CISO Corner: Learn from Verizon DBIR, tackle microaggressions and shadow APIs

May 5, 2024
1 min read

TLDR:

  • Verizon DBIR report highlights basic security mistakes leading to data breaches
  • Workplace exclusion in cybersecurity impacts underrepresented groups

In this week’s CISO Corner, key elements include:

In the Verizon Data Breach Investigations Report (DBIR), it was revealed that basic security errors such as failure to patch bugs and falling for social engineering tactics have led to a rise in breaches since 2023.

The issue of workplace exclusion in cybersecurity was also discussed, with certain demographics facing a lack of career advancement opportunities due to exclusionary behaviors in the workplace, as highlighted by the Women in CyberSecurity report.

The importance of setting up DMARC to protect domains from spoofing was emphasized, with companies facing threats targeting those with weak DMARC protection.

Additionally, a new threat group called Muddling Meerkat was uncovered, posing a DNS mystery with sophisticated covert communication methods that bypass government firewalls.

Shadow APIs were identified as a significant cybersecurity risk for organizations, urging heightened API security and the elimination of unmanaged or outdated endpoints.

A cybersecurity checklist for M&A deals was also provided, outlining steps to safeguard digital assets before, during, and after a merger or acquisition.

Overall, the articles aim to provide insights and strategies for security leaders and professionals focused on operationalizing cybersecurity.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and