Skip to main content

Cyber Risk At The Board Level – Why Should It Be A Priority?

Cyber risk has ranked as the top business risk for the first time ever (Allianz Risk Barometer 2020) but, is it considered a priority at board level? Cyber Security has proved to be not just an IT matter but a crucial risk management issue to be considered at strategic level, bringing financial and operational benefits, among others.

Covid-19 has led to unprecedented changes for organizations; remote working and digital communications have become the norm, increasing businesses’ attack surfaces exponentially in a landscape that seems will remain uncertain for a while. Cyber-attacks keep skyrocketing and one thing is for sure: Cyber Security is and will undoubtedly remain a board-level issue for the foreseeable future. Are companies setting the tone from the top in this matter? How can Cyber make it to the top of the board agenda? How can they find NEDs with a background in Cyber?

Speakers:

  • Frank Satterwhite, Founder & CEO, 1600 Cyber
  • Fahrin Ribeiro, Head of Governance, GB and Western Europe, Willis Towers Watson
  • Sabine Dembkowski, Managing Partner, Better Boards
  • Michael Council, CISM, CISSP, CEH, PMP, Principal Cybersecurity Consultant (EC Technology Consulting Services)

Link:

https://1600cyber.com/webinar-cyber-risk-at-board-level-why-should-it-be-a-priority

 

2023 Verizon Data Breach Investigations Report

The 2023 Verizon Data Breach Investigations Report (DBIR) provides a comprehensive analysis of global cybersecurity trends based on extensive data collected from real-world incidents. The report reveals key findings, including the persistence of phishing as a prevalent attack vector, with cybercriminals increasingly targeting remote work environments. Ransomware attacks continue to rise, particularly affecting critical infrastructure sectors. Additionally, supply chain attacks emerge as a significant threat, highlighting the interconnected nature of modern business ecosystems. The DBIR underscores the importance of proactive cybersecurity measures, such as employee training, threat intelligence sharing, and implementing robust security controls. Overall, the report serves as a valuable resource for organizations seeking to enhance their cybersecurity posture and mitigate evolving threats.

Key Takeaways from the DBIR:

  1. Ransomware attacks will continue to plague businesses and government agencies around the globe. Phishing is the main threat vector for Ransomware attacks – Contact us for ways to mitigate phishing attacks and protect your digital landscape.
  2. Supply Chain attacks are a significant threat that continues to grow. Ensure that you are doing due diligence before onboarding any third-party vendor.  After onboarding, make sure that your doing audits, rectifying findings, and practicing continuous monitoring.  You have the prime responsibility of due care of all data entrusted to your organization.  We can assist you with this as well.
  3. Employee Training. The human is the weakest link in the cybersecurity defense perimeter.  In order to reduce the risk, businesses must ensure that they are conducting cybersecurity awareness training annually (at a minimum). Organizations should conduct phishing campaigns (training, mock attacks, reporting channels, and reporting)
  4. Security Controls.  Implementing recommended cybersecurity controls from a respected framework (NIST, CIS Top 20,ISO-27001, CSF) is a great way to secure your data and meet regulatory requirements. There are hundreds of controls that can/should be implemented across your resources.  Don’t try and do this on your own – we have over 20 years of experience implementing security controls across all spectrums of business.  Contact EC Technology Consulting Services at info@eccybersecurity.com or 1- 866-568-0563. 

Download the 2023 Verizon DBIR

 

COVID-19….A Latest Reason To Go Phishing!

The article highlights the persistence of cybercriminals amidst the confusion and fear caused by the COVID-19 pandemic. Attackers are targeting individuals, businesses, critical infrastructure, and healthcare organizations around the globe.. Phishing, defined as deceptive attempts to obtain sensitive information, has surged during the crisis. The piece offers tips for detecting phishing emails, such as scrutinizing sender details and grammar. Combating phishing requires proactive measures, including security awareness training and adherence to safe internet practices. In case of a phishing attempt, individuals are advised not to engage and report incidents promptly to appropriate authorities. 

Link: https://1600cyber.com/blog/covid-19-a-latest-reason-to-go-phishing

View The Presentation