This week’s Cyber Security Headlines – Week in Review is hosted by Nick Espinosa, nationally syndicated host of The Deep Dive Radio Show, with guest Steve Zalewski, co-host, Defense in Depth
Missed the live show? Check it out on YouTube
Cyber Security Headlines – Week in Review is live every Friday at 12:30pm PT/3:30pm ET. Join us each week by registering for the open discussion at CISOSeries.com
Government shutdown furloughs most CISA staff
Roughly 35% of the agency’s staff remain active, and Agency spokesperson Marci McCarthy has stated that “while a government shutdown can disrupt federal operations, CISA will sustain essential functions and provide timely guidance to minimize disruptions.” CISA says more staff can be recalled in the event of an emergency.”
DoD announces replacement for risk management framework
The Department of Defense has unveiled a new five-phase framework for assessing cyber risks on its networks. Named the Cybersecurity Risk Management Construct, it has been designed to replace the older Risk Management Framework, which is described as being “overly reliant on static checklists and manual processes that failed to account for operational needs and cyber survivability requirements.” A statement from the department says, “the CSRMC addresses these gaps by shifting from ‘snapshot in time’ assessments to dynamic, automated, and continuous risk management, enabling cyber defense at the speed of relevance required for modern warfare.” A layout of its five-phased lifecycle plus further details is available as a link to the report in the show notes to this episode.
UK Prime Minister to unveil digital ID cards
UK Prime Minister Keir Starmer is set to announce plans requiring all working adults to hold digital ID cards, dubbed “Brit cards,” as part of efforts to curb illegal migration. The proposal, which would need new legislation, has already drawn criticism from civil liberties and privacy groups. Downing Street argues the measure is essential to ensure only those with legal rights can work, suggesting public opinion has shifted since Tony Blair’s abandoned ID card initiative in the 2000s.
Huge thanks to our sponsor, Nudge Security
What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working?
At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which, let’s face it, is impossible), we give IT and security teams the visibility they need and automation to guide employees toward secure behaviors.
The result? Your workforce stays productive, your data stays secure, and you can finally get some sleep at night. Learn more at nudgesecurity.com/workforceedge
National cyber authorities launch OT Security Guidance
Cybersecurity agencies from seven countries, including the U.S., U.K., Australia, Germany, and the Netherlands, have released new operational technology security guidance. The framework outlines five principles: maintaining a definitive record of OT assets, implementing an information security program, classifying assets by risk, documenting system connectivity, and assessing third-party risks. Officials warn that OT compromises can disrupt critical infrastructure such as energy, water, and manufacturing. The document follows last month’s release of the first unified OT security taxonomy.
Executive extortion attempt uses with data allegedly stolen through Oracle tool
Incident responders at Mandiant and Google Threat Intelligence Group have released a warning about hackers possibly connected to the Clop ransomware gang who are attempting to extort corporate executives by threatening to leak sensitive information they claim was stolen through the Oracle E-Business Suite. This is a platform that contains several applications to manage a company’s finance, human resources and supply chain functions. The threat actors have already sent extortion emails to executives at “numerous organizations,” but Mandiant would not say how many companies may have been impacted or what information might have been stolen.
Asahi cyberattack means Japan is running dry
Japan is reportedly facing an unprecedented shortage of the nation’s most popular beer, Asahi Super Dry, following an announcement earlier this week that malicious hackers had forced Asahi Group Holdings to suspend production across nearly all of its domestic facilities. The ransomware attack disabled the company’s ordering and delivering systems, bringing production to a standstill at most of its 30 factories, and forced Asahi to announce the postponement of 12 new product launches.