This newsletter highlights all the feature articles published on Continuity Central during August 2022, as well as various resources.

NOTE: If you cannot read this newsletter properly visit www.continuitycentral.com/roundupsept2022.html

FEATURE ARTICLES

Achieving high availability for SAP HANA
Organizations across the globe rely on SAP ERP systems to maintain their essential applications. As deadlines draw nearer for moving to SAP’s HANA database, IT teams need to consider the potential complexity of implementing high availability and disaster recovery for these systems says Ian Allton.
Read the article
• World

The UK’s National Resilience Strategy: what can we expect?
During the coming months it is expected that the UK Government will launch a National Resilience Strategy that will focus on greater openness about risk, more action on prevention, and an ambitious whole-of-society approach. Robert Hall looks at what this might mean in practice…
Read the article
• UK

Exploring the business risks associated with transitioning to a low-carbon economy
Antea Group looks at the risks that risk managers will need to consider during the coming transition to a low carbon economy and provides some advice to help organizations move forward in this area.
Read the article
• World

Resilient organizations make psychological safety a strategic priority
A new Harvard Business Review article, written by Maren Gube and Debra Sabatini Hennelly, looks at the role of psychological safety within resilience and business continuity.
Read the article
• World

Embedding culture into business continuity planning
When culture is discussed within business continuity standards and guidance documents it usually refers to the internal corporate culture. However, in this paper Wallace W. Koenning, Jr. looks at external culture and influencers of this; and discusses ways to consider it within business continuity programs.
Read the article
• World

Don’t let the skills gap hinder cyber resilience
Securing the right talent has always been a challenge in the technology field, but it is now more pressing than ever and is critical for effective cyber resilience. Bryan Patton says that automation is one of the keys to dealing with this area.
Read the article
• World

What are digital twins and how can they be used in risk and resilience?
Digital twins are increasingly being used to model systems of interconnected things. Here Matthew Margetts defines what a digital twin is, and suggests where the technology is headed.
Read the article
• World

A big step towards cyber resilience is to put an end to passwords
Passwords are outdated, vulnerable, and an unacceptable basis for cyber resilience in today’s organizations says Patrick McBride. In this article he explains why this is the case and looks at the way forward.
Read the article
• World

The effectiveness of risk assessments in risk workshops: the role of calculative cultures
A new open access paper by authors from the University of Groningen and the Hamburg University of Technology looks at how pre-existing attitudes of participants in risk workshops affects the outcomes of risk assessments.
Read the article
• Europe / World

Applying the Swiss cheese model to cyber resilience
The Swiss cheese model is a risk management technique that is transferrable to cyber resilience management. Thomas Muller-Martin explains what it is and describes the benefits of such an approach.
Read the article
• World

Now is the time to plan for the next pandemic
Given our recent experience and learnings from COVID-19, there are no excuses for business leaders not to be prepared for the next pandemic event. Mike Steere says that although COVID-19 impacts are reducing, businesses must accelerate planning to strengthen resilience for the next pandemic.
Read the article
• World

The importance of developing defensible deletion practices
Ever-increasing data volumes can hamper organizations, creating enterprise risks. So how do you create defensible deletion practices to improve data risk management? Ray Pathak explains…
Read the article
• UK / World

The number of organizations unable to afford adequate cyber insurance cover is set to double in 2023
The number of organizations that will be either unable to afford cyber insurance, be declined cover, or experience significant coverage limitations is set to double in 2023, warns Huntsman Security.
Read the article
• World

The operational resilience and business continuity debate
Continuity Central recently published ‘Business continuity and operational resilience – how different are they really?’ - an article exploring where the two disciplines merge together and where they don’t. Here are comments received from readers in response…
Read the article
• World

Cyber risk management: an overview
This article by Alberto G. Alexander, Ph.D, focuses on the major components of an effective cyber risk management process. Different options for establishing a cyber risk framework are presented and best practices for cyber risk management are suggested.
Read the article
• World

RESEARCH, REPORTS & PUBLICATIONS

New OnSolve threat report highlights the growing risk to businesses from increasing social unrest
OnSolve has published a new report, ‘CEO Brief: Global Risk Impact Report’. The report identifies trending physical threats worldwide which can halt the global economy and impact businesses directly.
Read the article
• World

CISA issues advice for preparing critical infrastructure for post-quantum cryptography
The US Cybersecurity & Infrastructure Security Agency (CISA) has released a new guidance document ‘CISA Insights: Preparing Critical Infrastructure for Post-Quantum Cryptography’.
Read the article
• US / World

New study reveals the current concerns of CISOs
Nuspire has released findings from its annual research study, revealing CISO challenges, priorities and key trends as well as the drivers behind purchasing decisions.
Read the article
• US

Cyber warfare is here to stay and every organization is a target…
Venafi has published the findings of new research that evaluates the security impact of the increasing number of nation-state attacks and recent shifts in geopolitics. The survey of over 1,100 security decision makers globally found that 66 percent of organizations have changed their cyber security strategy as a direct response to the conflict between Russia and Ukraine.
Read the article
• World

Updated version of BS 65000 organizational resilience standard now available
The British Standards Institution (BSI) has released a revised version of its BS 65000 organizational resilience standard. BS 65000:2022 is now a code of practice, having being upgraded from a guidance document.
Read the article
• UK

New study looks at the risks associated with ‘identity sprawl’
Radiant Logic has published a new study, the ‘Identity Data Management: Roadblock or Business Enabler’ report, providing insights into today’s identity management challenges.
Read the article
• World

