Douglas M. Vernon, MS, CIAM, CAMS’ Post

Digital transformations and the ever-changing technology landscape necessitate security strategies to be more proactive and fast-paced. Data can be the building block and key driver of this strategic cybersecurity decision-making. Data-centric Security Program is all about analyzing data to make more informed decisions and gain visibility into the performance of your security program. This approach will also help organizations to gauge and optimize cybersecurity expenditures. this brings us to the need for a mature approach towards a "Matured Data-Centric Cyber Security Program" which should touch down below areas of any organization. - Foundational Security - Reactive Security - Building Proactive Capabilities - Process Capabilities - Operational Excellency - Governance Join Me along with Team #kyndryl at #aiss2023 ready to co-create and co-pilot the Security Strategy with you !!! #theheartofprogress #protransformation #cybersecurity Lingraju Sawkar Hussain Zaidi Saket Verma Harish Soni Naresh Kandhari Ajay Kumar Rai Anshul Tomar Nalini Mandlik Anuj Vaid A Ananda Kumar Tinu Thomas Solomon George Kavya Gowda Debur S Balamurali Sudesh Bajaj Rohit Sachdeva Anil Kukreja Amandeep Chawla Rahul Agarwal Vikas Mishra Sonu Mathew Ranjith Vadagam Tholkappian . Raja Balakrishnan, CISSP Ashish Kothari Jatin Meswani

Cyber Threat Intel - 05 Mar 2024 - Ivanti To our partners and customers, On Feb. 29, the US Cybersecurity & Infrastructure Security Agency (CISA) released a joint advisory with updated information regarding vulnerabilities in Ivanti Connect Secure and Policy Secure gateways. As a refresher, these vulnerabilities are CVE-2023-46805, CVE-2024-21887, CVE-2024-22024, and CVE-2024-21893. They are all actively exploited in the wild. The CISA guidance indicates they have evidence that Ivanti’s Integrity Checker Tool (ICT) is not able to detect the compromise of affected devices. How to Mitigate: The guidance provided by CISA is as follows for Ivanti appliances: • Limit outbound internet connections from SSL VPN appliances to restrict access to required services. • Keep all operating systems and firmware up to date. • Limit SSL VPN connections to unprivileged accounts. For further reading, please see the CISA advisory here. https://lnkd.in/gbvAgECn Important: Blazon SOC has NOT seen any indicators of compromise (IoCs) related to Ivanti compromises in our partners’ environments. We will continue to actively monitor for any IoCs associated with incidents related to these vulnerabilities. We are confident that our experienced MDR analysts and technology will continue to protect your business and clients. Sincerely, Blazon Technologies

There have been many great security programs throughout the years which have been utilized to address cyber threat.  From a systematic approach, disparate programs and varied ways of implementations can cause organizations to struggle utilize them all into a cohesive cyber response. After all time is money in all places and time is damage controlin cyber. Security Orchestration and Automation Response (SOAR) technologies help streamline security operations by automating repetitive tasks, integrating security tools, and orchestrating incident response processes. This enables faster detection, response, and remediation of security incidents.  Utilizing tools and licenses businesses own and augmenting with updated processes to counter modern threats is a saavy way to address both cyber security concerns and cost. 

8 questions boards should ask themselves regarding cyber security according to Camilla Nørgaard Jensen, PhD, Innovation Manager within Digital Tech & Artificial Intelligence, Pioneer Centre for AI, DTU Skylab 1. Do we know which data and information support our business-critical activities📊 2. What are the consequences for the business if data and information supporting our business-critical activities are not available, altered, or leaked 💼 3. Are we confident that our information is adequately protected against known threats 🔒 4. Have we, in top management, defined objectives, strategies, or policies in the cyber and information security areas that we actively prioritize and support 🎯 5. Do we have a security organisation anchored in top management 🛡️ 6. Do we receive regular reporting on the status of strategies and objectives within the cyber and information security areas 📰 7. Has top management taken a stance on the authority's or company's risk appetite 🤔 8. Have we made it clear to ourselves that top management itself is a likely target for cyber attacks (e.g., CEO fraud and spear-phishing) 🎣

