Cybersecurity Newsletter

newsletter

facebook logo  twitter logo  linkedin logo  mail icon

You have a lot going on, so join the thousands of other leaders and let me do the work and provide you with curated cybersecurity content. It would be my honor to do so.

This week's newsletter is dedicated to all the under-recognized IT & Security Leaders out there working hard and not recieving their due.

Thank you from Mark Lynd - #1 Ranked Global Security Thought Leader

NOTES: 1) If you want to ensure you get this newsletter every week, please add my "from" address to your contact list. If you would like to Unsubscribe scroll to the bottom and select "unsubscribe". Thank you.

In this week's edition:

  • Cyber Bits & Bytes
  • Early Warning - 5G will create broader attack surfaces according to FCC
  • Featured Article - 5 Astounding Reasons Why AI is Improving Cybersecurity
  • Cyber Quote - Warren Buffett on his huge concerns about cybercrime
  • Free Cybersecurity Resources - eBooks, tools, apps & services
  • Trending Story - 50 Cybersecurity Titles That Every Job Seeker Should Know About
  • Cybersecurity News Highlights
  • Cyber Scam of the Week - Real Facebook Page, Fake Facebook Support
  • Social Posts of the Week

Cyber Bits & Bytes

According to this article from CSO Online by Jon Oltsik titled:"Cybersecurity spending and economic headwinds in 2023", cybersecurity investments will increase, but CISOs will be more selective in their choices, driving the need for federated technology architectures.

Ohio Supreme Court Rules Insurance Provider Not Required to Cover Cyber-attack Costs, per a JD Supra article the seven justices of the Ohio Supreme Court unanimously ruled that an insurance company was not required to cover the cost of a ransomware attack because it did not result in physical damages.

It’s official: Digital trust really matters to everyone online according to a recent HelpNet Security article. In the article it points out that a Forbes Insights report found that nearly half (46%) of all organizations have experienced reputational and brand damage due to a third-party security breach.

How Hackers Outwit All Efforts to Stop Them: "It's a Cyber Pandemic." Read more in this illuminating Newsweek article by David H. Freedman.

Cybersecurity Experts Cast Doubt on Hackers' ICS Ransomware Claims. The battle back and forth coontinues between the good guys and bad guys with continual positioning and claims. Read more in this interesting article in Security Week.


Early Warning

5G will create broader attack surfaces according to FCC

Jessica Rosenworcel, FCC Chairman was recently speaking at the Center for Strategic and International Studies—a defense-oriented think tank. In her speech she warned of the potential privacy and security risks as organizations moves to 5G in near future.

Here is an excerpt of her remarks:

But no rest for the weary. We now need to build on this momentum—and it is going to take work. Because there is intense competition underway to shape what comes next. And at the heart of that competition is how next-generation 5G networks are deployed and evolve.

There is good reason for this. So often when we think about 5G in the United States we talk about our phones. But if we do this right, our phones will be the least interesting thing about our 5G future. This is not about the small icon that appears—and sometimes disappears—in the upper right-hand corner of a mobile device. It is a whole lot bigger than that. We are talking about using 5G technology to lay the foundation for digital transformation around the globe. Because we are fast heading to a world where next-generation wireless networks connect everyone and everything around us. They will open up possibilities for communications that we cannot even fully imagine today. By exponentially increasing the connections between people and things, this technology could become an input in everything we do—improving agriculture, education, healthcare, energy, transportation, and more. The data we derive from all these connections is powerful. It will inform machine learning, artificial intelligence, and the next-generation of innovation across the economy.

This is exciting. But these opportunities also reveal broader geopolitical challenges. Because, let’s be honest, the United States and authoritarian regimes have different views on how to use 5G technology. The vision that succeeds in a global forum like the ITU matters. It will inform how networks are deployed and evolve around the world.

Closer to home, the deployment of these networks also involves big security challenges. Because the truth is that 5G networks connecting so much more in our lives will mean a broader attack surface for cyber events.

