This newsletter highlights all the feature articles published on Continuity Central during May 2022, as well as various resources.

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/roundupjune2022.html

FEATURE ARTICLES

The benefits that microsegmentation can bring to cyber resilience
Network segmentation isn’t a new concept but it can bring benefits when protecting organizations from emerging cyber threats. Prof. Avishai Wool discusses how to use microsegmentation to better secure networks before the next cyber attack.
Read the article
• World

Why relying on multi-factor authentication is a dangerous tactic
Multi-factor authentication (MFA) is now a common aspect of access control systems, strengthening password-only approaches. However MFA has proven to be vulnerable to attackers and over reliance on it can put an organization at risk. Julia O’Toole explains…
Read the article
• World

Resilience risks: cryptocurrency and blockchain
Resilience and risk professionals, particularly those from a non-IT background, need to develop their overall understanding of emerging technologies says Luke Bird, FBCI. How else are they going to be able to fully appreciate the magnitude of risks potentially facing their business? In this article Luke gives a backgrounder on cryptocurrency and blockchain in the context of risk.
Read the article
• World

Where business continuity comes in: why your cyber security must be designed for recovery
One of the biggest falsehoods of cyber security is that it is an IT problem. Any cyber breach, whether caused by ransomware or another attack type, is a business continuity issue says Edwin Weijdema.
Read the article
• World

Bribery and corruption are enterprise risks that need to be planned for
Bribery and corruption is often greater in times of crisis and the pandemic has only aggravated vulnerabilities further. Leas Bachatene explains why the importance of having a strong anti-bribery and anti-corruption programme in place has never being greater.
Read the article
• World

Why World Password Day should be retired…
5th May was the latest World Password Day, but it should be the last one says Sanjay Gupta. Passwords are an outdated, hackable idea, which organizations should move on from he says…
Read the article
• World

Prudential Regulation Authority sets out next steps in UK operational resilience roadmap
In a recent speech, the PRA’s David Bailey set out the regulator’s view of the progress that firms have made in terms of operational resilience and looked ahead to the 2025 full compliance deadline.
Read the article
• UK

RESEARCH, REPORTS & PUBLICATIONS

The State of Cyber Resilience: no progress in executive confidence
Almost three years of unrelenting workplace disruption, digital transformation, and ransomware attacks means that most organizational leaders are no more confident in their ability to manage cyber risk than they were two years ago. This is according to a new report published by Marsh and Microsoft.
Read the article
• World

Sustainability risks are the top long term organizational concern finds FERMA survey
FERMA has released the results of its 2022 European Risk Manager Survey conducted in partnership with PWC France. The Survey has taken place every other year since 2001/2002 and this is the first one to be completed since the pandemic.
Read the article
• World

Guide to developing impact tolerances published
Castellan Solutions has released a guide designed to help organizations ‘effectively navigate the effort of building impact tolerances and preparing to stress test them’.
Read the article
• World

NIST issues new guide on using blockchain in access control systems
NIST has published NIST Internal Report (NIST IR) 8403, Blockchain for Access Control Systems, providing guidance for organizations looking to blockchain as a method of improving security.
Read the article
• US / World

Study highlights a ‘dangerous disconnect’ within UK businesses when it comes to cyber resilience
Deep Instinct has released the results from new research highlighting the role that executive leadership teams play in their organizations’ cyber resilience.
Read the article
• UK

Employees leaving without providing password details resulted in business continuity issues for nearly a third of organizations
A survey conducted by Pulse on behalf of Hitachi ID has found that organizations often find it difficult to obtain mission critical passwords from employees when they leave the organization.
Read the article
• World

Attackers turn to vishing: 550 percent increase seen in vishing attacks
Vishing (voice phishing) cases have increased almost 550 percent over the twelve month period Q1 2021 to Q1 2022, according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs.
Read the article
• World

Annual DDoS Threat Intelligence Report highlights emerging trends
Corero Network Security has published the latest edition of its annual DDoS Threat Intelligence Report that compiles the trends, observations, predictions, and recommendations based on DDoS attacks against Corero customers during 2021.
Read the article
• World

Supply chains need to be reinvented for resilience
A new Accenture report, 'From Disruption to Reinvention - The future of supply chains in Europe', published at the World Economic Forum’s Annual Meeting in Davos looks at how supply chain disruptions are likely to play out across Europe.
Read the article
• Europe

