Tag Archive for: discuss

Experts Discuss Cyber Risk, From Law Enforcement to Insurance Claims


To combat cyber activity, law enforcement agencies in the United States and abroad interact to exchange information about their cyber adversaries. The FBI maintains 56 field offices, each with a multiagency cyber task force manned with investigators, special agents, intelligence analysts, digital forensic technicians, and more, all with a focus on helping victims of cybercrime. These offices work with the Intelligence Community, the National Cyber Investigative Joint Task Force, and cyber assistant legal attachés to protect national security against cyber threats worldwide.

These agencies share intelligence information to keep the United States safe from cyber threats, and they also aim to develop relationships with private sector companies to share information about cyber activity before an attack occurs. Therefore, it’s important for the agencies to develop relationships with companies in the private sector. The agencies can deploy their cyber action teams within hours, domestically and globally, to assist companies onsite when a major incident or attack does happen. 

“If … a private sector company is about to get hit by a ransomware attack or by any other type of intrusion, we want to get out there immediately and let that victim know how they can best mitigate that attack,” said Scott. “We only can do that if we have the relationship built, and the better we do that ahead of time, the stronger those relationships are.”

As a success story, Scott discussed how the agencies worked as a team and shared information to take down the HIVE ransomware group. Hive was a ransomware variant that was a threat worldwide. In July 2022, the team gained persistent access to Hive’s control panel, which enabled the team to get the decryption key. Having that, the team was able to reach out and provide assistance to victims as they were being victimized by Hive. They responded to 1,500 victims in 48 states and 88 countries, preventing an estimated loss of $130 million to victims.

The FBI had always estimated that only 20% to 25% of cyber victims report a cyber incident. As a result of the team’s interaction with Hive victims, the FBI was able to substantiate that percentage.

Source…

Hayward City Council to discuss ransomware attack


Bay City News and Michael Thomas

(BCN) — The Hayward City Council will hold a special meeting Thursday night to ratify a proclamation of a local emergency made Sunday after a ransomware attack breached the city’s computer systems and networks over the weekend.

Hayward is continuing to “assess and recover” from the cybersecurity event that occurred early Sunday morning in which “intruders attempted to disrupt and hold hostage aspects and components of our computer systems and networks,” the city said.

A ransomware attack occurs when someone encrypts files and demands ransom to decrypt them. The encryption makes the files and the systems that rely on them unusable, according to the U.S. Cybersecurity and Infrastructure Security Agency.

Thursday’s meeting is at 7 p.m. and will be in-person only at council chambers, located in Hayward City Hall, 777 B Street, conference room 2A.

By declaring an emergency, the city has greater flexibility in executive decision-making and deployment of city employees, and can access and acquire equipment, supplies and other resources needed, the city said Wednesday. The declaration also can “be a prerequisite to and streamline” reimbursement of certain costs associated with the response, according to the city manager.

Public access to the City of Hayward’s website was mostly restored Tuesday, but aspects of the city’s site are still being gradually restored, the city said, and visitors to the site who encounter non-functioning links are encouraged to report them at [email protected].

Hayward’s emergency numbers and systems were never affected, the city said, nor were water, sewer, or other municipal operations.

“To date, we have found no evidence of a breach or theft of private personal or confidential information related to any current or former City employee, community member or other member of the public,” said the city. “If that were to change, the City will contact the affected individual or individuals directly.”

KRON On is streaming news live…

Source…

CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief


HP and Dell Technologies are two of the world’s largest international computer manufacturers. Their CISOs, Joanna Burkey (HP) and Kevin Cross (Dell), both manage security teams comprising many hundreds of people, and are responsible for corporate security across multiple jurisdictions. The role of CISO is different for a multinational corporation compared to a national company.

Reporting and budget

Historically, the CISO reports to the CIO, and this remains the most common reporting structure. Not all CISOs agree with this because of the inherent conflict of interest between IT and security. Both Burkey and Cross believe it is right for some companies, but wrong for others.

There’s no one size fits all solution to the hierarchy issue, says Burkey. “Every company has a different culture and different value prop; and it is these that determine the right location for the CISO.”

Cross has a very similar view. “There is no right or wrong answer to this,” he says. “It is dependent on the company culture and the business landscape how things should best be structured.” Supporting this, he notes that Dell’s structure is slightly unusual. “I report to a chief security officer who reports to general counsel, who reports to the CEO.” A stronger than usual integration with Legal could be considered important for a firm working across multiple jurisdictions with different privacy and data security requirements.

Joanna Burkey, CISO at HP
Joanna Burkey, CISO at HP

Budget is always an issue for any CISO – getting sufficient funds to do what is important. One of the weaknesses in having the CISO report to the CIO is that it is still common for the security budget to be taken as a percentage of the IT budget. But security has grown beyond IT alone. 

“Cybersecurity is a strategic horizontal in most enterprises,” comments Burkey. “Cyber is important everywhere and it is really important that the funding model and the financial partnerships for cyber span the enterprise.”

Achieving this is complex and governed by the individual business landscape. “I’ve seen different models that can work,” she continued. “Budget could be received from a single source, such as the CFO or CTO, but…

Source…

Over 1,500 cybersecurity experts will discuss challenges and trends at DefCamp


After two years of exclusive online activity, the most important annual hacking and cybersecurity conference in Central and Eastern Europe returns onsite in Bucharest, on 10th-11th November 2022, to bring together the infosec expert community in the region.

 

In recent years, companies have focused heavily on the rapid adoption of digitization to enable them to continue working remotely as a result of the pandemic. This has opened the door for cybercriminals to launch their attacks more easily given the increased number of vulnerabilities in company infrastructures. In addition, recent geopolitical events have also put pressure on companies’ capabilities to defend themselves against cyber attacks. Attack methods are becoming more sophisticated and the need for security solutions and strategies is growing. DefCamp will be the right environment to discuss today’s cybersecurity challenges, and experts on stage will address topics such as critical infrastructure security, building a company-wide security strategy and incident management, ransomware, malware, device tracking threats in 5G networks and more.

„Cybersecurity is undoubtedly the biggest challenge of the digital age. For this reason, companies, regardless of their employee numbers or industry, must prioritize defense solutions for their business. The pandemic has increased  the need for digitization, which has brought both opportunities for growth and risks for users and companies with low security. In addition, the conflict in Ukraine has exposed technological vulnerabilities behind some large companies and, along with online misinformation, it has increased distrust in storing personal data on the internet“, said Andrei Avădănei, founder of DefCamp.

Since its first edition in 2011, DefCamp has brought together the region’s community of security experts to showcase current solutions for effective and lasting protection against increasingly agile cybercriminals. This year’s edition will focus on creating opportunities to reconnect and develop members’ skills, after two years of being exclusively online. The event is physically expected to attract more than 1500 participants from around the world,…

Source…