So today I would like to talk about how the FCC is meeting that security imperative. We are doing a lot—in fact, right now the agency is doing more to address network security than at any point in its history. It’s a strategy to deter, defend, and develop: deter bad actors, defend against untrusted vendors, and develop a market for trustworthy innovation. By doing this, we are working to help improve communications security at home and shine as an example for the rest of the world.

That is a lofty sentiment. So let me take you back down to the ground and tell you what it looks like in the FCC day-to-day.

The FCC Chairman's remarks as a whole are very interesting and illuminating, as there is obviously more to securing 5G than meet the eye, but it is important to start learning, preparing and then securing this game-changing technology.

You can read more of her remarks over on FCC’s website.


Featured Original Article

Original article by Mark Lynd titled: "5 Astounding Reasons Why AI is Improving Cybersecurity".

5 Astounding Reasons Why AI is Improving Cybersecurity

AI in cybersecurity improves security posture

As more organizations engage in it to safeguard themselves against online attacks, artificial intelligence (AI) is quickly emerging as a critical cybersecurity tool. This is due to the fact that AI may dramatically improve an organization's capacity to identify, respond to, and recover from cyber threats.

AI systems can find trends and abnormalities that might point to a cyber-attack by evaluating vast amounts of data. This lets businesses to detect dangers considerably earlier than they might with conventional means, providing them a greater chance of averting or minimizing the impact of an attack. While there are many use-cases for artificial intelligence in cybersecurity here are a couple of the most popular ones.

Examples of how AI is being applied in cybersecurity

1. Threat identification and prevention: AI can be used to keep an eye on network traffic and spot any suspicious or unusual activities that might point to a cyber-attack. For instance, machine learning algorithms can be trained to spot patterns of activity that are typical of online attackers, like making several login attempts or using specific types of dangerous software. When such activity is discovered, AI systems can automatically take action to thwart the attack by blocking the offending traffic or shutting down the impacted services.

2. Fraud detection: AI can also be used to identify and stop fraud, such as the use of stolen credit card information or the establishment of phony accounts. For instance, machine learning algorithms can be trained on massive datasets of fraudulent behavior in order to identify patterns that may suggest a fraudulent transaction. When such conduct is discovered, AI systems can notify human analysts or initiate automatic action to stop the fraudulent activity from proceeding.

3. Vulnerability management: AI can assist organizations in locating and resolving system and network vulnerabilities. For instance, AI may be used to scan software for vulnerabilities, find weak passwords, and identify misconfigured systems that may be exploitable. Through continuous vulnerability monitoring, AI can assist organizations in proactively addressing possible issues before they can be exploited by attackers.

4. Cyber incident response: Organizations can utilize AI to assist in handling cyber incidents like malware or data breaches. As an illustration, AI may be used to evaluate vast amounts of data to determine the scale and impact of an incident and to suggest actions that should be taken to control the damage and stop future assaults. Additionally, AI can be used to automate some incident response operations, such as isolating damaged systems or restoring backups, freeing up others to work on more other tasks.

5. Automated response to cyberthreats: In certain specific circumstances, AI could be utilized to automatically respond to cyberthreats without human interaction. Using AI in this fashion needs to be heavily scrutinized and tested thoroughly. AI can also be used, for instance, to prevent malicious traffic from entering a network or to automatically shut down systems that are being attacked. This can speed up the response time to a cyber threat and lessen the possible harm that it might do.

Another benefit of AI in cybersecurity is that it may help businesses improve their overall security posture. By continuously analyzing data and spotting possible dangers, AI can help firms detect and fix vulnerabilities before they are used by attackers. Additionally, it has the potential to drastically lower expenses for businesses and boost ROI. Numerous cybersecurity tasks can be automated to assist reduce the need for expensive human labor. By identifying and responding to cyber threats more quickly and effectively, AI can help businesses avoid expensive data breaches and downtime.

AI in cybersecurity is still maturing

The application of AI to cybersecurity is still a work in progress, and there are still many challenges to overcome. For instance, false positives in AI systems can result in unneeded disruptions or other unexpected effects. Additionally, there is a chance that AI systems could be utilized for harmful purposes by attackers, fooled by them, or subjected to exploitation or deception. Despite these difficulties, however, there are appealing potential advantages to employing AI in cybersecurity, and the trend is expected to continue for the foreseeable future.

