Jul 08 2021 8 mins 38
Links:
- Cyber insurance isn’t helping with cybersecurity, and it might be making the ransomware crisis worse, say researchers: https://www.zdnet.com/article/ransomware-has-become-an-existential-threat-that-means-cyber-insurance-is-about-to-change/
- House lawmakers introduce bill to increase American awareness of cyber threats: https://thehill.com/policy/cybersecurity/560077-house-lawmakers-introduce-bill-to-increase-american-awareness-of-cyber
- 5 Mistakes that Impact a Security Team’s Success: https://www.darkreading.com/edge/theedge/5-mistakes-that-impact-a-security-teams-success/b/d-id/1341470
- Google Working on Patching GCP Vulnerability that Allows VM Takeover: https://www.itsecuritynews.info/google-working-on-patching-gcp-vulnerability-that-allows-vm-takeover/
- NSA & CISA Issue Warning About Russian GRU Brute-Force Cyberattacks Against US, Global Orgs: https://www.darkreading.com/attacks-breaches/nsa-and-cisa-issue-warning-about-russian-gru-brute-force-cyberattacks-against-us-global-orgs/d/d-id/1341458
- $70 Million Demanded as REvil Ransomware Attackers Claim 1 Million Systems Hit: https://www.forbes.com/sites/daveywinder/2021/07/05/70-million-demanded-as-revil-ransomware-attackers-claim-1-million-systems-hit/?sh=7517b8f957c0
- How to monitor and track failed logins for your AWS Managed Microsoft AD: https://aws.amazon.com/blogs/security/how-to-monitor-and-track-failed-logins-for-your-aws-managed-microsoft-ad/
- Six ways businesses can reduce their cyber security risk as incidents rise: https://www.newshub.co.nz/home/money/2021/06/six-ways-businesses-can-reduce-their-cyber-security-risk-as-incidents-rise.html
- How to get a lucrative job in cybersecurity: https://www.bbc.com/news/business-57663096
- Why MTTR is Bad for SecOps: https://threatpost.com/mttr-bad-secops/167440/
- What is the dark web? How to access it and what you’ll find: https://www.csoonline.com/article/3249765/what-is-the-dark-web-how-to-access-it-and-what-youll-find.html
Transcript
Jesse: Welcome to Meanwhile in Security where I, your host Jesse Trucks, guides you to better security in the cloud.
Announcer: If your mean time to WTF for a security alert is more than a minute, it’s time to look at Lacework. Lacework will help you get your security act together for everything from compliance service configurations to container app relationships, all without the need for PhDs in AWS to write the rules. If you’re building a secure business on AWS with compliance requirements, you don’t really have time to choose between antivirus or firewall companies to help you secure your stack. That’s why Lacework is built from the ground up for the cloud: low effort, high visibility, and detection. To learn more, visit lacework.com. That’s lacework.com.
Jesse: What? Your backups are really just diversified pools of production data across multiple cloud provider regions, or stores with no space wasted on offline or non production data? That’s awesome. You are a beautiful target for ransomware. Best practices from a production infrastructure view don’t always match up to best practices for security.
However, there are ways to provide data protection and redundancy as ransomware impact mitigation while still providing dynamic operational systems. Once again, this solution is to shift left and design security into every single interaction and layer of your systems and infrastructure.
Meanwhile, in the news. Cyber insurance isn’t helping with cybersecurity, and it might be making the ransomware crisis worse, say researchers. I know of organizations that have purposefully reduced spending on their cybersecurity programs in favor of hefty cyber breach insurance. It seems at first like a great balance sheet move, but in the long run it doesn’t pay. Just build adequate security programs, please.
House lawmakers introduce bill to increase American awareness of cyber threats. Wow, so now the whole nation will be subjected to useless clickthrough CBT experiences that don’t change their behavior? Excellent. I’m sure the APTs of the world are shaking in their VR headsets already.
5 Mistakes that Impact a Security Team’s Success. Call them fiefdoms, silos, or something else, whatever name you use, operating in any way but cooperatively is horrible and unprofessional. If you are frustrated by other people doing this to you, think about the ways you can bridge the divide and draw them into a shared success model where everyone wins by working together.
Google Working on Patching GCP Vulnerability that Allows VM Takeover, AWS users rejoice. Finally a cloud security problem you can ignore. GCP users, it’s your turn to panic and question your choices. Now, you know what it feels like to be everyone else using cloud services. Being in the cloud doesn’t reduce your risks inherently; it merely shifts the focus of some of your risks.
NSA & CISA Issue Warning About Russian GRU Brute-Force Cyberattacks Against US, Global Orgs. Cyber attacks are becoming more frequent and more automated. Even the human-driven APT attacks are using scalable cloud technologies to do their dirty work. Monitor your cloud and service or system usage for anomalous behavior, as well as known attack profiles.
