuity strategies for cyber attacks
Almost all IT and security leaders (96 percent) globally are concerned their organization will be unable to maintain business continuity following a cyber attack, according to a new study released today by Rubrik.
Read the article
• World
New report finds important differences in the way infosec and GRC teams define risk, vulnerability and threats
RiskOptics has published the results of its first Cyber Risk Viewpoints Survey. These reveal that both information security and GRC teams may be over-confident in their cyber and IT risk management systems.
Read the article
• US
Legacy technology is the greatest challenge for zero trust adoption
C-suite and other executives at organizations adopting zero trust say complexity and compatibility issues with legacy systems and environments pose the greatest challenge to adoption (44.6 percent), according to a Deloitte poll.
Read the article
• World
UK government releases annual Cyber Security Breaches Survey
The long-running Cyber Security Breaches Survey, commissioned by the UK government, is a research study on UK cyber resilience, aligning with the National Cyber Strategy. The 2023 study shows that cyber resilience in UK organizations seems to be moving backwards.
Read the article
• UK
Online retailers are at increased risk from growth in sophisticated and organized fraud
A survey of chief financial officers (CFOs) at online merchants across 10 countries has found that fraud is on the increase across the board.
Read the article
• World
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles
New guidance, written by a group of national cyber security agencies, explores the use of security-by-design to improve cyber resilience. The agencies are encouraging manufacturers of technology and associated products to take more responsibility for cyber security during the design and development process.
Read the article
• World
Check Point Research notes a sharp increase in cyber attacks targeting IoT devices
With the growing use of IoT devices there has been an increase in cyber attacks against these, using various exploitable vulnerabilities. In the first two months of 2023 there was an average of almost 60 attacks per organization per week targeting IoT devices: 41 percent higher than in 2022, and more than triple the number of attacks from two years ago.
Read the article
• World
The Financial Stability Board sets out ways to achieve greater convergence in cyber incident reporting
The Financial Stability Board (FSB), an international body that monitors and makes recommendations about the global financial system, has published a report with recommendations to achieve greater convergence in cyber incident reporting.
Read the article
• World
Data bias is an emerging risk but few organizations are currently addressing it
Progress has announced the results of a global study, ‘Data Bias: The Hidden Risk of AI’. Conducted by independent research firm, Insight Avenue, the report is based on interviews with more than 640 business and IT professionals...
Read the article
• Various
An effective cyber security program requires a human-centric focus
Security and risk management (SRM) leaders must rethink their balance of investments across technology and human-centric elements when creating and implementing cyber security programs in line with nine top industry trends, according to Gartner, Inc.
Read the article
• World
Siloed cloud-related operations are a business continuity threat
CloudBolt Software has released its latest research report, ‘The Truth About Siloed Automation’. CloudBolt Industry Insights (CII) studies examine industry sentiment across specific hybrid- and multi-cloud dimensions.
Read the article
• World
Many operational technology systems are at high or critical risk of cyber attacks
Results of a new survey show an increasing concern for ensuring safe and resilient operations while organizations work to implement more effective operational technology (OT) security strategies.
Read the article
• North America
Rorschach: a new sophisticated, evasive, and extremely fast ransomware
Check Point Research (CPR) has announced that it has detected a new form of ransomware that encrypts nearly twice as quickly as Lockbit and is more sophisticated than traditional ransomware.
Read the article
• World
NCSC updates guidance for board members on cyber risks
NCSC, the UK’s National Cyber Security Centre, has launched new resources as part of its Cyber Security Board Toolkit, to ‘help encourage senior leaders to have essential discussions about cyber security with their organizations’ technical experts and key stakeholders’.
Read the article
• UK
CALL FOR PAPERS
Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com
You have subscribed to this
newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com
Read our privacy policy at https://www.continuitycentral.com/index.php/privacy-and-cookies
Continuity
Central is a registered trademark |
