#cyberthreats

In today’s DailyCyber Podcast I first want to wish you a Happy 2021 and hope you, your family are healthy as well as safe. In this podcast I am going to covering my goals for 2021 and what I am seeing for this year in Cyber Security.  

Articles I cover: 

2021 Cyber Security Predictions:

https://cisomag.eccouncil.org/cybersecurity-predictions-2021/

CCIO Certification

https://ciso.eccouncil.org/cciso-certification/

Brandon’s Speaking Engagement 

https://brandonknss.krtra.com/t/qZwG0D7FJyXc

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I discuss what I am working on, a few articles in the Cyber Security News and wishing you and your family a Happy Holiday!  

Articles I cover: 

Microsoft Warns CrowdStrike of Hackers Targeting Azure Cloud Customers

https://thehackernews.com/2020/12/microsoft-warns-crowdstrike-of-hackers.html

Windows Zero-Day Still Circulating After Faulty Fix

https://threatpost.com/windows-zero-day-circulating-faulty-fix/162610/

Why cybersecurity tools fail when it comes to ambiguity

https://www.techrepublic.com/article/why-cybersecurity-tools-fail-when-it-comes-to-ambiguity/#ftag=RSS56d97e7

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I have the fortunate opportunity to interview Dr. Eric Cole who is an expert in Cyber Security industry. He helps companies and CISO protect their organizations. 

You can connect with Dr. Eric Cole here:
 

Website: https://secure-anchor.com/

LinkedIn: https://www.linkedin.com/company/secure-anchor-consulting/

Twitter: https://twitter.com/drericcole

YouTube: https://www.youtube.com/channel/UCwg_j4TF1dnP9OZFXzYussA

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

SolarWinds Cyber Security Breach | DailyCyber 243 ~ Watch Now ~

In today’s DailyCyber Podcast I discuss how are things going in the Pandemic in the GTA. I also go through the SolarWinds and FireEye Breach. 

Microsoft, FireEye confirm SolarWinds supply chain attack

https://www.zdnet.com/article/microsoft-fireeye-confirm-solarwinds-supply-chain-attack

The CyberWire DailyBriefing For 12.14.20

[https://thecyberwire.com/newsletters/daily-briefing/9/239]

Cozy Bear

https://en.wikipedia.org/wiki/Cozy_Bear

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

In today’s DailyCyber Podcast I share what I have been working on, new Meetup group, CISSP study group…etc I also discuss what I am finding in the news. See articles below  

Toymaker Mattel Hit by Ransomware Attack

https://threatpost.com/mattel-hit-by-ransomware/160947/

Endpoint Security Extends to the Cloud

https://cisomag.eccouncil.org/endpoint-security-cloud/

What is the “Cyberchology of Human Error” in Cybersecurity?

https://cisomag.eccouncil.org/human-error-in-cybersecurity/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

In today’s DailyCyber Podcast I discuss the successes and failures of Cyber Security through the Pandemic. 

New Normal Effect! 85% of Organizations Say Cybersecurity is More Important than Ever

https://cisomag.eccouncil.org/new-normal-effect-85-of-organizations-say-cybersecurity-is-more-important-than-ever/

Security Officers, Are Your Employees Practicing Good Habits from Home?

https://www.darkreading.com/vulnerabilities---threats/security-officers-are-your-employers-practicing-good-habits-from-home/a/d-id/1338986?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

Netflix: The Social Dilemma 

https://www.netflix.com/ca/title/81254224

Guide: Scale or Fail — Why MSSPs Need Multitenant Security Solutions**

https://thehackernews.com/2020/10/multitenant-cybersecurity-solution.html

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

In today’s DailyCyber Podcast I have a good friend of mine Neal Bridges on the Podcast to discuss the current Cyber Security posture companies should be looking at through the Pandemic. 

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I dive into the legal side of Cyber Security and why it’s important to understand these principals. I also cover these news articles:

https://www.bleepingcomputer.com/news/security/new-ransomware-vaccine-kills-programs-wiping-windows-shadow-volumes/

https://www.bleepingcomputer.com/news/security/why-everyone-should-disable-vssadminexe-now/

https://www.bleepingcomputer.com/news/security/new-jersey-hospital-paid-ransomware-gang-670k-to-prevent-data-leak/

https://www.techrepublic.com/article/vulnerable-supply-chains-introduce-increasingly-interconnected-attack-surfaces/#ftag=RSS56d97e7

https://cisomag.eccouncil.org/4-83-mn-ddos-attacks-reported-globally-in-h1-2020/

https://www.securitymagazine.com/articles/93482-uhs-hospitals-hit-by-ryuk-ransomware-forced-to-shut-down-systems

https://youtu.be/u0Q8OzTicnw

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I provide an update on what is going on with companies Cyber Security and what you should be aware of. 

Today I cover these Cyber Security articles: 

https://cisomag.eccouncil.org/under-attack-2000-magento-stores-hacked-in-a-magecart-campaign/

https://www.darkreading.com/iot/more-printers-could-mean-security-problems-for-home-bound-workers/d/d-id/1338895?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I have my guest host Neal Bridges Cyber Security influencer on my Podcast with me. We discuss what is going on in the industry, sales strategies and Cyber Security advice. 

