In the last month, a lot has happened in the world of cybersecurity. Cyber threats are more numerous than ever before, which has brought both private sector and government organizations to take remediation actions seriously. Let’s break down some of the biggest stories of the last month.
Israeli Cybersecurity Firm Check Point Uncovers Major Security Flaw
Cybersecurity is an issue everywhere, even within some of the most secure and popular products. This makes it that much more important to be careful about the security of organizational data. Recently, an Israeli cybersecurity firm discovered a back door entrance (now closed) in a popular e-reader device that would allow hackers to send malicious e-books.
This exploit would have essentially offered hackers a means to take control of the e-reader along with, eventually, the credentials and private information of the user and their account. This is particularly dangerous as it would allow hackers to target individuals within certain demographics by deploying an e-book in a group’s language or dialect. This type of attack has an incredible degree of specificity that is sought after in the cybercrime community.
Cybersecurity Spending Is Rising As Workers Return to Offices. Here’s How to Play It
Working remotely has become popular since the beginning of the COVID-19 outbreak. As a result, organizations have had to rethink how they approach cybersecurity and restructure their cybersecurity strategies and plans. This also happens to be the case as workers return to offices or not (with the introduction of the Delta variant). The “work anywhere” ideology has forced organizations to bolster the protection of their devices, and the strength of their on-premises equipment and cloud-based applications.
This has made an impact on how security traders view the future of the cloud-security market. There have been a few of organizations that Barron’s says stand to benefit from these changes as they invest in these issues. This brings up the question of whether on-premises enterprise file sharing is right for organizations. Comparisons of on-premises versus the cloud can be a helpful way to learn what’s best.
Related Reading: How to Create a Cybersecurity Policy for Your Organization
Idaho Gov. Little's New Cybersecurity Task Force Targets Election Integrity and Security
Idaho’s Governor, Brad Little, is taking action on a promise he made at his state-of-the-state address: making cybersecurity a critical issue for the state of Idaho. Little announced that the government would be forming a new task force dedicated to the advancement of cybersecurity initiatives in the state. The hope, Little says, is to increase resources, partnerships and collaboration between organizations in order to protect from cybersecurity threats of the future.
In addition, Little says the task force will take a dedicated look into protecting election processes from tampering from outside forces. General elections will now be conducted following situational testing from cybersecurity firms.
The Cybersecurity 202
Usually, cybersecurity conferences are attended by crowds of people gathered to get the latest news and highlights from the cybersecurity community. Now, with the COVID-19 outbreak a part of life, cybersecurity conferences have become much less bustling. In-person attendance at Black Hat was about one-fourth what it normally is. Speakers have elected to give presentations online as opposed to in-person.
Though this is still useful, some, like Jay Kaplan, co-founder of the cybersecurity firm Synack, worry about the relationship building benefits that attending a cybersecurity conference in person may normally bring. Large booths are now being replaced by small banners urging attendees to visit virtual ones. Each convention and conference are adjusting to the new reality in different ways. Def Con and Black Hat, two major cybersecurity gatherings are hard at work to maintain the energy they have benefited from in previous years when in-person attendance was much higher.
Related Reading: 40 Cybersecurity User Groups, Forums & Communities to Join
Federal Cyber Agency Kicks Off Collaborative to Defend the U.S. Against Cyberattacks
The Cybersecurity and Infrastructure Security Agency (CISA) has begun a new effort to help defend the U.S. from the ever-increasing number of cyberattacks. The Joint Cyber Defense Collaborative (JCDC) will be drawing up and implementing plans for cyber security defense that will include coordinating operations and developing preventative measures. Overall, the goal will be to create robust cyber defense measures.
To help with these efforts, private sector groups will join in the fight alongside government agencies such as the FBI, departments of Defense and Justice, the National Security Agency, and others. These efforts have come in the wake of major cyberattacks on government agencies and private companies.
The State Department and 3 Other US Agencies Earn a D for Cybersecurity
Several U.S. agencies have earned D ratings for their cybersecurity. Others only fared slightly better. This is troublesome news as these agencies’ cybersecurity infrastructure seems hardly different from a report published two years ago. Since little has changed, government officials are attempting to change the trajectory of cybersecurity efforts in a more positive direction.
Here is how many departments were rated on their cybersecurity measures:
- Department of State: D
- Department of Transportation: D
- Department of Education: D
- Social Security Administration: D
- Department of Agriculture: C
- Department of Health and Human Services: C
- Department of Housing and Urban Development: C
- Department of Homeland Security: B
For all of 2020, the White House reported 30,819 information security incidents across the government which is an 8 percent increase from the prior year.
