Your monthly update of ICT continuity news and information

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/ictnewsmar2022.html

FEATURE ARTICLES

Considering the future of your mission critical legacy applications
Legacy mission critical applications are a headache for many CIOs. Here, Nick Denning, CIO of Diegesis, offers an alternative view to the lure of new technologies and the consequential risky business of replacing tried and tested technology.
Read the article
• World

Horizon scanning: cyber security and the metaverse
As organizations start to look to metaverse platforms the associated cyber security threats need consideration. Matias Madou looks at cyber security issues associated with the metaverse and offers some recommendations…
Read the article
• World

Safeguarding the digital world starts with physical protection
Tiago Dias looks at the importance of data centres / centers, arguing that many should now be seen as critical infrastructure, given the impacts that lack of availability can have. In this piece Tiago looks at the key risks impacting data centres and how these can be mitigated against.
Read the article
• World

Designing your online infrastructure to survive major outages: where to start
Many businesses are reliant on a continuous online presence but may not have yet fully considered designing their platform to be able to respond to the effects of downtime - whether it is caused by an outage, cyber attack, or natural disaster. Terry Storrar provides some advice for those starting out on their disaster recovery journey.
Read the article
• World

Cloud outages raise questions on how to architect for resilience
There is no such thing as fail-proof systems says Avi Shillo, and global public cloud systems are no different. Outages have happened, and will occur again in the future. The answer for resilience is taking a cloud-agnostic approach…
Read the article
• World

How to protect backups from ransomware
Until recently the standard advice was to turn to your backups to initiate a response to a ransomware attack. However, as attackers have adapted their techniques to target backups is this approach still feasible? Peter Groucutt describes three ways of protecting backups to ensure that they can be used effectively after a ransomware attack.
Read the article
• World

Combatting ransomware means starting at the end…
It’s not just the initial ransomware attack that organizations need to be concerned with, it’s also the aftermath. The questions of: Is it over? How do we recover? What is stopping threat actors from doing it again? Ed Williams looks at ransomware incident management.
Read the article
• World

Advice from a CISO: the art of persuasion and leadership
Despite being based on and supported by technology, cyber security remains, first and foremost, a human artform. To unpack this, Continuity Central spoke to James Nelson, VP of InfoSec at Illumio, exploring what makes an effective CISO.
Read the article
• World

How high availability and disaster recovery are expected to develop through 2022
From multicloud to new requirements for disaster recovery and high availability protection – here are some of the biggest trends which we can expect to see in 2022, according to SIOS Technology Corp.
Read the article
• US / World

Top takeaways from the Evolving Resilience Strategies Report
Evolving Resilience Strategies is BC Management’s latest research report. In this article Cheyene Marling highlights the key findings from a global survey for the report, which was carried out in Q4 2021 to understand the current trends in resilience management.
Read the article

NEWS ARTICLES

Centre for the Protection of National Infrastructure releases new guidance on data centre security
The UK Centre for the Protection of National Infrastructure (CPNI) has published four new guidance documents to provide advice on data centre security.
Read the article
• UK

New report shows that the majority of organizations are not equipped to combat emerging HEAT cyber attacks
Web malware (47 percent) and ransomware (42 percent) now top the list of security threats that organizations are most concerned about. Yet despite the growing risks, less than a third (27 percent) have advanced threat protection in place on every endpoint device that can access corporate applications and resources.
Read the article
• World

Global Threat Analysis Report shows that organizations are failing to adapt to new attack tactics
Radware has released its 2021-2022 Global Threat Analysis Report. The comprehensive analysis shows that companies are failing to adapt their cyber attack mitigation strategy to accommodate mid and small size attacks or 'micro flood' attacks and application layer DDoS attacks.
Read the article
• World

Organizations must evolve strategies to protect an expanding digital footprint against emerging threats
Security and risk management leaders must address seven clear trends to protect the ever-expanding digital footprint of modern organizations against new and emerging threats in 2022 and beyond, according to Gartner, Inc.
Read the article
• World

One in three mid-market UK organizations suffered a +24 hour outage due to a cyber attack in 2021
Mid-market organizations in the UK suffered significant financial and operational damage as a result of cyber attacks in 2021, and want to see fundamental change to how cyber security is designed and run, new research reveals.
Read the article
• UK

Misconfiguration was the number one cause of cloud security incidents in 2021
Check Point Software Technologies Ltd has released its 2022 Cloud Security Report. As organizations continue to adopt the cloud, with 35 percent running more than 50 percent of their workloads on the likes of Azure, AWS and GCP, they struggle to manage the complexity of securing their cloud infrastructures across multiple cloud platforms.
Read the article
• World

NIST releases Ransomware Risk Management Cybersecurity Framework Profile and a Quick Start Guide
The US NIST has published two guides to help organizations manage and respond to ransomware threats.
Read the article
• US / World