Ethics in AI is important

The likelihood of unfair or biased decision-making is another potential drawback of utilizing AI in cybersecurity. For instance, if an AI system is trained on a biased or unrepresentative dataset, it may make judgments that are unfairly skewed against particular groups of individuals. It's crucial to carefully plan and train AI systems to make sure they are impartial and fair in order to reduce this risk.

The requirement for regular updates and enhancements of the algorithms and models utilized is a further difficulty posed by the use of AI in cybersecurity. AI systems must be able to adapt and learn in order to keep up with the continuously evolving strategies and methods used by cyber attackers.

A governance framework is key to proper use

Using AI governance frameworks and rules is one technique to guarantee the ethical application of AI in cybersecurity. These frameworks can assist companies in identifying and reducing potential dangers related to the use of AI, as well as in ensuring that AI systems are used in a transparent, equitable, and moral manner.

AI becoming an important part of every industry

AI can significantly benefit an organization’s cybersecurity initiatives. By detecting risks more quickly and correctly, responding to cyber-attacks more effectively, and enhancing overall security posture, artificial intelligence can help enterprises protect themselves from cyber risks while reducing costs and resource usage. However, it is important that AI is used in a responsible and ethical manner, in order to maximize the benefits and minimize any potential negative consequences. By carefully considering the risks and benefits of using AI in cybersecurity, and by following best practices and guidelines for the responsible use of AI, organizations can effectively leverage the power of AI to improve their cybersecurity posture. Any organization seeking to better its cyber defense should consider investing in AI for cybersecurity.

Read original post


Cyber Quote

Warren Buffett quote on his concerns about cybercrime

Free Resources


Trending Story

50 Cybersecurity Titles That Every Job Seeker Should Know About
A special resource for cybercrime fighters and wannabes

Other Bytes

How to Ensure Cybersecurity Investments Remain a Priority Across Your Organization
Collaboration across all business units is key to building a robust cybersecurity program.
11 top XDR tools and how to evaluate them
Extended detection and response tools provide a deeper and more automated means to identify and respond to threats. These are some of the most popular options.

Netsync Ad for Security Services

Cyber Scam of the Week

Real Facebook Page, Fake Facebook Support

Facebook pages are typically used by organizations and public figures to connect with their community. Anyone can make a Facebook page, even cybercriminals. Using social media, cybercriminals spoof brands and organizations to trick people into trusting them. In this recent scam, cybercriminals use real Facebook pages to impersonate Facebook itself.

The scam starts with a fake email that looks like it’s from Facebook. The email states that your account has been deactivated and will be deleted in 48 hours unless you click a link. If you click the link, you’re taken to a real Facebook post from a page named “Page Support” that uses the Facebook logo. The post directs you to click another suspicious link that takes you to a fake login page. If you enter your login credentials, you’ll give cybercriminals access to your Facebook profile and the ability to scam your friends and family.

Don’t be fooled! Follow the tips below to stay safe from similar scams:

Watch out for a sense of urgency in emails. Phishing attacks rely on impulsive actions, so always think before you click.
Remember that this type of attack isn’t exclusive to Facebook. Cybercriminals could use this technique on any other social media platform.
If you receive an urgent notification, verify that it's legitimate. Navigate directly to the organization's website or official app to view details.

This Cyber Scam is provided by our sponsors: Netsync & KnowBe4


Cybersecurity Social

Just a couple interesting social posts


Did someone forward this email to you? Awesome! You can sign up here and not miss a week of the Morning Boot curated cybersecurity newsletter from Mark Lynd


You received this email because you signed up on our website, attended one of our events, or made a purchase from us. If you do not wish to receive this newsletter anymore, please hit unsubscribe below.

Questions, Suggestions & Sponsorships? Please email: mark@marklynd.com

Mark C Lynd

Head of Digital Business at Netsync. Recognized as top 5 globally ranked thought leader, author, and speaker for AI, cloud and Cybersecurity. He has been a CIO and CISO for several global companies.