Last Month in Cyber – Issue 35

Share This Post:

We keep an eye on what’s happening in the cybersecurity world so you don’t have to. Here’s a recap of what we considered the highlights from last month.

As an organizational leader and decision maker, your viewpoint on business operations, security, regulations, and technology is important to us. We are conducting a brief research survey to better understand the challenges today’s organizations are facing with operations, technology, cybersecurity, and regulatory compliance as the tsunami of cyber and physical attacks and data breaches is growing.

Be one of the first 100 people to complete the short Cyber Challenges Survey on our website and receive a $25 Amazon.com Gift Card!

December 20, 11:00am PST

Join industry experts from IOA, Intuit, REDW, The Arizona Group, and MARS Suite, for this engaging expert panel discussing the good, the bad, and the ugly on cybersecurity insurance realities impacting organizations in 2023. Select the number of virtual tickets and click “Next” on our event page to register for this engaging panel session!

A recent survey of 300 US-based Department of Defense (DoD) contractors found that only 13% of respondents have a Supplier Risk Performance System (SPRS) score of 70 or above. Under the Defense Federal Acquisition Regulation Supplement (DFARS), a score of 110 is required for full compliance.

This could have major consequences for defense contractors, nearly half of whom would lose up to 40% of their revenue if DoD contract loss occurs, according to the research.

December 15, 11:00am PST

If you are looking to reduce the risk and negative revenue impact of regulatory compliance in 2023, join MARS Suite and other industry experts for this expert panel. Select the number of virtual tickets and click “Next” on our event page to register for this engaging panel session!

Organizations within multiple industries have been scrambling to address the revised Safeguards Rule that was passed in Q4 2021. The FTC recently pushed the compliance extension deadline from December 2022 to June 9, 2023, in response to reports of personnel shortages and supply chain issues. This provides organizations with additional time to design, procure, and implement additional cyber and data privacy programs, controls, technologies, and resources addressing key Safeguard Rule requirements.

Over the last 12 months, high-profile breaches of several large organizations illustrated how easily threat actors can breach network defenses using stolen employee credentials and leveraging MFA fatigue attacks. MFA fatigue attacks involve repeated attempts to log on to an MFA-enabled account using stolen credentials, thereby bombarding a potential victim with MFA push requests. These attacks and the recent data breach announcement by LastPass highlight the reality that no single security technology deployment can guarantee you will be 100% secure and will never be breached. A ZeroTrust approach to security that includes continuous vulnerability scanning, threat detection alerting, detection, and response (like MARS Suite), recommends that multiple layers of technologies and controls be implemented to help defend and protect mission critical systems, sensitive data, and key employee and partner relationships

As if navigating the waters of the pandemic between 2020 and 2022 was not enough pressure on small to medium sized organizations, the current economic headwinds are causing many organizations to rethink their 2023 strategic priorities and where and how much they will invest in their businesses. IT and Cybersecurity spending is under a microscope – and it should be. Organizations are focused on driving revenues, delivering quality products or services to customers, attracting and retaining employee, and growing cash reserves, versus dumping more money into technology that doesn’t have an immediate, positive impact on top line revenues, margins, or cash flow.

Contact MARS Suite today and learn more about our new rebate and incentive programs that can be used to fund your cyber and compliance programs

More from the blog

Learn More About Upcoming Events