🔒 The Role of Continuous Security Validation (CSV) 🔒 In the ever-evolving realm of cybersecurity, we find ourselves at a critical juncture. Incidents of breaches have moved beyond sporadic occurrences, escalating in frequency, velocity, and complexity. Cybersecurity, once seen as a precautionary measure, has now become an essential mandate. The era of relying solely on preventive measures is outdated as our world undergoes rapid digital transformation, intertwining our daily lives with interconnected systems. From personal to organizational activities, the pervasive growth of technology exposes us to a looming threat emanating from the very technology designed to simplify our lives. Cyber threats, increasingly sophisticated and diverse, now extend from vast systems to small IoT devices. For the safety of all these systems, Continuous Security Validation (CSV) plays a pivotal role. As we delve into the realm of continuous validation, it's imperative to acknowledge the impact of real-time data produced by IoT, which expands the attack surface across all systems. CSV emerges as a proactive process, monitoring, and analyzing data to enable professionals to detect potential security risks in real time, empowering them to respond promptly and mitigate risks effectively. As cyber threats continually evolve, CSV remains dynamic due to live monitoring, allowing security professionals to adapt their strategies and methods to become more resilient against attacks. Additionally, leveraging batch data provides a historical context that aids in understanding patterns and the foundation of attacks. This proactive approach to cybersecurity not only reduces the risk of data breaches and financial losses but also preserves the trust and confidence of customers and stakeholders. Moreover, CSV plays a crucial role in testing an organization's security posture. Merely monitoring and preventing are no longer sufficient. CSV enables organizations to test their defenses through automated testing, Red teaming, and purple teaming, while continuously spreading awareness among employees. In conclusion, Continuous Security Validation is not just a best practice it's a necessity in our ever-evolving digital landscape. By embracing CSV, organizations can stay ahead of cyber threats, protect their valuable assets, and maintain the trust of stakeholders. #cybersecurity #ContinuousValidation #digitaltransformation Virtually Testing Foundation Alex Mutuma Adenike Robinson Shwetan Zagade Rufaro T Dzapasi Shivani Subramanian Lakshmi Tadepalli Erwinson Francisco AlaaAlDin (Aladdin) AlRadhi

Maximize Your Cybersecurity with Microsoft Sentinel In the digital age, robust cybersecurity is non-negotiable. Microsoft Sentinel stands out as a cloud-native SIEM solution that not only simplifies but also amplifies your security operations. Here are some key benefits: • Cloud-Native Scalability: Microsoft Sentinel effortlessly scales with your business, providing comprehensive coverage across all users, devices, applications, and infrastructure—on-premises and in the cloud. • Advanced Threat Detection: Utilize Microsoft’s analytics and unparalleled threat intelligence to detect sophisticated threats and reduce false positives. • AI-Enhanced Investigations: Investigate threats with AI and hunt for suspicious activities at scale, tapping into years of cybersecurity work at Microsoft. • Rapid Incident Response: Respond to incidents swiftly with built-in orchestration and automation of common tasks. • Cost-Effective: Enjoy a lower total cost of ownership with a solution that minimizes the need for additional security tools and infrastructure. • Proven ROI: Microsoft Sentinel has delivered a 234% return on investment, according to a Forrester study, by increasing the efficiency of threat investigations and saving on deployment and training. Embrace the future of security operations with Microsoft Sentinel and ensure your enterprise is protected against evolving cyberthreats Kiran Arunkumar Babu Peter Theobald A.C.A. Junaid Khaleel Sivamuthuganesh S MOHAMMED AIMAN ANSARI

