Welcome to CISO Corner, the weekly collection of Dark Reading articles designed specifically for readers and security leaders involved in security operations. Each week we will offer articles collected from our news operations, The Edge, DR Technology, DR Global and our Comments section. We are committed to bringing you a diverse set of perspectives to support the work of operationalizing cybersecurity strategies, for leaders of organizations of all shapes and sizes.
In this problem:
-
The role of the CISO is undergoing a great evolution
-
Attract younger users with cybersecurity training designed for them
-
The airline relies on SASE to modernize operations
-
Recognize security as a strategic component of the business
-
Global: South African Railways has lost over $1 million to a phishing scam
-
A cyber insurer’s perspective on avoiding ransomware
The role of the CISO is undergoing a great evolution
Commentary by Mark Bowling, CISO and Risk Officer, ExtraHop
After SolarWinds, it’s no longer enough for cybersecurity leaders to stay compliant and call it a day.
When hired, CISOs are often described as being responsible for implementing effective security, information protection and risk management structures in their organizations. But lately, some may be telling the CISO that the job description should include “The Scapegoat in the Face of a Cyber Incident” in the wake of Securities and Exchange Commission (SEC) charges against SolarWinds CISO.
A CISO is an essential decision maker regarding every security issue in an organization. But now, even if SolarWinds is trying to get the SEC lawsuit dismissedThere is precedent for personal legal liability for breaches and attacks, and some argue this has created a deterrent for the CISO role in public companies.
With this new responsibility in mind, it’s a good time to talk about what it takes to be a good CISO and where the job goes beyond description. For example, make sure you have a strong team around you. We assume that the liability rules can change at any time. And know that always being active is part of the role.
Get more insights on this: The role of the CISO is undergoing a great evolution
Related: Soft skills every CISO needs to inspire better boardroom relationships
Attract younger users with cybersecurity training designed for them
By Tatiana Walk-Morris, Dark Reading Contributing Writer
Security should not be treated as a one-size-fits-all solution, and that is doubly true when it comes to security awareness education. To be effective, training should be customized based on age, learning styles and preferred media.
According to a Yubico and OnePoll survey of 2,000 US and UK consumers published in October, around 20% of Baby Boomers reuse their passwords across online services, but surprisingly, nearly half (47%) of Millennials do so, making them more vulnerable to cyber attacks.
The takeaway for businesses? Millennial and Generation Z Internet users may more frequently engage in poor cybersecurity practices and risky behaviors, such as reusing passwords, not enabling multi-factor authentication, and failing to protect payment information, but that’s not all Internet users More young people have not been taught online safety.
Rather, the training did not have the resonance it should have. Different age demographics think about internet safety in different ways, and that has an impact How organizations should approach user cyber awareness training.
Here’s how organizations can tailor their cybersecurity training programs to fit audiences of all demographics, hold training sessions more frequently, and promote awareness throughout the year to ensure security messages don’t get lost. forgotten or ignored.
To know more: Attract younger users with cybersecurity training designed for them
Related: Why Gen Z is the new force reshaping OT security
The airline relies on SASE to modernize operations
By Karen D. Schwartz, Dark Reading Contributing Writer
Cathay, a travel lifestyle brand that includes airline Cathay Pacific, had a growing cybersecurity problem exacerbated by its aging technology infrastructure. It solved part of the problem by replacing legacy technology with a modern one with built-in security.
Modern aviation is a mix of legacy and new technologies, creating a complex environment that is difficult to protect. Aviation systems rely heavily on machine learning and artificial intelligence, augmented reality, cloud technology, and the Internet of Things, which expand the attack surface.
Cathay Pacific, which suffered a large data breach in recent years, it has decided to replace its infrastructure with one equipped with integrated cybersecurity: when fully operational, Cathay Pacific will be one of the first airlines to adopt Secure Access Service Edge (SASE).
It’s the start of a trend. In November, Qatar Airways announced it will add SASE to its technology stack; and United Airlines and Qantas have also indicated moves in the direction of SASE.
Read more about the Cathay case study: The airline relies on SASE to modernize operations
Related: TSA Issues Urgent Directive to Make Aviation More Resilient to Cyber Resilients
Recognize security as a strategic component of the business
Commentary by Michael Armer, CISO, RingCentral
In today’s environments, security can be a revenue driver, not just a cost center. Organizations should capitalize on opportunities.
Many organizations still often see security as a necessary expense and cost center, but in reality security teams are a strategic component that can provide truly enabling services for the business.
A new security service that enables customer self-service, for example, does not generate revenue directly, because there is no cost to the customer. But it improves the customer experience, adding value for customers and enabling sales.
AND, artificial intelligence (AI)-based security stacks. they are helping security teams generate new revenue streams by strengthening customer trust, improving business continuity and providing competitive differentiation.
There are other ways that IT and security can be more integral to operations, such as in crisis management. Many companies have business continuity and disaster recovery plans, but lack a crisis management plan. Security may not own this area of focus, but it is a key player.
Find out more about security as a strategic asset: Recognize security as a strategic component of the business
Related: Security is a revenue driver, not a cost center
Global: South African Railways has lost over $1 million to a phishing scam
By John Leyden, Dark Reading Contributing Writer
Just over half of the stolen funds have been recovered, as researchers believe “ghost accounts” are to blame.
The South African Railway Agency lost around R30.6 million ($1.6 million) after the transport network suffered a phishing scam.
Researchers believe that based on the railroad’s report, the attack could be the work of an employee who created ghost employee accounts to embezzle money, demonstrating that insider threats still pose a significant risk to organizations, compromising their integrity, confidentiality and availability of their data, personnel and facilities.
According to the South African Banking Risk Information Center (SABRIC), digital banking fraud in the region is on the rise, with a 30% increase in digital banking fraud cases compared to 2022.
Beware of the (safety) gap: South African Railways has lost over $1 million to a phishing scam
Related: Rail cybersecurity is a complex environment
A cyber insurer’s perspective on avoiding ransomware
By Tiago Henriques, Vice President of Research, Coalition
Insurance companies have unique insight into the ravages of ransomware, which allows us to formulate lessons on how to avoid becoming a victim.
The Coalition’s Cyber Claims Report found that, due to large spikes in activity, ransomware was the primary driver of the overall increase in cyber insurance claims frequency in the first half of 2023, equal to 19% of the total claims reported.
The severity of ransomware claims also reached a record high, with an average loss of more than $365,000. This spike represents a 117% increase in one year. The average ransom demand in the first half was $1.62 million, an increase of 74% compared to last year.
Claim frequency increased across all income brackets, but companies with more than $100 million in revenue saw the largest increase, at 20%. Businesses with more than $100 million in revenue were also hit the hardest, experiencing a 72% increase in claim severity.
Fortunately, there are crucial steps businesses can take to minimize their exposure and prevent the financial impact of an attack.
Find out what to do: A cyber insurer’s perspective on avoiding ransomware
Related: Removing the ransomware from Johnson Controls costs a whopping $27 million and counting