Cyber Connections News Roundup: October 22

Get the latest cybersecurity news from leading companies, news outlets and blogs.

Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.

October 22, 2019

It’s National Cybersecurity Awareness Month: UMGC Students, Alumni and Faculty Experts Share Their Tips for Staying Safe

Check out our University of Maryland Global Campus three-part video series offering tips and insights to help you understand and secure your digital profile at home and at work. Read more.

Making the Case for a Risk-Based Approach to Cybersecurity in the Financial Services Industry

We have no definable network perimeter to protect, according to a recent article on www.securityboulevard.com. With thousands of mobile devices connecting to networks through cloud-based applications that access critical and sensitive data from a variety of hybrid cloud environments, the article supports the argument that it’s time to adopt a truly risk-based approach to cybersecurity to enable us to focus on protecting data itself, rather than on endpoints, networks, and identity. Read more.

Supply Chain Hacks Are On the Rise for Phishing Scams

According to Verizon’s latest Data Breach Investigations Report, email is the channel used in 94% of attacks where hackers target executives for phishing schemes. A recent article on https://netlibsecurity.com describes how hackers are now employing creative approaches to what are known as “supply chain” attacks, which use an organization’s associates, like outsourcing companies, to spread their attacks across that entity’s network of partners and vendors. Read more.

Is Insurance a Viable Solution to Growing Cybersecurity Challenges?

A recent article on www.insurancejournal.com makes the case. Given the increasing frequency of cyber breaches, along with the presence of more varied and evolving threats, how do we address the perpetual uncertainty about whether the cybersecurity industry can protect us? The article argues that since cybersecurity providers can’t guarantee the effectiveness of a cyber solution, and since it is difficult to accurately quantify the cost/benefit of a cyber strategy, then cybersecurity insurance may provide the path toward a way to reduce risk and incentivize clients to take preventative measures. Read more.

Open Cybersecurity Alliance Aims to Unite a Fragmented Landscape with Common, Open Source Code and Practices

On October 8, 2019, the OASIS international consortium announced the Open Cybersecurity Alliance (OCA), an industry initiative to bring interoperability and data sharing across cybersecurity products. IBM and McAfee have contributed the initial open source content and code. Formed under the auspices of OASIS, OCA brings together organizations and individuals from around the world to develop open source security technologies, which can freely exchange information, insights, analytics, and orchestrated responses. Read more.