Cyber Weekly Roundup – November 10, 2017

Written November 13th, 2017

Post Tags: Cyber, cyber weekly roundup, weekly roundup

By Colby Proffitt, Mesay Degefu, and Kalai Kandasamy

1.) One in four UK workers have maliciously leaked business data (November 6, 2017)


Summary: Insider threat research has revealed that 24% of workers purposely shared info with other companies and nearly 50% have received an email by mistake.

Why it matters: This article offers some interesting insight into email’s role in cybersecurity. Regardless of any organization’s cyber policies, tools, and overall cyber efforts, you’re only as secure as your workforce will allow you to be.Automation and other technologies are helping reduce errors and mitigate risks, but we still face the human factor – that innate curiosity to click on an enticing link, the tendency to scan or rush through tasks and emails due to the volume of work, and the unchangeable fact that as humans, we will make mistakes. Insider threats are often defined as intentionally ill-intentioned employees, but as this article points out, many insider threats are simply the product of overwork, carelessness, misuse, or simple human nature.



Summary: More lawmakers are getting behind the hack bac…ahem…active cyber defense bill. Two branches of the military are super early on their cyber deadlines. And small businesses are eschewing cyber insurance.

Why it matters: This article likens “active defense” to “hacking back”. However, many would argue that there are a number of alternatives to active cyber defense outside of deliberately hacking back, such as cyber deterrence. What’s clear is that the government must reconsider and even redefine the traditional understanding of the battlefield, and reinforce that definition with policy and legislation to protect our country’s most important assets and critical infrastructure.

3.) Firms look to security analytics to keep pace with cyber threats


Summary: Security has changed dramatically over the decades. Companies can no longer risk focusing just on protecting physical assets such as offices and stock. With firms becoming increasingly reliant on technology and software to streamline everyday operations, it is crucial to have systems in place to protect digital property.

Why it matters: Cybersecurity encompasses a myriad of different approaches, strategies, and tactics – from the fairly new continuous diagnostics and mitigation (CDM) to a more active approach like cyber deterrence, there are multiple combinations organizations can employ based on their mission and defense needs. This article highlights security analytics as an emerging way to counter attacks and it will be interesting to see how organizations leverage this approach and the related technologies. Using analytics, however, will drive the ever increasing amount of data, which will contribute to the need for skilled cyber professionals who must possess not only a comprehensive view of cyber and the organization’s networks, assets, and infrastructure, but must also possess the ability to translate that data into information that executive leadership can act upon accordingly.

4.) Blockchain hype exploited by spammers and phishers (November 6, 2017)


Summary: Hackers are exploiting the popularity of blockchain technologies in spamming and phishing campaigns, warns Kaspersky Lab.

Why it matters: Blockchain is among the latest IT buzzwords in industry and government alike. Although a powerful technology, it’s new, which means that the majority of end users are just beginning to understand it – what it is, how it works, and what it does. Cyber criminals, on the other hand, are beyond understanding it. They are actively employing it and using it to their advantage to deceive those who are less informed. Organizations should make it a point to educate and inform their users of the ways cyber adversaries are tempting targets through blockchain-related phishing scams. As explained above organizations are only as secure as their weakest link – in many cases, their users.

5.) OPM Cybersecurity Still Lags Three Years After Massive Breach (November 6, 2017)


Summary: The Office of Personnel Management’s cybersecurity is still in bad shape, three years after it suffered a massive data breach that compromised sensitive records about more than 20 million Americans.

Why it matters: Cybsersecurity can be complicated, and developing an enterprise plan for your organization can be just as complex. Understanding what you have, in terms of networks, systems, applications, and data can be a massive effort, especially for an organization as big as OPM, and if those same networks, systems, and applications weren’t deployed with cyber in mind, undoing some of those cyber mistakes can take time and effort. According to the 1-5 scale, OPM is at a two, which is considered defined, so they’ve made progress but still have a ways to go. What’s important to realize is that cyber maturity is not a one time achievement; it’s a thoughtful, sometimes difficult, strategic goal. And once achieved, it must be maintained.

6.) The measurability riddle: How much money should you put in cyber security? (November 7, 2017)


Summary: The question of how much money organizations should invest in cybersecurity has become a hard question to answer. The senior leadership of many organizations have been tasked with assigning a figure, and are hard pressed to come up with not just a dollar value, but also the best solution for their organization’s cyber needs.

Why it matters: For many organizations, it’s critical to first understand the organization’s business and risk appetite, including the type of information the business is processing and storing. For example, with the Risk Management Framework (RMF), organization’s can categorize its systems based on confidentiality, integrity, and availability. Once determined, it’s easier to apply the right security tools, measures, and countermeasures. If an organization misses that first step, however, the security put in place will be ineffective. It’s advisable that organizations plan on allocating the majority of cybersecurity related funds towards the early stages (development) of an enterprise risk management framework.