Dr. Chase Cunningham - Defend & Conquer Weekly Review November 1, 2023

The Latest Cybersecurity News: SolarWinds, Government Bans, Training Benefits, and More

In this week's cybersecurity news, several significant updates have emerged that shed light on the current state of security in various sectors. From legal actions to government bans and the importance of training, let's dive into the key takeaways.

The SolarWinds CISO Lawsuit

The news of the week revolves around the SolarWinds cybersecurity incident. The SEC has formally charged and is suing the CISO of SolarWinds. While this has garnered attention, it is important to remember that cybersecurity incidents do not occur in isolation. The entire board and executive suite should also be held accountable for their actions or lack thereof. Though the liability in this case may differ from the standard negligence claims, it is undoubtedly a challenging situation for the CISO who was ironically awarded the CISO of the year in 2023.

Canada's Ban on WeChat and Kaspersky

Canada has formally banned Chinese messaging application WeChat and Russian antivirus program Kaspersky from government-issued mobile devices due to privacy and security risks. The ban stems from an assessment by Canada's chief information officer, highlighting the unacceptable level of risk associated with these applications. While some may argue that this ban is obvious, it is crucial to prioritize security and take necessary precautions to protect sensitive government information.

The Benefits of Security Awareness Training

A study conducted by No Before Now, a vendor in the cybersecurity industry, showcases the benefits of security awareness training and simulated phishing campaigns. The study, based on data from 60,000 customer organizations worldwide, verifies that frequent training and simulated phishing campaigns lead to better performance in reducing risk. While the study results may seem predictable, it's reassuring to see concrete evidence that investing in training yields positive outcomes. Ultimately, the combination of training and simulated testing proves to be the most effective approach to improve cybersecurity awareness within organizations.

The Move-It Vulnerability and Email Breach

Hackers, part of a Russian-speaking group, gained unauthorized access to approximately 632,000 email addresses of US federal employees at the Department of Justice (DOJ) and the Defense Department (DoD) through the Move-It file transfer tool. The breach highlights the vulnerability of government organizations and their employees. While the compromised email addresses may not come as a surprise considering previous incidents involving the Office of Personnel Management (OPM), the breach remains concerning. It is crucial for government agencies to prioritize cybersecurity and fortify their defense against cyber threats.

The Cybersecurity Skills Gap

Recently, ISC2 published the 2023 ISC2 Cybersecurity Workforce Study, revealing that 92% of cybersecurity professionals report skill gaps. The top three skill gaps identified are cloud computing, artificial intelligence/machine learning (AI/ML), and zero trust (ZT) implementation. More alarmingly, organizations that had experienced cybersecurity layoffs were more impacted by skill gaps compared to those that hadn't. The report emphasizes the urgent need for upskilling and reskilling efforts to address the shortage of qualified cybersecurity professionals. With cloud computing and AI/ML being sought after skills, organizations must invest in training and acquire the right talent to meet the evolving demands of the industry.

The Use of Google Search Data in Legal Cases

A recent ruling by the Supreme Court in Colorado has allowed evidence obtained from Google search data to be used in a murder case. Police used a keyword search warrant to identify suspects who had searched for the address of a house that caught fire and resulted in fatalities. This ruling has sparked concerns about potential surveillance and privacy implications. It raises questions about how our online activities can be used against us and the risks associated with keyword search warrants becoming common investigative tools. Users should be aware of the digital footprints they leave and consider the potential consequences of their online actions.

In conclusion, this week's cybersecurity news highlights the interconnected nature of security incidents, government actions to mitigate risks, the benefits of training and awareness, the vulnerability of email systems, the widening skill gap, and legal challenges surrounding the use of search data. It is evident that cybersecurity continues to be a pressing concern in today's digital landscape. Organizations and individuals must remain vigilant, adapt to changing threats, and prioritize cybersecurity measures to protect sensitive information and maintain a secure online environment. Stay aware, proactive, and informed, and together we can overcome the challenges of this evolving cybersecurity landscape.