The 5 cultural qualities of strong cybersecurity | Microsoft warns of PonyFinal ransomware | Remote workers, C-suite take risks with cybersecurity
May 29, 2020
SmartBrief on Cybersecurity
Security and risk management news that matters to the C-SuiteSIGN UP ⋅   SHARE
Top Story
Cybersecurity spending is less a sign of outcomes and more a sign of the human capabilities that organizations have developed, write Stephen Wilson, Dean Hamilton and Scott Stallbaum of Wilson Perumal & Co. They encourage building a culture where employees are mindful, responsive and learning-focused, and they especially encourage companies to develop the operational qualities of "formality, level of knowledge, integrity, questioning attitude, and active team backup."
Full Story: MIT Sloan Management Review online (tiered subscription model) (5/26) 
LinkedIn Twitter Facebook Email
Data Breaches
A new type of ransomware called PonyFinal has been identified by Microsoft, which says the program is operated by humans, not automation. The ransomware, which uses Java Runtime Environment, employs brute-force attacks against servers to gain access.
Full Story: Infosecurity (U.K.) (5/29) 
LinkedIn Twitter Facebook Email
Security Tips and Tools
C-suite executives and remote employers of all levels each say they're lax with cybersecurity, per MobileIron and Tessian reports. "People will cut corners on security best practices when working remotely and find workarounds if security policies disrupt their productivity in these new working conditions," says Tessian CEO Tim Salder.
Full Story: ZDNet (5/28),  ZDNet (5/28) 
LinkedIn Twitter Facebook Email
Google-branded attacks using storage websites and file sharing are on the increase, Barracuda Networks says. The impersonation attacks are expected to increase because they are good at getting users to share login credentials.
Full Story: Infosecurity (U.K.) (5/28) 
LinkedIn Twitter Facebook Email
SmartBrief Originals
Sponsored content brought to you by SmartBrief
Spotlight on Health Care
An identity management framework intended to help health care chief information security officers improve identity and access control management and boost enterprise cybersecurity has been released by the Health Information Sharing and Analysis Center. The framework outlines methods for architecture, construction and deployment of identity systems capable of defending against modern cyberattacks.
Full Story: Health IT Security (5/27) 
LinkedIn Twitter Facebook Email
Managing Data
The use of USB drives to copy company data more than doubled in the early weeks of the pandemic, while malicious network activity and incident-response inquiries also were up, a Digital Guardian report states. Employees appear to be taking data for themselves rather than to sell online, says report author Tim Bandos.
Full Story: Dark Reading (free registration) (5/28) 
LinkedIn Twitter Facebook Email
Government Security and Policy
The Defense Advanced Research Projects Agency announced the formation of two teams, led by Northrop Grumman and Synopsys, under the Automatic Implementation of Secure Silicon program. Both teams will work on Arm-based architectures that use a security engine to defend against cyberattacks and reverse engineering.
Full Story: EE Times (5/27),  Electronics Weekly (UK) (5/28) 
LinkedIn Twitter Facebook Email
RackTop Systems' BrickStor SP has been incorporated into Hewlett Packard Enterprise's Complete program and will be resold to federal government clients. "BrickStor attacks the problem properly by securing unstructured data at its source so that it can't be seized, maliciously encrypted or exploited," says RackTop Systems CEO Eric Bednash.
Full Story: Infosecurity (U.K.) (5/28) 
LinkedIn Twitter Facebook Email
Sharing SmartBrief on Cybersecurity with your network keeps the quality of content high and these newsletters free.
Help Spread the Word
Or copy & share your personalized link:
Practice what you know, and it will help to make clear what now you do not know.
painter, printmaker, draftsman
LinkedIn Twitter Facebook Email
SmartBrief publishes more than 200 free industry newsletters - Browse our portfolio
Sign Up  |    Update Profile  |    Advertise with SmartBrief
Unsubscribe  |    Privacy policy
SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004