Why is ROI such a dirty word?

This is our CINS Army Brief for March 2023, curating the most interesting cyber news from the past month. Learn more and subscribe here.

• Banks, Financial Industry Hit by Rising Ransomware Attacks
  https://www.bloomberg.com/news/articles/2023-03-21/banks-financial-industry-buffeted-by-rising-ransomware-attacks#xj4y7vzkg
• Bank failure panic fuels moment of opportunity for threat actors
  https://www.cybersecuritydive.com/news/bank-failure-panic-fuel-threats/644949/
• Municipal CISOs grapple with challenges as cyber threats soar
  https://www.csoonline.com/article/3688958/municipal-cisos-grapple-with-challenges-as-cyber-threats-soar.html
• New cyberattack tactics rise up as ransomware payouts increase
  https://www.csoonline.com/article/3689014/new-cyberattack-tactics-rise-up-as-ransomware-payouts-increase.html
• New malware infects business routers for data theft, surveillance
  https://www.bleepingcomputer.com/news/security/new-malware-infects-business-routers-for-data-theft-surveillance/
• Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022
  https://www.bleepingcomputer.com/news/security/hackers-mostly-targeted-microsoft-google-apple-zero-days-in-2022/
• US federal agency hacked using old Telerik bug to steal data
  https://www.bleepingcomputer.com/news/security/us-federal-agency-hacked-using-old-telerik-bug-to-steal-data/
• Auto Cyberattacks Becoming More Widespread
  https://semiengineering.com/auto-cyberattacks-becoming-more-widespread/
• Most mid-sized businesses lack cybersecurity experts, incident response plans
  https://www.helpnetsecurity.com/2023/03/20/mid-sized-businesses-cybersecurity-challenges/
• CISA launches pilot to spot ransomware vulnerabilities
  https://gcn.com/cybersecurity/2023/03/cisa-launches-pilot-spot-ransomware-vulnerabilities/383993/
• Research shows two-thirds of orgs have had breaches caused by remote working
  https://venturebeat.com/security/research-shows-two-thirds-of-orgs-have-had-breaches-caused-by-remote-working/
• Remote working: the most secure countries worldwide
  https://www.techradar.com/features/remote-working-the-most-secure-countries-worldwide
• EPA to make states evaluate public water systems’ cybersecurity
  https://thehill.com/policy/energy-environment/3882433-epa-to-make-states-evaluate-public-water-systems-cybersecurity/
• How to enhance the cybersecurity of operational technology environments
  https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/how-to-enhance-the-cybersecurity-of-operational-technology-environments
• 6 principles for building engaged security governance
  https://www.techtarget.com/searchsecurity/post/6-principles-for-building-engaged-security-governance
• Why we need to democratize governance, risk, and compliance
  https://www.scmagazine.com/perspective/compliance/why-we-need-to-democratize-governance-risk-and-compliance
• Analysts share 8 ChatGPT security predictions for 2023
  https://venturebeat.com/security/analysts-share-8-chatgpt-security-predictions-for-2023/
• 7 guidelines for identifying and mitigating AI-enabled phishing campaigns
  https://www.csoonline.com/article/3690418/7-guidelines-for-identifying-and-mitigating-ai-enabled-phishing-campaigns.html
• CFO Cybersecurity Strategies: How to Protect Against the Rising Storm
  https://www.cfo.com/technology/cyber-security-technology/2023/03/cybersecurity-strategies-protect-against-cyberattacks-investments/
• Cybersecurity Skills Shortage, Recession Fears Drive ‘Upskilling’ Training Trend
  https://www.darkreading.com/vulnerabilities-threats/cybersecurity-skills-shortage-recession-fears-drive-upskilling-training-trend
• The Role of Human Resources in Cybersecurity
  https://securityintelligence.com/articles/role-human-resources-cybersecurity/
• CISA summons outside tips to alert victims of early-stage ransomware
  https://www.cybersecuritydive.com/news/cisa-pre-ransomware-notification/646041/

‍