December 7, 2021
ISACA SmartBrief on Cybersecurity
Advancing the best guidance and learning in cybersecuritySIGN UP ⋅   SHARE
Top Story
Because most successful cyberattacks exploit human error, heavy investment in cybersecurity technology has not bolstered the confidence of security leaders, finds a survey. The proliferation of detected vulnerabilities and lack of insight into root causes are ongoing challenges for security teams, at the same time the pandemic has forced many companies to shift focus to business continuity at the expense of security.
Full Story: Fast Company (tiered subscription model) (12/6) 
LinkedIn Twitter Facebook Email
Security in the News
Banks are seeking clarification of a requirement of notification to regulators within 36 hours of learning of a cybersecurity incident. Banks say the rule does not mention how much detail of the incident should be reported or what regulators do with information gathered.
Full Story: Risk (subscription required) (12/6) 
LinkedIn Twitter Facebook Email
The White House is preparing to release a plan to make US water systems more resistant to cyberattacks. The plan will identify opportunities for the water sector, the Environmental Protection Agency and the Cybersecurity and Infrastructure Security Agency to work together to help protect US water supplies, according to an EPA spokesperson.
Full Story: The Wall Street Journal (12/3) 
LinkedIn Twitter Facebook Email
The US government is investing $1 billion in cyberprotection infrastructure and system modernization while establishing the Office of the National Cyber Director, steps that show the federal government is taking cyberthreats seriously. "It is incumbent upon private sector entities and enterprises, which are no less vulnerable to digital threats than their public sector and government counterparts, to take the initiative and improve their enterprise privacy risk posture against such threats," writes Tom Kelly, president and CEO of IDX, a provider of data breach and consumer privacy services.
Full Story: The Hill (12/1) 
LinkedIn Twitter Facebook Email
Closing the Skills Gap
The National Security Agency has granted $2 million to the Regional Coalition for Critical Infrastructure Protection, Education and Practice, a group that includes Iowa State University and the University of Illinois at Urbana-Champaign. The goal is to recruit and train new cybersecurity professionals in the Midwest.
Full Story: The Ames Tribune (Iowa) (12/5) 
LinkedIn Twitter Facebook Email
Registration Now Open for ISACA Conference North America 2022
Explore new ideas, expand your knowledge, connect with industry leaders and find your inspiration at the ISACA Conference North America from 4-6 May 2022 in New Orleans, Louisiana, or join virtually. Register to attend in person by 1 March 2022 and save US$200! REGISTER NOW
Featured Content
Sponsored Content from 1440 Media
Tired of being told how to think? Check out 1440 - The fastest way to an impartial point-of-view. The team at 1440 scours over 100+ sources so you don't have to. Culture, science, sports, politics, business and everything in between - in a 5-minute read each morning, 100% free. Sign up now!

    New from ISACA
    Trusted Execution Environment, synthetic data and encryption keys can sometimes be misunderstood, but they are changing the digital landscape when it comes to advancing secure machine learning.
    Full Story: ISACA (12/1) 
    LinkedIn Twitter Facebook Email
    Data Breaches
    Ransom payments in excess of $43.9 million have been collected via Cuba ransomware, which has targeted 49 critical infrastructure businesses through Windows-focused deployments of a malware loader, the FBI reports. The agency says hackers have tapped multiple techniques, including phishing emails, stolen credentials and Microsoft Exchange bugs, to access networks, while also using legitimate Windows services to deploy ransomware remotely.
    Full Story: ZDNet (12/3) 
    LinkedIn Twitter Facebook Email
    Managing Data
    As CEO of Veritas, Greg Hughes has closely monitored the increasing frequency and sophistication of ransomware attacks and how they can devastate companies. He advises businesses to "make sure that your backup application, like all your other applications, is upgraded to the latest version" to limit ransomware-caused disruption.
    Full Story: McKinsey (11/30) 
    LinkedIn Twitter Facebook Email
    One of the greatest and simplest tools for learning more and growing is doing more.
    Washington Irving,
    writer, essayist, historian, diplomat
    LinkedIn Twitter Facebook Email
    Certifications  |    Certificates  |    Training and Events  |    Resources  |    Membership  |    Enterprise
    SmartBrief publishes more than 200 free industry newsletters - Browse our portfolio
    Sign Up  |    Update Profile  |    Advertise with SmartBrief
    Unsubscribe  |    Privacy policy
    SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004