World’s preparedness for volcanic risks strongly criticised by researchers: supply chain, climate, and food security risks are being ignored
The world is ‘woefully underprepared’ for a massive volcanic eruption and the likely repercussions on global supply chains, climate, and food security, according to experts from the University of Cambridge’s Centre for the Study of Existential Risk (CSER), and the University of Birmingham.
Read the article
• World

Backup Monitoring Trends Report published by Bocada
Bocada recently commissioned a survey of over 260 IT professionals responsible for managing or influencing backup operations. The results showed that while traditional backup monitoring challenges continue to plague backup professionals, new issues are also impacting the category.
Read the article
• World

DDoS attacks climb by more than 200 percent in first half of 2022
Radware has released its First Half 2022 Global Threat Analysis Report. The mid-year report leverages intelligence provided by network and application attack activity sourced from Radware’s Cloud and Managed Services, Global Deception Network, and threat research team.
Read the article
• World

Social engineered response-based email is an increasing threat to organizations
Response-based attacks targeting corporate inboxes have climbed to their highest volume since 2020, representing 41 percent of all email-based scams targeting employees, during Q2 of this year. This is according to the latest Quarterly Threat Trends & Intelligence Report from Agari and PhishLabs, part of the HelpSystems cyber security portfolio.
Read the article
• World

New attack method could target industrial control systems
Team82 has identified a novel attack that weaponizes programmable logic controllers (PLCs) in order to exploit engineering workstations. The method is being termed the ‘Evil PLC Attack’ by Team82.
Read the article
• World

Researchers highlight how cascading extreme weather events risk damaging entire socioeconomic systems
HP Inc. has released its quarterly Threat Insights Report revealing that cybercriminals are shifting to shortcut (LNK) files to deliver malware. Shortcuts are replacing Office macros – which are starting to be blocked by default in Office – as a way for attackers to get a foothold within networks by tricking users into infecting their PCs with malware.
Read the article
• World

Quarterly HP Wolf Security Threat Insights Report highlights growing use of shortcut files to deliver malware
The cascading effects of extreme weather – such as heatwaves which combine heat and drought – and the interconnectedness of critical services and sectors has the potential to destabilize entire socioeconomic systems, according to a new study published in PLOS Climate by Laura Niggli at University of Zurich, Switzerland, and colleagues.
Read the article
• Europe / World

Updated version of Cyber Operational Resilience Intelligence-led Exercises (CORIE) framework released
The Australian Council of Financial Regulators has released an updated version of the Cyber Operational Resilience Intelligence-led Exercises framework (CORIE framework v2.0). The CORIE framework was developed to aid preparation and execution of industry-wide financial sector cyber resilience exercises.
Read the article
• Australia

Q2 2022 Quarterly Threat Report shows continued high growth in cyber threats
Nuspire has published its Q2 2022 Quarterly Threat Report. The report outlines new cybercriminal activity and tactics, techniques, and procedures (TTPs) and is sourced from over a trillion traffic logs gained from Nuspire client sites and associated with thousands of devices around the globe.
Read the article
• World

Global commercial insurance trends: continued high growth in the cost of cyber insurance
Global commercial insurance prices increased 9 percent in the second quarter of 2022 (down from an 11 percent increase in Q1), according to the Global Insurance Market Index released today by Marsh, however strong growth was seen in the cost of cyber insurance.
Read the article
• World

How are Australian financial sector organizations carrying out climate risk management?
The Australian Prudential Regulation Authority (APRA) has published the findings of its latest climate risk self-assessment survey conducted across the banking, insurance and superannuation industries.
Read the article
• Australia

Malicious API traffic doubled over the past 12 months
Salt Security has released the Salt Labs State of API Security Report, Q3 2022. In its latest edition, the bi-annual report found that 94 percent of survey respondents experienced security problems in production APIs in the past year, with 20 percent stating their organizations suffered a data breach as a result of security gaps in APIs.
Read the article
• World

Ransomware attacks: many organizations under-estimate the cost of recovery
Ransomware attacks show no sign of slowing and organizations often under-estimate the cost of recovery, according to a new research report, '2022 Impacts: Ransomware attacks and preparedness', published by Menlo Security.
Read the article
• US / UK

Cyber attacks have become ‘firmly entrenched as a state-level weapon’
Check Point Research (CPR) has published its ‘Cyber Attack Trends: 2022 Mid-Year Report’ highlighting how cyber attacks have become firmly entrenched as a state-level weapon, including the new ransomware method of ‘Country Extortion’ and state-affiliated hacktivism.
Read the article
• World

Risk managers increasingly involved in corporate strategy
The Federation of European Risk Management Associations (FERMA) has now published the results of its 2022 European Risk Manager Survey, in cooperation with PwC France. The results confirm that we are in a period of transition in which risk managers are increasingly involved in corporate strategy.
Read the article
• Europe / UK

Public cloud costs versus resiliency: stateless applications
A new report from the Uptime Institute quantifies the costs, levels of resiliency, and outage compensation of different stateless cloud application architectures.
Read the article
• World

ENISA says that reported ransomware attacks are only the tip of the iceberg
A new threat landscape report on ransomware attacks published by the European Union Agency for Cybersecurity (ENISA) analysed a total of 623 ransomware incidents across the EU, the United Kingdom, and the United States for a reporting period from May 2021 to June 2022.
Read the article
• Europe / UK / US

CALL FOR PAPERS

Written a relevant article or white paper? We'd like to consider it for publication on Continuity Central. Simply e-mail editor@continuitycentral.com

PRIVACY NOTICE

You can read our privacy information at https://www.continuitycentral.com/index.php/privacy-and-cookies

You have subscribed to this newsletter. To unsubscribe visit:
http://www.continuitycentral.com/index.php/unsubscribe or e-mail webmaster@continuitycentral.com

Continuity Central is a registered trademark