Three pieces of advice to startups serious about winning funding and support for their nascent companies: Articulate your key message clearly, have the founder speak, and don’t use a canned demo.
Related Posts
Windows 11 KB5027231 also breaks Chrome for Cisco, WatchGuard EDR users
Windows 11 KB5027231 also breaks Chrome for Cisco, WatchGuard EDR users
The Windows 11 22H2 KB5027231 cumulative update released during this month’s Patch Tuesday also breaks Google Chrome on systems protected by Cisco and WatchGuard EDR and antivirus solutions. […] Read More
BleepingComputer
Ransomware Gang Takes Credit for February Reddit Hack
Ransomware Gang Takes Credit for February Reddit Hack
The Alphv/BlackCat ransomware gang has taken responsibility for the February cyberattack that hit social media site Reddit.
The post Ransomware Gang Takes Credit for February Reddit Hack appeared first on SecurityWeek.
SecurityWeek RSS Feed
CISA, NSA & FBI Warns of Volt Typhoon Attacking Targeting Critical Infrastructure
CISA, NSA & FBI Warns of Volt Typhoon Attacking Targeting Critical Infrastructure
[[{“value”:”
Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and international partners, have issued a stark warning about a sophisticated cyber threat group known as “Volt Typhoon.”
This group, backed by the People’s Republic of China (PRC), has been actively pre-positioning itself within the networks of U.S. critical infrastructure organizations.
The aim is to enable the disruption or destruction of critical services in the event of heightened geopolitical tensions or military conflict involving the United States and its allies.
A Coordinated Advisory
The advisory, released on February 7, 2024, details the Volt Typhoon’s activities and its successful compromises of U.S. organizations, particularly those in the Communications, Energy, Transportation Systems, and Water and Wastewater Systems Sectors.
Document
Free Webinar : Mitigating Vulnerability & 0-day Threats
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, that helps you to quantify risk accurately:
The authoring agencies have called on owners and operators of critical infrastructure to review the advisory for defensive actions against this threat, emphasizing the potential impacts on national security.
Guidance for Critical Infrastructure Leaders
CISA and its partners are urging the leaders of critical infrastructure entities to prioritize protecting their infrastructure and functions.
Recognizing cyber risk as a core business risk is essential for good governance and fundamental to national security.
The fact sheet provides actionable guidance for leaders to empower their cybersecurity teams, secure their supply chains, and foster a culture of cybersecurity within their organizations.
The highly sophisticated threat poses a serious risk to organizations’ security and operations.
The concerned agencies need to take necessary measures to safeguard their systems and networks against this threat, as reported by CISA.
Empowering Cybersecurity Teams
Leaders are encouraged to make informed resourcing decisions, leveraging intelligence-informed prioritization tools like the Cybersecurity Performance Goals (CPGs) or a Security Risk Management Assessment (SRMA) guidance.
The focus is on applying detection and hardening best practices, continuous cybersecurity training, and developing comprehensive information security plans.
Effective risk management policies are crucial to minimize the likelihood of damage from a compromise.
This includes establishing robust vendor risk management processes, exercising due diligence in vendor selection, and advocating for vendors to deliver secure and resilient systems.
A recent tweet from the NSA Cyber, CISA, NSA, and FBI cautions about a cyber threat named Volt Typhoon that targets critical infrastructure.
Is your leadership asking about PRC threats to your systems? Along with @CISACyber and other partners, we’re releasing an executive overview of the February 2024 joint cybersecurity advisory on PRC actor Volt Typhoon activity. Read now: https://t.co/qR2jk8qmbp pic.twitter.com/sRHghacA2a
— NSA Cyber (@NSACyber) March 19, 2024
Aligning performance management outcomes with the cyber goals of the organization is critical.
This involves encouraging collaboration across departments, championing cybersecurity risk assessments, and increasing awareness of social engineering tactics.
Incident Response
In the event of an incident, organizations are advised to implement their cyber incident response plan and report incidents or anomalous activity immediately to an authoring agency.
Regular review and update of cyber incident response plans are recommended.
Specific contact information is provided for organizations in the U.S., Australia, Canada, New Zealand, and the United Kingdom for reporting incidents or accessing further assistance.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post CISA, NSA & FBI Warns of Volt Typhoon Attacking Targeting Critical Infrastructure appeared first on Cyber Security News.
“}]] Read More
Cyber Security News