With tax season approaching, two shifts in ransomware tactics combined could have more effect than previously seen – targeting of organizations rather than individuals and publishing rather than destroying the victim’s internal data. A dangerous combination, the incorporation of both tactics could force victims to pay the ransom if we are lucky, with impacts from lack of payment potentially severely damaging clients in ways more personal than previously seen. -scl
In a cyber-compromise, security isn't the only risk to consider. How organisations communicate with one another during a cyber incident may impact future relationships. A few considerations taken during another's time of crisis might limit reputational damage.
If everything is messaging, limited narrative offers options - both from imaginative possibilities uncovered within the audience, and the sharp defensive counters to misinterpretation. When looking to control ther story told, there is value in deniability. -scl
An effective cyber organisation requires multiple talents, some hidden, some obvious. Leaders in cyber should aim to uncover and conduct the cyber orchestra so as to make it all work together to pre-empt and to resolve cyber challenges.
Prioritisation of client reporting and focus needs to be based on the connection and likelihood of compromise, not based on the clients' relative tiered status. Clients with higher status would likely have better defense. The ones with lower tiered connections may have greater vulnerability.
SolarWinds has been the talk of the cyber world for the last month, with many legitimate concerns taking a Zen role in security circles - very much looking at the present. As we move to 2021, and get closer to understanding what happened and its organisational impacts, it's time to look at other questions.
For space to be a viable part of human existence, we need to reframe how we implement technology - specifically cyber. Operations in space have no place for cyber risks to life and efficacy.
Precisely as said. How we are losing, and what we need to fix.
A business case for approaching cyber eco-systems. Intended for FIs, can be applied to other organisations.
To combat criminals we need to adjust our thinking to seeing the actors as enemies – offering proactive elements to counter behaviors deemed harmful to us, our organization, and our clients.