Today we cover these three news articles to share what is going on in the industry: 

https://cisomag.eccouncil.org/cyber-insurance-claims/

https://cisomag.eccouncil.org/implementing-zero-trust-network/

https://cisomag.eccouncil.org/psychology-of-human-error-could-help-businesses-prevent-security-breaches/

To follow Neal check him out: 

https://www.twitch.tv/cyber_insecurity

https://www.youtube.com/channel/UCL4JGzitDkX5TOwzs9A02Kg

https://twitter.com/ITJunkie

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast is my first Live Stream with my friend and Cyber Security influencer Neal Bridges. We discuss what is going on in the industry, sales strategies and Cyber Security advice

To follow Neal check him out: 

https://www.twitch.tv/cyber_insecurity

https://www.youtube.com/channel/UCL4JGzitDkX5TOwzs9A02Kg

https://twitter.com/ITJunkie

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I discuss two topics I keep hearing more about through my conversations with colleagues and through Cyber Security news:

CISO Dialogue: How to Optimize Your Security Budget

"There are many different approaches to managing a security budget, and CISOs organize and prioritize uniquely based on the company, industry, and threats. Three consistent areas of spending are identity and access management (IAM), global risk and compliance (GRC), and security operations,” Brett Wahlin CISO of Amazon Prime Video noting:

* IAM is always a mess because no one wants to deal with access management, passwords, access sprawl, and so on.  

* GRC is difficult because there are always new regulations to remain compliant with; privacy, in particular, is an ongoing challenge.

* With security operations, levels of effectiveness vary. Wahlin posed several questions for consideration. "Is it in-house? Are you outsourcing to an MSSP? How are you measuring effectiveness? It's an area where I often have to retool from a people, process, and technology standpoint."

Top Tips for New CISOs

Brett Wahlin concluded with a breakdown of the most important things he would recommend a new CISO look at, both budgetary and beyond:

* Look at the three most problematic areas: IAM, GRC, and SecOps. You can always find things to fix, and it will give you some quick wins.

* Know your industry and how your security program can help the company grow.

* You need to be able to constantly communicate the value you're bringing to the table — it's how you'll get budget and, more importantly, it's how you keep it.

* "Partnering with the business" is not just a catch phrase batted around at security conferences. Learn what it means for your company and be a good partner.

* Think like an architect: As you build a program, how do the different functions interact with each other? How do you plan to grow based on shared communication?

* Don't be afraid to pull something out if it's not raising the security bar for your company.  

https://www.darkreading.com/operations/ciso-dialogue-how-to-optimize-your-security-budget-/a/d-id/1338055

76.36% Believe Cloud Service Provider is Responsible for Security: CISO MAG Market Trends Report

From CISO Mag’s Cloud Security survey then found

76.36% said that cloud service providers (CSP) is entirely responsible for the security of the cloud

23.64% they said 40% in the article - stated the responsibility is on the cloud consumer  

Looking at these numbers you can tell that the “Shared Responsibility” as Amazon refers to it. Is not truly understood just by this survey alone.  

AWS defined a Shared Responsibility model that says “Security of the Cloud” is the responsibility of the CSP (Cloud Security Provider), but “Security in the cloud” is the responsibility of the customer. This model is gradually being accepted in the industry.

https://www.cisomag.com/shared-responsibility-model/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below

In today’s DailyCyber Podcast I discuss the 25% increase in Ransomware in the first quarter in 2020. What to know and what should you do.

Here are some facts for you from the Beazley Breach Insight Report: 

-Manufacturing Sector 156 % increase off incidents quarter to quarter

-Financial Sector and Healthcare continue to be the most affected which together account to almost 50% of all ransomware attacks reported in Q1 of 2020 

Q1 2020 Ransomware incidents:

26% Financial Institution 

24% Healthcare 

9% Manufacturing 

7% Professional services 

6% Retail

6% Education 

For more information 

https://www.cisomag.com/ransomware-attacks-rise-q1-2020/

How to protect you and your company:

1. Security systems are up to date

2. Work from home systems

   1. Are up to date and patched

   2. Have up to date endpoint and/or anti-virus protection

   3. Home network is secure

   4. VPN connect to work

   5. Family members on the home network are secure as well

3. Cyber Security Awareness training

   1. For employees and their families who are using the home network

4. Corporate polices are up to date

   1. Acceptable Use Policy

   2. Disaster Recovery

   3. Business Continuity

   4. Incident Response

   5. Breach Response

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below 

In today’s DailyCyber Podcast I discuss what are the biggest Cyber Security challenges for companies for the next 12 months. 
 

• Digital Transformation “DX” (DX spending globally is estimated at $7.4 trillion between 2020 and 2024)
• Digital Transformation Vulnerabilities
• Ransomware attack costs on average $80,000 to restore data
• The biggest challenge that will impact organizations within the next 12 months is cyberthreats (32%). Shortage of skills to implement technology (30%) and meeting changing customer needs (29%) were also cited as key hurdles.
• Lack of staff to work on new initiatives (42%) was cited as the most impactful data protection challenge organizations currently have. Lack of budget for new initiatives and lack of visibility on operational performance were also cited.
• Over a third (39%) of respondents said the ability to improve the reliability of backups is the most likely reason to drive their organization to change its primary backup solution.
• Over a quarter (27%) of organizations’ data is backed up to the cloud by a Backup as a Service (BaaS) provider. 14% of data across organizations globally is not backed up.
• Over two in five (43%) organizations plan to leverage cloud-based backup managed by a BaaS provider within the next two years.

https://www.cisomag.com/cyberattacks-on-business-2020/

To learn more watch the video or listen to the podcast at www.DailyCyber.ca and comment below