Hello All,
Welcome. Here is what is interesting this week.
Roundup of new jobs and layoffs
Notice worth data breaches of the week
Slowing cloud growth | Revenue comparisons
98% of organizations work with a breached vendor. Introspection for organizations
Why CISOs need to become better Storytellers
US to go offensive on cyber security globally
Quad Security Challenge - US, India, Japan & Australia
What does information Security struggle the most with?
Do you know what is dwell time?
Microsoft’s investments in Security are paying off
VPC Visualization feature rolls out in AWS
7 daily habits for immediate ROI
Jobs Added and Layoffs
The US economy added 500k new jobs in January while layoffs continue. A Complete round-up of all the layoffs as the February kick-off is here
Noticeable cyber attacks and breaches of the week
Tallahassee Memorial Healthcare hospital had a cyber attack on Feb 3. This led to failing IT systems and downtimes and canceling or rescheduling outpatient procedures. No report of a data breach.
Sharp healthcare suffered a data breach with 63,000 patients' data compromised.
Truth Finder & Checkmate, suffered a data breach with 20 Million users' data stolen. These are prominent background check services.
A 9.4 Scorer Security vulnerability in Jira is now patched.
Cloud Growth in Q4
Cloud growth seems to be slowing, at least for the moment.
GCP - > from 38% in Q3 to 32% in Q4
Amazon -> from 27% to 20%
Microsoft - > from 35% to 31%
What is on customers' minds?
Focusing on optimizing their cloud infrastructure
Gartner predicts a 2.4% growth in revenue in 2023 compared to 2022.
98% of organizations work with a breached vendor
98% of the organizations work with at least one third-party vendor that has had a breach in the last two years. Security Scorecard and the cyentia institute Reported recently.
Vendors and 3rd parties are back doors, often exploited by attackers to gain access. It is common to see increased attacks on a small company (easier target) bought by a big brand (big pockets). The full report is here
Here is proof of why CISOs need to become great storytellers
Here are the top items board members are still struggling to understand. Cyber Security and Digital Transformation initiatives.
But what are their priorities -? Growing Revenues and Increasing profitability.
It is important to tie back the role of security to business acceleration. this is where CISOs need to dawn the communication hat and be great storytellers.
The full report is here https://www.diligentinstitute.com/wp-content/uploads/2023/01/What-Directors-Think-2023-Still-Taking-Care-of-Business.pdf
US goes offensive on cyber security
The US administration is preparing to go offensive against cyber criminals in a new policy draft. The policy will allow US law enforcement to hack the computer networks of criminals and foreign governments. This is a retaliatory measure against attacking American networks.
Quad Cyber Challenge- Australia, India, Japan & USA
The quad partners - Australia, India, Japan, and the USA are launching a "Quad Cyber challenge".
This is to promote safe and responsible cyber habits across these partner nations.
Some of the actionable things the challenge will promote are
Installing security patches and regular updates
Identity validation via MFA
Awareness in people to reduce phishing and online scams
Stronger passwords and moving to a passwordless future
What do Information Security teams struggle with the most?
Here is the biggest headache for them:
Poor passwords
Unpatched vulnerabilities
unpatched KEVs (Known Exploited vulnerabilities) associate with most "end-of-life" or "entering end-of-life" systems.
legacy systems are ripe targets.
and,
50% of the vulnerabilities fall under the Apple, CISCO, Microsoft, and Adobe packages.
This is a great data point for CISO and Security leaders out there.
so, What is the answer?
Automation in patching and tracking non-compliance.
Move to passwordless authentication
Dwell time?
Do you know what the term - "Dwell Time" means in the cyber threat and security landscape? It is the period between the initial compromise made in the system, and the final attack(the showdown).
It is the period when the Organisation can stop or limit the damage.
As per mandiant, the dwell time in 2022/23 is only 5 days for ransomware attacks.
Microsoft’s Security investments pay off
Microsoft is earning $20B every year from Cyber Security. In past newsletters, I have written about Microsoft's increasing investments in this space. Microsoft leads all 4 Gartner security segments. Unified endpoint management tools, Access mgmt, Enterprise information archive, and Endpoint protection platforms.
Since 2015, MSFT is investing $1B in the security space.
Plus they have made over 10 acquisitions in the past 7 years in this domain.
My daily habits that are helping my work, life, and health
https://www.isaurabhmittal.com/things-that-have-an-immediate-return-on-time-investment/
VPC visualization now available on AWS
AWS rolled out a feature to visualize VPCs and their connectivity on a single pane. Early days of a welcome feature. https://aws.amazon.com/blogs/aws/new-visualize-your-vpc-resources-from-amazon-vpc-creation-experience/
That is it.