There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting and helpful.
Return to Office Planning – Getting Corporate Data Back
There was a rapid shift of vast amounts of proprietary data from inside corporate walls to home PCs, Dropbox accounts, and Google Drives over the past 15 months with WFH, and now, reported increases in employee mobility exacerbates the potential problem of corporate trade secret and other confidential information exfiltration. Companies should be considering data governance and recovery as part of any return-to-office plans. ComputerWorld – You can’t take it with you: Stop data exfiltration now
Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) Releases Ransomware Assessment Tool
CISA has released a new module in its Cyber Security Evaluation Tool (CSET): the Ransomware Readiness Assessment (RRA). CSET is a desktop software tool that guides network defenders through a step-by-step process to evaluate their cybersecurity practices on their networks. CSET—applicable to both information technology (IT) and industrial control system (ICS) networks—enables users to perform a comprehensive evaluation of their cybersecurity posture using many recognized government and industry standards and recommendations. The RRA is a self-assessment tool based on a tiered set of practices to help organizations better assess how well they are equipped to defend and recover from a ransomware incident. CISA has tailored the RRA to varying levels of ransomware threat readiness to make it useful to all organizations regardless of their current cybersecurity maturity. Get the RRA here.
Addressing Third-Party Cyber Risk
Third-party cyber risk is rising to the forefront and requires attention in cybersecurity programs and hygiene. The risk presented by third-parties ultimately ends up at your company’s door. FTI Cybersecurity partnered with Harvard Business Review Analytic Services to produce a report analyzing how to address this risk. The report is available here. (free registration required)
Just in time for the holiday weekend: Nicole Perlroth, cybersecurity reporter for the New York Times, has written a page-turner from her decade-long journey covering cybersecurity. The book, This is How They Tell Me the World Ends, documents the secretive, invisible, government-backed cyber threat market, and takes a first look at a new kind of global warfare. The book was published before Colonial Pipeline, but is an even more riveting read post-Colonial Pipeline. You may think you’ve picked up a John LeCarre novel ….. but this is for real.