CINS Army Brief
Land Of Confusion
Our Take
All of the “DR” terms are officially confusing. EDR, MDR, NDR now morph into XDR, whatever that really is, and the other day I stumbled over “DNSDR” … Come on people, this is getting out of hand. I think it’s all contributing to this article’s main thesis of reliance on any one tool: Confusion in the marketplace leads to gaps in security.
CISOs may be too reliant on EDR/XDR defenses
https://www.csoonline.com/article/2142372/cisos-may-be-too-reliant-on-edr-xdr-defenses.html
This is our CINS Army Brief for June 2024, curating the most interesting cyber news from the previous month. Learn more and subscribe here.
- Memory-unsafe code runs rampant in critical open-source projects
https://www.cybersecuritydive.com/news/memory-unsafe-code-open-source/720045/ - Manufacturing cybersecurity at heart of new White House guidance
https://www.cybersecuritydive.com/news/energy-department-cybersecurity-manufacturing-supply-chain-best-practices/719612/ - 6 ways the CISO role is evolving today
https://www.csoonline.com/article/566757/what-is-a-ciso-responsibilities-and-requirements-for-this-vital-leadership-role.html - LockBit resurgence sees ransomware attacks reach record high in May
https://siliconangle.com/2024/06/20/lockbit-resurgence-sees-ransomware-attacks-reach-record-high-may/ - Coding error in forgotten API blamed for massive data breach
https://www.theregister.com/2024/06/21/optus_data_breach_faulty_api/ - What Happens When An Organization Suffers From A Poor Security Culture?
https://www.forbes.com/sites/forbesbusinesscouncil/2024/06/20/what-happens-when-an-organization-suffers-a-poor-security-culture/ - The Software Licensing Disease Infecting Our Nation’s Cybersecurity
https://www.darkreading.com/vulnerabilities-threats/software-licensing-disease-infecting-our-nations-cybersecurity - Act, Don’t Overreact: The Deliberate Approach Leaders Are Taking with Generative AI
https://healthsystemcio.com/2024/06/17/act-dont-overreact-the-deliberate-approach-leaders-are-taking-with-generative-ai/ - Hackers use F5 BIG-IP malware to stealthily steal data for years
https://www.bleepingcomputer.com/news/security/hackers-use-f5-big-ip-malware-to-stealthily-steal-data-for-years/ - Microsoft, OpenAI, Nvidia join feds for first AI attack simulation
https://www.axios.com/2024/06/17/cisa-tech-companies-ai-cyberattack-simulation - Generative AI for cybersecurity: Is it right for your organization?
https://www.fastcompany.com/91125893/generative-ai-for-cybersecurity-is-it-right-for-your-organization - Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
https://www.wired.com/story/change-healthcare-22-million-payment-ransomware-spike/ - Why CIO & CISO Collaboration Is Key to Organizational Resilience
https://www.darkreading.com/cybersecurity-operations/cio-ciso-collaboration-is-key-to-organizational-resilience - There are no insignificant breaches: Why all compromised data matters
https://www.techradar.com/pro/there-are-no-insignificant-breaches-why-all-compromised-data-matters - Why CISOs need to build cyber fault tolerance into their business
https://www.helpnetsecurity.com/2024/06/10/cisos-activity-areas/ - AI poisoning is a growing threat — is your security regime ready?
https://www.csoonline.com/article/2139630/ai-system-poisoning-is-a-growing-threat-is-your-security-regime-ready.html - Technology, Regulations Can’t Save Orgs From Deepfake Harm
https://www.darkreading.com/cyber-risk/technology-regulations-cant-save-orgs-from-deepfake-harm - Understanding Security’s New Blind Spot: Shadow Engineering
https://www.darkreading.com/vulnerabilities-threats/understanding-security-new-blind-spot-shadow-engineering - Cybersecurity experts sound alarm over US power grid vulnerabilities
https://www.foxnews.com/us/cybersecurity-experts-sound-alarm-over-us-power-grid-vulnerabilities - Lack of skills and budget slow zero-trust implementation
https://www.helpnetsecurity.com/2024/05/31/zero-trust-implementation-driver-for-organizations/