A third of organizations that pay ransoms are still unable to recover data
27.7 percent of Internet traffic in 2021 was made up of ‘bad bot’ activity and related account takeover and online fraud risks increased, according to the latest threat research from Imperva.
Read the article
• World

Bad bots are a risk to digital businesses: and they are increasing
Veeam Software has released the results of its 2022 Ransomware Trends Report. This highlights some of the business impacts that are being felt due to ransomware attacks.
Read the article
• World

RIMS survey highlights best practices to address and leverage emerging risks
Integrating emerging risk considerations into an ongoing risk management program is necessary to avoid future surprises, achieve strategic objectives, and deliver long-term value, according to a newly published RIMS Executive Report ‘Navigating the Complexities of Emerging Risks’.
Read the article
• World

During the past year the majority of organizations have activated disaster recovery response plans
Zerto, a Hewlett Packard Enterprise company, recently commissioned IDC to conduct a major ransomware and disaster preparedness survey, which found that 79 percent of respondents have activated a disaster recovery (DR) response within the past 12 months.
Read the article
• Various

UK Disruption Index launched to assess resilience of key business sectors
GHD has launched its inaugural UK Disruption Index, which evaluates which UK industries have established resilience, and which are most susceptible to future shock and disruption.
Read the article
• UK

Data Storage Outlook report: multi-cloud support capabilities generate renewed interest in tape
Spectra Logic has announced the release of its seventh Data Storage Outlook report. This explores how the world manages, accesses, uses and preserves its ever-growing data repositories.
Read the article
• World

2022 Political Risk Report: competition for planetary and space resources point to an unstable future‌
Rising competition for supremacy over soil, sea, and space will fuel future global geopolitical tensions as nations seek to stake their claims on sea-based borders, previously untapped mineral resources, and the all-but-unregulated cosmos according to a new report from Marsh.
Read the article
• World

Financial stability risks from cloud outsourcing explored in new ESMA working paper
ESMA, the European Securities and Markets Authority, has issued a working paper on ‘Financial stability risks from cloud outsourcing’. The paper discusses the dependencies that now exist, where a single outage at a cloud service provider (CSP) could have widespread impacts across the financial sector.
Read the article
• Europe / World

Pandemic drops out of top three UK financial sector risks
The results of the Bank of England’s 2022 H1 Systemic Risk Survey shows that the UK’s financial sector firms view of current key risks is changing. Firms are currently most concerned about cyber, geopolitical and inflation-related risks; with pandemic risks slipping down the order.
Read the article
• UK

Supply chain resilience explored: new report looks how at businesses are responding to current supply chain issues
Interos has published ‘Resilience 2022’, the second edition of the company's Annual Global Supply Chain Report.
Read the article
• World

NIST cybersecurity guidance for supply chain risk management updated
After a multiyear development process NIST has released ‘Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations’ which updates previous guidance in this area.
Read the article
• US / World

New research reveals UK critical infrastructure operators concerns about cyber warfare
72 percent of cyber security decision makers at critical national infrastructure (CNI) organizations reported seeing a rise in cyber attacks since the start of invasion of Ukraine by Russia, according to new research by Bridewell.
Read the article
• UK

New TPRM study shows that organizations are not equipped to handle increasing third-party security incidents
A new survey-based report from Prevalent, Inc., shows that, although organizations are starting to adapt their third-party risk management (TPRM) programs to address new and emerging non-IT risks, much more needs to be done to grow and mature these programs.
Read the article
• World

New NIST guidance on platform security and data protection for cloud and edge computing
The US National Cybersecurity Center of Excellence (NCCoE) has announced the release of NIST Internal Report (NISTIR) 8320, Hardware-Enabled Security: Enabling a Layered Approach to Platform Security for Cloud and Edge Computing Use Cases.
Read the article
• US / World

Cyber resilience horizon scanning: AI will be the next frontier
Devo Technology has released the results of a new study that found that artificial intelligence (AI) ‘is an innovation battleground between cybercriminals and enterprises’.
Read the article
• World

State of Ransomware shows huge growth in threat and impacts
Sophos has released its annual survey and review of real-world ransomware experiences in its ‘State of Ransomware 2022’ report. This shows that 66 percent of organizations surveyed were hit with ransomware in 2021, up from 37 percent in 2020.
Read the article
• World

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

PRIVACY NOTICE

You can read our privacy information at https://www.continuitycentral.com/index.php/privacy-and-cookies

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

Continuity Central is a registered trademark