CyberJudicata Weekly Debrief (4/13–17)
This week's Weekly Debrief covers some interesting topics, such as threat modeling, double extortion ransomware attacks spike, shadow IT issues in wake of COVID-19, and blockchain-based VPNs and privacy tech.
"Threat modeling is a structured process through which IT pros can identify potential security threats and vulnerabilities, quantify the seriousness of each, and prioritize techniques to mitigate attack and protect IT resources.This broad definition may just sound like the job description of a cybersecurity professional, but the important thing about a threat model is that it is systematic and structured.
"The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. Whether it’s helping hospitals avoid becoming the next ransomware victim or kneecapping new COVID-19-themed scam websites, these nascent partnerships may well end up saving lives. But can this unprecedented level of collaboration survive the pandemic?"
"Victims of ransomware attacks now face a double whammy of headaches. Cybercriminals are increasingly inflicting more pain on ransomware victims by threatening to leak compromised data or use it in future spam attacks, if ransom demands aren’t met."
"With the massive shift to telework as a result of the COVID-19 pandemic, shadow IT is becoming a more critical security issue around the world. That's because some workers are using their own hardware and sometimes downloading free applications without first taking precautions with the help of the security department."
"A panel of data and privacy experts virtually provided recommended actions and guardrails for the Senate Commerce, Science and Transportation Committee as lawmakers consider ways of utilizing big data to respond to the COVID-19 pandemic."
"Every person who goes online today fights a losing privacy battle. Every site we visit, every app we download, every service we subscribe to collects our personal data. The number of places where this accumulates online shows exponential growth. There’s no way to keep track of it all, much less control who sees it."
. . .