Posts

Cyber Daily: Security Chiefs See Bigger Paychecks Amid Rise in Hacking Threats

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Good morning. Corporate cyber chiefs’ salaries are growing amid an uptick in hacking threats and a dearth of experienced executives, WSJ Pro’s Catherine Stupp reports.

Also today: Biden’s new directive on cyber safeguards for critical infrastructure; more details on the TSA’s pipeline rules; a tool for shaming hackable websites; and cyber startups going gangbusters.

High Demand

Cha-ching: Demand for experienced cyber executives has pushed the average salary for chief information security officers to new heights.

CISOs in the U.S. earned a median salary of $509,000 this year, compared with $473,000 in 2020, according to a new survey of 354 CISOs, published Thursday by executive search firm

Heidrick & Struggles International Inc.

Total compensation, including equity grants and bonuses, rose to $936,000 from $784,000 in 2020.

High-profile ransomware attacks have caused corporate executives and boards to focus more on cybersecurity over the past year, said Omar Khawaja, CISO at Pittsburgh-based Highmark Health.

“There’s a very tangible and direct business disruption,” he said. “It’s hard to ignore.”

Read the full story.

More Cyber News

Biden urges critical infrastructure to beef up cyber safeguards. The White House directed federal agencies to develop voluntary security goals by September for companies that operate critical infrastructure, such as financial services or electric utilities. At least four successive administrations have pursued such a voluntary strategy for ensuring cyber readiness. But senior officials say the directive could be a precursor to the Biden administration issuing mandatory standards for such firms. (WSJ)

Read the full directive from the White House here.

TSA official details second pipeline security directive. The rules, which have not been publicly released, cover technical areas such as the separation of operational and information-technology systems, Administrator David Pekoske told the Senate Commerce Committee Tuesday. Mr. Pekoske said the directive would also require reviews of how…

Source…

Join over 45,000 others, and get FREE threat intelligence on hackers and exploits with the Recorded Future Cyber Daily • Graham Cluley


Get trending threat insights delivered to your inbox with Recorded Future's free Cyber Daily newsletter

Many thanks to the great team at Recorded Future, who are sponsoring my website this week.

Recorded Future provides deep, detailed insight into emerging threats by automatically collecting, analyzing, and organizing billions of data points from the web.

And now, with its FREE Cyber Daily email all IT security professionals can access information about the top trending threat indicators – helping you use threat intelligence to help make better decisions quickly and easily.

Which means that you will be able to benefit from a daily update of the following:

  • Information Security Headlines: Top trending news stories.
  • Top Targeted Industries: Companies targeted by cyber attacks, grouped by their industries.
  • Top Hackers: Organizations and people recognized as hackers by Recorded Future.
  • Top Exploited Vulnerabilities: Identified vulnerabilities with language indicating malcode activity. These language indicators range from security research (“reverse engineering,” “proof of concept”) to malicious exploitation (“exploited in the wild,” “weaponized”).
  • Top Vulnerabilities: Identified vulnerabilities that generated significant amounts of event reporting, useful for general vulnerability management.

Join over 45,000 others, and enhance your security with threat intelligence by signing-up for the free Cyber Daily today.

Infosec professionals agree that the Cyber Daily is an essential tool:

“I look forward to the Cyber Daily update email every morning to start my day. It’s timely and exact, with a quick overview of emerging threats and vulnerabilities. For organizations looking to strengthen their security program with threat intelligence, Recorded Future’s Cyber Daily is the perfect first step that helps to prioritize security actions.” – Tom Doyle, CIO at EBI Consulting.

So, what are you waiting for?

Sign up for the Cyber Daily today, and starting tomorrow you’ll receive the top trending threat indicators.


If you’re interested in exclusively sponsoring my site for a week, and reaching an IT-savvy audience that cares about computer security, you can find more information here.


Source…

Ransomware and hacking | Tacoma Daily Index

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


By Morf Morford

Tacoma Daily Index

The problem with hacking and ransomware is that they are a constant threat, but unlike any other, more traditional threat, like fire or theft or sabotage, they are unseen and largely undetectable – and vastly more invasive threats than any of us have ever seen before.

To face traditional threats, like theft or attack, physical locks or increased security (in a direct sense, like visible armed guards) would be effective.

If you thought a disease virus that impacts human health is a threat (and as we all know in 2021, that is certainly true) a digital, information-based virus can be, and is proving to be, an even greater threat.

The great promise of the internet was connectivity. The greatest threat to the internet is also connectivity.

Open access was the point.

Communicating across time zones, national borders, and ethnicities with information accessible to all regardless of race, income, education, position or background was the original hacker’s vision.

“Information wants to be free” was the rallying cry of hackers (back in the 1970s when that was largely seen as a good thing) and, in those now-innocent days, hackers were those off-beat characters, like Steve Jobs and Steve Wozniac (Woz) as profiled by Steven Levy in his 1984 book Hackers: Heroes of the Computer Revolution.

Levy formulated and summarized the ethics and values of that first generation of hackers with these attitudes and assumptions:

Access to computers-and anything that might teach you something about the way the world works-should be unlimited and total.

All information should be free.

Hackers should be judged by their hacking, not bogus criteria such as degrees, age, race, or position.

You can create art and beauty on a computer.

Computers can change your life for the better.

Sharing

Openness

Decentralization

Free access to computers

World Improvement (foremost, upholding democracy and the fundamental laws we all live by, as a society)

But to quote a phrase, that was then and this is now.

That hacker idealism led to essential development that we all take for granted now, from open-source software (like Linux) and…

Source…

New Zealand’s hospitals battle daily cyber attacks: Ministry of Health

Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being.


Waikato DHB’s IT system has faced major disruption since Tuesday morning. Photo / Alan Gibson

New Zealand’s health network battles against cyber assaults every day, officials have confirmed after a major attack led surgeries to be postponed at all Waikato public hospitals this week.

The Ministry of Health also said Tuesday’s attack – which brought the Waikato District Health Board’s entire IT system down – did not appear linked to another major assault on Ireland’s health network recently.

The Waikato DHB has said it will not be able to fix its IT network until the weekend after Monday’s attack disrupted emails, phone lines and other services.

Waikato DHB chief executive Kevin Snee earlier told news outlet RNZ the attack appeared to enter the health provider’s network’s system through an email attachment.

The Ministry of Health said it was now working with the DHB and National Cyber Security Centre as well as an “external specialist cyber security company” to recover from the attack.

And it appeared Tuesday’s attack was unlikely to be the last major attack New Zealand’s hospitals would face.

“All DHBS face cyber attacks in various forms daily,” a Ministry of Health spokeswoman said.

“For security reasons, we will not be commenting on the response to the Waikato DHB incident in greater detail at this time.”

Cyber attacks have been increasingly making headlines in recent years, including with the major ransomware attack on Ireland’s health network last Friday and another ransomware attack that shut down a major fuel pipeline in the United States this week.

Against the growing cyber threat, the Ministry of Health said it had advised DHBs to ask staff to be particularly vigilant when using the internet.

“DHBs have been asked to go through their IT systems looking for patterns of a similar event,” the ministry’s spokeswoman said.

“They have also been asked to again check their anti-virus and other security systems are up to date and can protect their systems from a cyber attack.”

“Staff are being urged to be extra careful clicking on links or attachments in emails, especially from people they don’t know.”

The Ministry’s Data and Digital team had also encouraged DHBs to have a plan…

Source…