Your monthly update of ICT continuity news and information
NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/ictnewsnov2022.html
FEATURE ARTICLES
Cyber-related workplace stress has a real impact on cyber resilience
Stress often has a detrimental effect on decision making and this can have knock-on impacts on operational resilience. A new survey has quantified the causes of stress in cyber resilience teams and looks at possible ways to help with this. Justin Vaughan-Brown gives more details...
Read the article
• World
Operational resilience: a guide to impact tolerance
Considering, defining, and building consensus around impact tolerances is a vital aspect of operational resilience. This guide, the Impact Tolerance Builder, provides a framework for developing impact tolerances…
Read the article
• World
Practical zero trust in a real-world environment
Zero trust is a popular talking point when it comes to security, however, in reality, end-to-end zero trust is not workable for the vast majority of modern businesses. Despite this, you can use the zero trust approach in a practical way in a real-world environment, argues Chris Cooper.
Read the article
• World
There’s a new acronym on the block: getting to know CNAPP
Cyber security and acronyms seemingly go hand in hand and every year there are new ones to learn and remember. From APTs and ZTNA to CASB and SIEM, the world of cyber security is full of them. Markus Strauss looks at CNAPP, one of the newest additions to the acronym list.
Read the article
• World
Seven important issues to consider when choosing a SaaS provider
In recent years, outsourcing business processes and applications via the Software-as-a-Service (SaaS) model has become hugely popular, not least in the business continuity world. As in all areas of procurement there are things to consider that make the difference between success and failure, as Jakub Lewandowski explains.
Read the article
• World
Better data protection: is the 3-2-1 rule still relevant?
The 3-2-1 rule has been at the heart of successful data protection strategies for many years. Christopher Rogers looks at whether it still has relevance in today’s rapidly changing technology and threat environment.
Read the article
• World
Cyber insurance and identity threat detection and response: partners in resilience
Cyber insurance is an important tool in overall cyber resilience, but obtaining it, and ensuring that any claims will be paid out, requires ongoing attention to other defensive areas. One of these is identity threat detection and response, and in particular the protection of Active Directory. James Doggett explains further...
Read the article
• World
A guide to using root cause analysis
This E-Book will help you understand and use root cause analysis (RCA) to address the underlying causes of incidents that impact your organization. This will help you take actions to ensure that the issue does not occur again.
Read the article
• World
NEWS ARTICLES
European Parliament approves new cyber resilience rules and amends DORA
In a European Parliament Plenary Session on Thursday 10th November the European Parliament considered two pieces of EU legislation relating to cyber and ICT resilience.
Read the article
• Europe
Defending digital supply chains remains a business challenge
BlueVoyant has released the findings of its third annual global survey into supply chain cyber risk management. The study reveals that 98 percent of firms surveyed have been negatively impacted by a cyber security breach that occurred in their supply chain.
Read the article
• World
The top ten emerging cyber threats according to ENISA
The European Union Agency for Cybersecurity (ENISA) has identified and ranked the ten top cyber security threats that it expects will emerge by 2030.
Read the article
• Europe / World
Cyber threat predictions for 2023: continued sharp rise in attacks expected
Hacktivism, deepfakes, attacks on business collaboration tools, new regulatory mandates, and pressure to cut complexity will top organizations’ security agendas over coming year.
Read the article
• World
Future of connectedness predictions: what will business continuity managers need to anticipate in this area?
International Data Corporation (IDC) has published its Future of Connectedness predictions for 2023 and beyond. The transition to hybrid work and more distributed workforces has created greater expectations from employees, customers, and partners for seamless anytime anywhere digital interactions to mission critical systems and processes says IDC.
Read the article
• World
How are email based cyber attacks developing?
New research from Hornetsecurity has revealed that 40.5 percent of work emails are unwanted. The Cyber Security Report 2023, which analysed more than 25 billion work emails, also reveals significant changes to the nature of email-based cyber attacks in 2022.
Read the article
• World
Study confirms that trust following a security breach is best retained when organizations are up front
Organizations that suffer security breaches in which customer information is put at risk are far more likely to retain consumer trust if they are swift in communicating the incident and are proactive in setting out a solution, according to new research from Durham University Business School.
Read the article
• UK / World
Human Risk Management Maturity Model developed to help measure human impacts on cyber risks
Living Security and CybSafe have jointly developed a new Human Risk Management Maturity Model, which aims to help organizations measure the impact of human activity on cyber risks.
Read the article
• World
Cyber attacks are challenging organizational business continuity capabilities
New research shows that the majority of organizations don’t have confidence that their business continuity strategies will be effective following a successful cyber attack.
Read the article
• Various
ENISA releases 10th edition of its annual Threat Landscape report
ENISA, the EU Agency for Cybersecurity, has published The ENISA Threat Landscape 2022 (ETL) report. The long-running annual publication looks at the current state of the cyber security threat landscape. The 10th edition covers a period of reporting starting from July 2021 up to July 2022.
Read the article
• Europe
How are cloud resilience, backup, and recovery developing?
