CINS Army Brief
How Do You Stop the Budget Bleeding?
Our Take
” … significant amounts being spent on what’s hitting the headlines instead of strategic, business-centric investment in security defenses.”
So, how do you avoid this? If you know anything about us, we’re big fans of frameworks like the CIS Controls. In our humble opinion, that’s the clearest path to more effective security and less wasted spending.
Security budget hikes are missing the mark, CISOs say
https://www.csoonline.com/article/641806/security-budget-hikes-are-missing-the-mark-cisos-say.html
This is our CINS Army Brief for June 2023, curating the most interesting cyber news from the previous month. Learn more and subscribe here.
- White House unveils fiscal 2025 cybersecurity investment priorities
https://www.nextgov.com/cybersecurity/2023/06/white-house-unveils-fiscal-2025-cybersecurity-investment-priorities/388031/ - Federal cyber incidents reveal challenges of implementing US National Cybersecurity Strategy
https://www.csoonline.com/article/575437/federal-cyber-incidents-reveal-challenges-of-implementing-us-national-cybersecurity-strategy.html - 4 Areas of Cyber Risk That Boards Need to Address
https://hbr.org/2023/06/4-areas-of-cyber-risk-that-boards-need-to-address - ‘Shadow’ AI use becoming a driver of insider cyber risk
https://www.computerweekly.com/news/366542890/Shadow-AI-use-becoming-a-driver-of-insider-cyber-risk - Shadow IT is increasing and so are the associated security risks
https://www.csoonline.com/article/575457/shadow-it-is-increasing-and-so-are-the-associated-security-risks.html - How should CISOs approach supply chain cybersecurity?
https://www.techradar.com/opinion/how-should-cisos-approach-supply-chain-cybersecurity - Most popular generative AI projects on GitHub are the least secure
https://www.csoonline.com/article/643505/most-popular-generative-ai-projects-on-github-are-the-least-secure.html#tk.rss_all - Attackers Create Synthetic Security Researchers to Steal IP
https://www.darkreading.com/attacks-breaches/attackers-create-synthetic-security-researchers - Safety And Soundness In AI And ML: Steps For Effective Governance
https://www.forbes.com/sites/forbestechcouncil/2023/06/28/safety-and-soundness-in-ai-and-ml-steps-for-effective-governance/?sh=3573763d478c - The Role Of Sandboxes In Enhancing Cybersecurity Measures
https://www.forbes.com/sites/davidbalaban/2023/06/27/the-role-of-sandboxes-in-enhancing-cybersecurity-measures/?sh=3f6463271327 - How Popular Messaging Tools Instill a False Sense of Security
https://www.darkreading.com/cloud/how-popular-messaging-tools-instill-a-false-sense-of-security - Why attackers love to target IoT devices
https://venturebeat.com/security/why-attackers-love-to-target-iot-devices/ - New Mockingjay process injection technique evades EDR detection
https://www.bleepingcomputer.com/news/security/new-mockingjay-process-injection-technique-evades-edr-detection/ - CISA Alert: LockBit Ransomware Extorted $91 Million from US Organizations
https://www.cpomagazine.com/cyber-security/cisa-alert-lockbit-ransomware-extorted-91-million-from-us-organizations/ - Cybercriminals target high-profit companies: AEI
https://www.cybersecuritydive.com/news/cybercriminals-target-high-profit-companies-aei-cybersecurity-cyberattack-FBI/652754/
