Three Ways to Spot Insider Risk…

The biggest challenge to spotting a threat is knowing what to look for. The greatest challenge for most organizations who are trying to identify insider threats, is visibility into employee behavior and actions. Without it, you lack context to understand whether activity is beneficial or harmful to the organization. This ebook provides guidance around the steps necessary to spot insider threats both proactively and reactively, including how to : Define insider risk, Monitor leading indicators and Look for active indicators.

NIST releases updated Cybersecurity Framework 2.0…

The U.S. National Institute of Standards and Technology (NIST) has long been a useful source of resources to help cybersecurity teams evaluate needs, plan investments, and implement best practices. In 2013 it published the NIST Cybersecurity Framework (CSF) as the primary repository for guidance on establishing effective cybersecurity practices. Now comes the news that the updating process is complete and CSF 2.0 has been officially published. So, let’s have a look at what’s changed and how those changes may affect your efforts to understand, implement, and maintain cybersecurity best practices.

NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold…

Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable to threat actors. Since February 12, 2024, NIST has almost completely stopped enriching software vulnerabilities listed in its National Vulnerability Database (NVD), the world's most widely used software vulnerability database.

Data tampering is an underrated threat — get your backup ready…

World Backup Day is an annual reminder of how important it is to have an up-to-date, readily accessible copy of everything that matters to your business. Resilient backups allow you to recover more quickly from data damage, disruption, or loss, particularly if a ransomware attack has resulted in encrypted or deleted files. These are well-known and widely reported benefits of backups — but there’s more. Immutable data backups can also protect you from the underrated threats of data tampering and malicious insiders, unpredictable activities that can significantly damage brand trust and reputation if they’re not addressed.

Cybersecurity in the Age of Microsoft Copilot: Safeguarding Corporate Communication

Microsoft Copilot is a state-of-the-art generative AI tool integrated into Microsoft 365, designed to assist users in content creation. It operates by harnessing a wide array of data sources, including emails, documents, and calendar meetings, as input for generating text-based content. Copilot‘s reliance on various data sources introduces the risk of generating content based on sensitive data, passwords, or personally identifiable information (PII). For example, imagine Copilot inadvertently generating an email that includes sensitive customer information, such as credit card details, without proper review, posing a risk of unintentional data exposure. In scenarios where companies serve multiple clients, Copilot might negligently generate content that contains or is based on data from one client while preparing content for another.

Too much access? Microsoft Copilot data risks explained

If you’ve used ChatGPT, you know how powerful and helpful it can be. For the security conscious enterprise, however, there are some red flags. Large corporations like JP Morgan Chase and Verizon are blocking employees from accessing the popular AI chatbot. Even Microsoft, one of Open AI’s largest investors, temporarily restricted access to ChatGPT recently. This is interesting news, especially considering Microsoft is rolling out its own AI chatbot for the enterprise called Copilot. It’s already available for Windows users, with enterprise rollouts not far behind. Like ChatGPT, Copilot can be a wonderful tool, but it introduces some notable risks for the enterprise.

Countdown to compliance begins: Time’s up! New York cyber changes are final!

Revisions to the New York State Department of Financial Services (NYSDFS) Part 500 cybersecurity regulation are now final — just in time for 2024 budgets. While some of the more prescriptive elements of the proposed rule have given way to a more flexible, risk-based approach, most of the rule’s revisions remain intact. The final rule retains enhanced requirements for governance, risk assessments, password and data management, as well as the net-new requirements for asset inventory, business continuity and disaster recovery (BCDR), and independent audits.

LockBit to FBI: 'You can't stop me'

A strange and somewhat sad LockBit-related situation has developed over the last few days. @LockBitSupp, the presumed leader of the prolific LockBit ransomware group, published a formal response to Operation Cronos and the FBI. In a nearly 3,000-word document, LockBitSupp published his account of what happened, what was seized, what remains, and what he learned. We have the background on Operation Cronos and LockBit here. I have paraphrased the notable points in the document and included some direct quotes from the author. This section includes comments from the LockBit response letter, not from Barracuda or other third-party sources.

How To Optimize Your Data Center Against Ransomware Attacks

Many strategies for fighting ransomware, like taking regular backups, are the same no matter where you host data — in the public cloud, in a private data center, or on-prem. However, companies that operate data centers can deploy some special practices that may reduce their risk of falling victim to ransomware attacks. When you control all aspects of your infrastructure and hosting facility, you can do things to mitigate ransomware threats that wouldn't be possible elsewhere.