Veeam Software has published Cloud Protection Trends Report 2023, covering four key ‘as a Service’ areas: infrastructure as a service (IaaS), platform as a service (PaaS), software as a service (SaaS), and backup and disaster recovery as a service (BaaS / DRaaS).
Read the article
• World
Automated threats caused majority of ecommerce security incidents in the past 12 months
Imperva, Inc., has published The State of Security Within eCommerce 2022 report, an analysis by Imperva Threat Research of cyber security threats targeting the retail industry.
Read the article
• World
Five reasons why UK businesses are removing workloads from public cloud platforms
Node4 has released its ‘Future of Hybrid Cloud’ report. Based on independent research it finds that, despite a generally positive view of public cloud platforms, half of UK IT managers said that they have had to migrate a workload back off a public cloud platform.
Read the article
• UK
OpenSSL Project issues High severity vulnerability patch
The OpenSSL Project, the organization that maintains the widely used OpenSSL software, has issued a vulnerability patch flagged as High severity. Prior to the announcement the release was widely briefed as being of 'Critical' severity. Whether this was industry analysts reading the runes incorrectly or whether it was clever expectation management by OpenSSL is unclear. Whichever is the correct explanation this is still a vulnerability that needs taking seriously and action needs to be taken.
Read the article
• World
Global study finds weaknesses in backup and recovery plans for remote workers
Arcserve has announced findings from its annual independent global research study which show that businesses are failing to adequately consider remote working in their data backup and recovery plans.
Read the article
• World
New version of ISO/IEC 27001 now available
ISO/IEC 27001, ‘Information security, cybersecurity and privacy protection - Information security management systems - Requirements’ the widely used information security management standard, has been updated and is now available.
Read the article
• World
Ransomware attacks decline overall but rise in UK, EMEA, and APJ
SonicWall has released new threat data through to the end of the third quarter of 2022. The company found that ransomware attacks have declined significantly globally.
Read the article
• World
Ransomware remains a top cyber risk for businesses: but other threats are growing
The latest Allianz Global Corporate & Specialty cyber report provides an overview of developments in the cyber threat landscape. ‘Cyber: The changing threat landscape’ says that ransomware remains a top cyber risk for organizations globally while business email compromise incidents are on the rise and will increase further in the ‘deep fake’ era.
Read the article
• World
New Cyber Security Governance Principles for Australian organizations
The Australian Institute of Company Directors (AICD) and the Cyber Security Cooperative Research Centre (CSCRC) have released a new set of governance principles to help organizations strengthen their cyber resilience.
Read the article
• World
CloudSEK warns about multiple vulnerabilities affecting Veeam Backup & Replication
CloudSEK says that analysis by its contextual AI digital risk platform, XVigil, has discovered several critical and high-severity vulnerabilities affecting Veeam Backup & Replication.
Read the article
• World
ENISA releases report exploring potential threats that will come from post-quantum cryptography
A new report published by the European Union Agency for Cybersecurity (ENISA) explores the necessity to design new cryptographic protocols and integrate post-quantum systems into existing protocols.
Read the article
• Europe / World
Balancing your resilience needs with the requirement to reduce carbon emissions
Distributing workloads across multiple locations helps users achieve resiliency. Users should be aware, however, that greater duplication can mean both higher costs, and greater carbon emissions. A new report from the Uptime Institute has explored this issue.
Read the article
• World
Report shows that organizational confidence in cyber and technology resilience decreases
‘Spotlight on: Cyber and technology’, a new research report from Beazley, shows a drop in business leaders’ confidence about their resilience to cyber and technology threats.
Read the article
• World
Cloud Server Privilege Management for Dummies eBook launched
Delinea has published Cloud Server Privilege Management for Dummies, a new eBook which looks at best practices for cloud server security to simplify complexities around securing access to business-critical resources.
Read the article
• World
One Health Joint Plan of Action launched to help reduce the risk of future pandemics
Four global organizations have jointly launched ‘One Health’ to create a framework to integrate systems and capacity to better prevent, predict, detect, and respond to emerging health threats; and to ultimately nip future pandemics in the bud.
Read the article
• World
Many cyber incident management plans may fail due to lack of resources
BlackBerry Limited has published new research highlighting the challenges organizations in all major sectors face in maintaining and improving their overall cyber security posture.
Read the article
• North America / UK
Microsoft Teams information missing from many backup plans
A survey for Hornetsecurity has found an ‘urgent need’ for greater attention to backup plans for Microsoft Teams, with nearly half of users (45 percent) sending confidential and critical information frequently via the platform.
Read the article
• World
New academic paper looks at the use of ‘infranetics’ as a framework for resilience and business continuity management
Infranetics, which is a combination of infrastructures and cybernetics, is highlighted as a possible new framework for managing resilience and business continuity, amongst other areas, according to a new academic paper.
Read the article
• World
CALL FOR PAPERS
Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com
You have subscribed to this
newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com
Read our privacy policy at https://www.continuitycentral.com/index.php/privacy-and-cookies
Continuity
Central is a registered trademark |