Researchers show they can steal data during homomorphic encryption
Homomorphic encryption is considered a next generation data security technology, but researchers have identified a vulnerability that allows them to steal data even as it is being encrypted.
Read the article
• World

2022 Threat Landscape Report claims that threat actors are rapidly learning how to evade AI/ML technologies
Deep Instinct has released findings from its bi-annual Threat Landscape Report. The Deep Instinct Threat Research team extensively monitored attack volumes and types and then extrapolated their findings to predict where the future of cyber security is heading.
Read the article
• World

Over-confidence in ransomware and other cyber security protections seen in new survey
ExtraHop has released findings from a new survey on ransomware that sheds light on the discrepancies between how IT decision makers (ITDMs) see their current security practices, and the reality of the ransomware attack landscape.
Read the article
• World

20 percent of organizations have had significant impacts relating to Log4j
The recently identified vulnerability in the Log4j Java logging package has created headaches for security professionals around the world. Three-fifths (61 percent) of organizations responding to the latest Neustar International Security Council (NISC) survey, conducted in January 2022, said they had fielded attacks targeting this vulnerability.
Read the article
• World

Majority of successful ransomware attacks feature double or triple extortion tactics
Venafi has published the findings of a global survey of IT decision-makers looking into the use of double and triple extortion as part of ransomware attacks. The data reveals that 83 percent of successful ransomware attacks now include alternative extortion methods...
Read the article
• World

Report finds that data backup and recovery capabilities are dropping behind organizational requirements
The disconnect between business expectations and IT’s ability to deliver has never been more impactful, according to the Veeam Data Protection Trends Report 2022, which found that 89 percent of organizations are not protecting data sufficiently.
Read the article
• World

SonicWall Cyber Threat Report highlights that ransomware attacks doubled in 2021
SonicWall has released its 2022 Cyber Threat Report. This details a sustained surge in ransomware with 623.3 million attacks globally. Nearly all monitored threats, cyber attacks and malicious digital assaults rose in 2021 including ransomware, encrypted threats, IoT malware, and cryptojacking.
Read the article
• World

BlackBerry Annual Threat Report highlights emerging attack trends
BlackBerry Limited has released the 2022 BlackBerry Annual Threat Report, which uncovers cyber breadcrumbs from some of last year’s most notorious ransomware attacks, suggesting that some of the biggest culprits may have simply been outsourced labour.
Read the article
• World

Attacks using social media as a threat channel doubled in 2021 says new report
Social media as a threat channel saw a two-fold increase in attacks throughout 2021, according to the latest Quarterly Threat Trends & Intelligence Report from PhishLabs by HelpSystems.
Read the article
• World

EU agencies issue guidance on cyber resilience best practices
The European Union Agency for Cybersecurity (ENISA) and CERT- EU have jointly published ‘Boost your Organisation's Cyber Resilience’, a set of cyber resilience best practices for public and private organizations in the EU.
Read the article
• Europe

US, UK, and Australian agencies highlight ransomware trends and offer mitigation recommendations
In a joint security advisory, ‘2021 Trends Show Increased Globalized Threat of Ransomware’, various US, UK, and Australian security agencies have warned about the high level of threat that critical infrastructure organizations and others face due to a global increase in sophisticated, high-impact, ransomware incidents.
Read the article
• Various

Cyber attackers turn the HEAT up, with a 224 percent increase in such methods
Menlo Security has announced that it has identified a surge in Highly Evasive Adaptive Threats (HEAT) that bypass traditional security measures. HEAT attacks are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade detection by multiple layers in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection.
Read the article
• World

Boards taking steps to improve oversight of cyber risk but gaps remain
RANE (Risk Assistance Network + Exchange) and the Nasdaq Center for Board Excellence have released results of a survey of US publicly listed companies and nonprofits that show that boards and executive team members give themselves high marks for cyber security awareness but that additional training on cyber risks would be beneficial.
Read the article
• US

Satellites combined with 5G networks will offer new resilience options in the future
New advances in 5G standards are creating opportunities to integrate non-terrestrial networks (NTN) into an interoperable, standardized wireless experience across the entire globe explains a new white paper published by 5G Americas.
Read the article
• US / World

Threat report finds that stealthy techniques and growing Excel malware campaigns are top trends
HP Inc. has released its latest global HP Wolf Security Threat Insights Report, providing analysis of real-world cyber security attacks. By isolating threats that have evaded detection tools and made it to user endpoints, HP Wolf Security has specific insight into the latest techniques being used by cybercriminals.
Read the article
• World

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

Read our privacy policy at https://www.continuitycentral.com/index.php/privacy-and-cookies

Continuity Central is a registered trademark