KPMG-(ISC)2 Team to Conduct Federal Cybersecurity Survey; Dan Waddell Comments

JANE EDWARDS | April 26, 2016

article image
KPMG and nonprofit organization (ISC)2 have teamed up to poll government information security leaders on cybersecurity issues within the federal government.The survey will ask federal executives with data security responsibilities, chief information officers and chief information security officers on how they plan to implement the Cybersecurity National Action Plan, (ISC)2 said Wednesday.The survey will also include inquiries on federal agencies’ response to the data breach at the Office of Personnel Management, how federal departments prioritize cybersecurity and factors that motivate federal cybersecurity executives to stay in the government.“As evidenced by the announcement of the new federal CISO position, the federal cyber executive perspective has an increasing role in helping government leaders make complex business decisions,” said Dan Waddell, managing director for North American region at (ISC)2.

Spotlight

Corelight, Inc

Corelight (formerly Broala) was founded by the scientists and technologists who created the Bro network monitoring platform, now protecting thousands of organizations worldwide including some of the largest and most complex. We aim to build exceptional tools for cybersecurity and network monitoring, and to generate an ongoing revenue stream for the open-source Bro project.

OTHER ARTICLES

What Lessons Can We Takeaway from Las Vegas’ Recent Thwarted Cyberattack?

Article | February 27, 2020

Picture this: a news story detailing a cyberattack in which no data was exfiltrated, thousands (or even millions) of credit card details weren’t stolen, and no data was breached. While this isn’t the type of headline we often see, it recently became a reality in Las Vegas, Nev. On January 7, 2020, news broke that the city of Las Vegas had successfully avoided a cyberattack. While not many details were offered in the city’s public statement, local press reported that the attack did employ an email vector, likely in the form of a direct ransomware attack or phishing attack. The use of the word “devastating” in the public statement led many to believe ransomware was involved. This inference isn’t farfetched—and is likely a correct conclusion—given that cities throughout the U.S. have seen ransomware attacks on critical systems. Attacks that have cost those cities millions of dollars.

Read More

COVID-19 and Amygdala Hijacking in Cyber Security Scams

Article | April 9, 2020

What races through your mind when you see “Coronavirus” or “COVID-19”? Fear, anxiety, curiosity… these internal reactions can prompt actions that we may not normally take. Recent attacks have been sending out mandatory meeting invites that ask you to log in to accounts. Others have been receiving emails to put themselves on a waiting list for a vaccine or treatment. The heightened emotions we experience when we see emails, or messages like this, may prompt us to give personal information out more willingly than we usually would. Security awareness takes a back seat as emotion takes over. It’s known as amygdala hijacking. Why does this happen to us? The amygdala is a small part of the brain that is largely responsible for generating emotional responses. An amygdala hijack is when something generates an overwhelming and immediate emotional response.Many common cyber security scams use amygdala hijacking to their benefit. We see this used often in phishing, vishing, SMShing, and impersonation attacks. Chris Hadnagy of Social-Engineer, LLC did a case study on amygdala hijacking in social engineering.

Read More

Malicious coronavirus map hides AZORult info-stealing malware

Article | March 11, 2020

Cyberattackers continue to seize on the dire need for information surrounding the novel coronavirus. In one of the latest examples, adversaries have created a weaponized coronavirus map app that infects victims with a variant of the information-stealing AZORult malware. The malicious online map, found at www.Corona-Virus-Map[.]com, appears very polished and convincing, showing an image of the world that depicts viral outbreaks with red dots of various sizes, depending on the number of infections. The map appears to offer a tally of confirmed cases, total deaths and total recoveries, by country, and cites Johns Hopkins University’s Center for Systems Science and Engineering as its supposed data source. Malwarebytes issued a warning about the map last week, and Reason Cybersecurity this week has followed up with its own blog post, reporting additional details on the scam, gathered by Reason Labs researcher Shai Alfasi.

Read More

SASE: A NEXT-GENERATION CLOUD-SECURITY FRAMEWORK

Article | November 3, 2020

The ongoing pandemic has forced organizations across the globe to install work-from-home policies. A majority of the workforce in various industries, especially IT, have already adapting to working remotely. With a sudden rise in remote users and growing need and demand for cloud services, a huge volume of data is being transmitted between datacenters and cloud services. This has also given rise to the increased need for network security and a safer means of data transmission. The existing network security approaches and techniques are no longer dependable for the required levels of security and access control. To secure these surging digital needs, Gartner debuted an emerging cybersecurity framework in the form of what it calls SASE.

Read More

Spotlight

Corelight, Inc

Corelight (formerly Broala) was founded by the scientists and technologists who created the Bro network monitoring platform, now protecting thousands of organizations worldwide including some of the largest and most complex. We aim to build exceptional tools for cybersecurity and network monitoring, and to generate an ongoing revenue stream for the open-source Bro project.

Events