'The increased virtualization and migration to the cloud are driving more dependency on a narrowing supply chain of vendors... approximately 290% rise in the number of vulnerabilities exploited in attacks against enterprise software in 2023 compared to 2022... Similarly, we saw a 309% increase in the number of vulnerabilities exploited in attacks against network infrastructure. 'In 2023, Insikt Group identified an 11.8% increase (from 2022 to 2023 in reported software supply-chain attacks. 'In 2023, we observed several instances of cybercriminals specifically targeting business process outsourcing BPO organizations in what were almost certainly financially motivated attacks. 'In 2023, threat actors abused legitimate internet services LIS to host malware and blend C2 communications with legitimate traffic, lowering the chances of detection'. C-SCRM matters. h/t Tony Ridley, MSc CSyP FSyI

This week in Cyber - 18th Sept -> 22nd Sept - ASIC to focus further on cyber security and target boards that don't have suitable cyber security systems in place. Prosecutions and fines for boards expected to be more common place in late 2023 and 2024. - Cisco to acquire Splunk at $157 per share for $28b in cash (the biggest software transaction this year) in a move to expand their software capability and event response management. - Pizza Hut compromised when third party accessed their data, the data relates to customers records and personal financial information. To this date no information has been shared online or has been shown to be used. - MGM to lose $8.4 million a day as it resolves cyber attack. - AI influence in cybersecurity is increasing. Rackspace in partnership with Microsoft polled executives and there were some good stats. - 72% have stated that AI has increased their need for cybersecurity improvement. - AI enabled technology more likely to be deployed in organisations across cloud (88%), data security (82%). - 66% increased their cybersecurity budgets last year, 36% had lower cybersecurity budgets.

IndustryARC™ Product Security & IT Security market Assessment is estimated at $155 billion in 2020 and is forecast to grow at a #CAGR of 7.0% during the forecast period 2021 to 2026. ➡️ 𝑭𝒐𝒓 𝑴𝒐𝒓𝒆 𝑰𝒏𝒇𝒐𝒓𝒎𝒂𝒕𝒊𝒐𝒏 @ https://lnkd.in/g5XQmzec   Growing Cyber Threat Landscape: With the proliferation of digital technologies and interconnected systems, the threat landscape continues to expand. Cyberattacks such as data breaches, ransomware, and malware are becoming more sophisticated, prompting organizations to invest in security assessments to identify and mitigate vulnerabilities. Regulatory Compliance Requirements: The regulatory landscape for data protection and cybersecurity is constantly evolving. Regulations such as GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and others impose strict requirements on organizations to ensure the security and privacy of customer data. Compliance often necessitates regular security assessments to assess and address vulnerabilities. Increased Adoption of Cloud and IoT Technologies: The rapid adoption of cloud computing, IoT (Internet of Things) devices, and BYOD (Bring Your Own Device) policies has expanded the attack surface for cyber threats. Organizations need comprehensive security assessments to evaluate the security posture of their cloud infrastructure, IoT devices, and endpoints. Demand for Third-Party Security Assessments: Many organizations are outsourcing security assessments to third-party vendors with specialized expertise. This trend is driven by the need for unbiased evaluations, access to advanced tools and techniques, and cost-effectiveness. Focus on Supply Chain Security: Supply chain attacks have become a significant concern for organizations, especially in sectors such as manufacturing, healthcare, and finance. Assessing the security posture of third-party vendors and partners is crucial for mitigating supply chain risks. ➡️ 𝐤𝐞𝐲 𝐏𝐥𝐚𝐲𝐞𝐫𝐬 Synack, Inc., | HackerOne | Bugcrowd | Cobalt | Detectify | NCC Group | Veracode | WhiteHat Jr | Trustwave | Rapid7 | Tenable | Qualys | Checkmarx | Fortify |AppCheck Ltd | Securonix | Imperva | F-Secure Corporation | Digital Savants | FireEye, Inc. | IBM Security - by Megaplus | Accenture | Deloitte PwC | KPMG US Tenable | Rapid7 | Qualys | Check Point Software Technologies Ltd #AppSec | #Compliance | #Cybersecurity | #DataSecurity | #PenTesting | #Privacy | #ProductSecurity | #SecureDevelopment | #VulnerabilityManagement | #ZeroTrust | #APIsecurity | #BlockchainsSecurity | #BugBounty | #CloudSecurity | #DevSecOps #JapanCybersecurity #JapanITSecurity #ProductSecurityJapan #ITSecurityAssessmentJapan #JapanTechSecurity #JapanInfoSec #KoreaCybersecurity #KoreaITSecurity #ProductSecurityKorea #ITSecurityAssessmentKorea #KoreaTechSecurity #KoreaInfoSec #MalaysiaCybersecurity #MalaysiaITSecurity #ProductSecurityMalaysia #ITSecurityAssessmentMalaysia #MalaysiaTechSecurity #MalaysiaInfoSec

IndustryARC™ Product Security & IT Security market Assessment is estimated at $155 billion in 2020 and is forecast to grow at a #CAGR of 7.0% during the forecast period 2021 to 2026. ➡️ 𝑭𝒐𝒓 𝑴𝒐𝒓𝒆 𝑰𝒏𝒇𝒐𝒓𝒎𝒂𝒕𝒊𝒐𝒏 @ https://lnkd.in/g5XQmzec   Growing Cyber Threat Landscape: With the proliferation of digital technologies and interconnected systems, the threat landscape continues to expand. Cyberattacks such as data breaches, ransomware, and malware are becoming more sophisticated, prompting organizations to invest in security assessments to identify and mitigate vulnerabilities. Regulatory Compliance Requirements: The regulatory landscape for data protection and cybersecurity is constantly evolving. Regulations such as GDPR (General Data Protection Regulation), CCPA (California Consumer Privacy Act), and others impose strict requirements on organizations to ensure the security and privacy of customer data. Compliance often necessitates regular security assessments to assess and address vulnerabilities. Increased Adoption of Cloud and IoT Technologies: The rapid adoption of cloud computing, IoT (Internet of Things) devices, and BYOD (Bring Your Own Device) policies has expanded the attack surface for cyber threats. Organizations need comprehensive security assessments to evaluate the security posture of their cloud infrastructure, IoT devices, and endpoints. Demand for Third-Party Security Assessments: Many organizations are outsourcing security assessments to third-party vendors with specialized expertise. This trend is driven by the need for unbiased evaluations, access to advanced tools and techniques, and cost-effectiveness. Focus on Supply Chain Security: Supply chain attacks have become a significant concern for organizations, especially in sectors such as manufacturing, healthcare, and finance. Assessing the security posture of third-party vendors and partners is crucial for mitigating supply chain risks. ➡️ 𝐤𝐞𝐲 𝐏𝐥𝐚𝐲𝐞𝐫𝐬 Synack, Inc., | HackerOne | Bugcrowd | Cobalt | Detectify | NCC Group | Veracode | WhiteHat Jr | Trustwave | Rapid7 | Tenable | Qualys | Checkmarx | Fortify |AppCheck Ltd | Securonix | Imperva | F-Secure Corporation | Digital Savants | FireEye, Inc. | IBM Security - by Megaplus | Accenture | Deloitte PwC | KPMG US Tenable | Rapid7 | Qualys | Check Point Software Technologies Ltd #AppSec | #Compliance | #Cybersecurity | #DataSecurity | #PenTesting | #Privacy | #ProductSecurity | #SecureDevelopment | #VulnerabilityManagement | #ZeroTrust | #APIsecurity | #BlockchainsSecurity | #BugBounty | #CloudSecurity | #DevSecOps #JapanCybersecurity #JapanITSecurity #ProductSecurityJapan #ITSecurityAssessmentJapan #JapanTechSecurity #JapanInfoSec #KoreaCybersecurity #KoreaITSecurity #ProductSecurityKorea #ITSecurityAssessmentKorea #KoreaTechSecurity #KoreaInfoSec #MalaysiaCybersecurity #MalaysiaITSecurity #ProductSecurityMalaysia #ITSecurityAssessmentMalaysia #MalaysiaTechSecurity #MalaysiaInfoSec