Last Month in Cyber – Issue 40

Share This Post:

Cybersecurity can be viewed as a source of vulnerability, risk, and expense, or as a driver of transformation. The key factor that distinguishes these two perspectives is the confidence you have in the resilience of your approach to cybersecurity.

Gain confidence with an informed approach. Read the latest happenings in cyber news curated just for you. Happy reading.

MARS Suite leadership and sales team members attended the Channel Partners Conference and MSP Expo, held at the Venetial Resort in Las Vegas on May 1 – 4th 2023. The team attended various industry sessions, met with various manufacturers, distributors, master agents, MSPs, and value added resellers, and discussed the upcoming release of MARS Suite 2.0. Watch JSATV’s interview with MARS Suite President, Mark Dallmeier to hear the latest news about the upcoming release.

The MARS Suite team will be attending the upcoming industry events below. Please review our availability and schedule a time to meet with us at these venues!

The RSA 2023 Conference highlighted AI as a major focus. Discussions and presentations focused on cutting-edge topics like generative AI in phishing and social engineering, as well as ChatGPT’s role in ransomware development. The conference also featured presentations on the latest attack techniques, such as “living off the cloud” SEO attacks and attacks against developers. Attendees also got a chance to explore new products and services and were the first to hear about this year’s RSAC Innovation Sandbox winner.

AI systems are evolving as it pertains to human reasoning, situational awareness and contextual nuance. If the potential of false positives within vulnerabilities or cyber threats is too high, AI can assist by flagging and prioritizing known vulnerabilities or security events. Current collaboration between humans and AI has been proven to improve efficiency and efficacy. While the long-term value and impact of human-AI collaboration is difficult to predict, AI is expected to empower humans as they enforce security policy, with AI automating the implementation of response actions and playbooks.

We are happy to announce the upcoming release of MARS Suite 2.0. Please reach out to schedule a call with our team to hear about our beta test program and the exciting enhancements within the latest release. During this discussion, ask about our new rebate program that can help fund your cybersecurity program!

In the current business landscape, leaders are facing numerous challenges, including economic volatility, geopolitical instability, and organizational changes that impact their structures, processes, and employees. These changes require businesses to adapt to new work models, prioritize employee mental health, and build institutional capabilities amidst rapid technological advancements. To help CEOs and their leadership teams navigate these complex issues, McKinsey has released The State of Organizations 2023 report. This report draws from ongoing research to identify the most critical shifts and provide practical solutions for organizations to implement.

The importance of clear legal language and definitions within insurance policies is critical to insurers and customers, especially when it comes to nation-state cyberattacks. Recent rules by regulatory bodies such as the SEC emphasized the need for clarity in language to avoid insurers from offloading ambiguous risks. Businesses need to be proactive in seeking clarity in language by playing out scenarios and researching coverage options before making a decision. Businesses should not be shy about asking questions or conducting thorough research if they expect to make informed decisions about their coverage and insurance policy.

As firmware vulnerabilities continue to be exploited, enterprises must dedicate more time, energy, and resources to update and secure the firmware that is operating their enterprise, or that is connected to their networks and critical systems. However, identifying the exact firmware in use and its origin can be challenging for companies looking to address firmware security, which may prohibit their efforts in this area.

Per Krebs on Security, new details on the Supply Chain attack that impacted 12 million phone system users, published in April, brings new information about the attack to light. The recent 3CX data breach highlights the importance of not overlooking software supply chain attacks. Organizations must recognize that these types of attacks are a real threat and take the necessary steps to secure their software supply chain. It is crucial to have a comprehensive security plan in place that includes regularly reviewing the supply chain and ensuring that all vendors and third-party providers adhere to the same security standards as the organization. The 3CX breach serves as a reminder that overlooking supply chain security can have devastating consequences for any organization.

Contact MARS Suite today and learn how our security and compliance as a service bundles can enhance or accelerate your cybersecurity program and posture.

The cyber talent crisis is real. As an industry, we can’t wait years for a solution. The good news? Today, companies can use automation to help bridge the talent gap. Incorporating the automation of specific cyber tasks makes it possible to increase efficiency and productivity while maintaining a strong security posture. With the help of security automation, security teams can mitigate active threats, saving time and money.

In light of recent OCR guidance and the widespread use of tracking codes, hospitals should review their websites to ensure compliance with HIPAA regulations. Business associate agreements should be in place, patient authorizations obtained, and tracking codes removed or made HIPAA-compliant. If a tracking code is found and patient information is impermissibly disclosed, it must be reported to HHS, and affected patients notified as a reportable data breach.

The leader of a Miami crew, Esteban Cabrera Da Corte, also known as “Steban,” pleaded guilty on April 26th to a scheme that defrauded U.S. banks and a cryptocurrency exchange of more than $4 million. The scheme involved using stolen personal identifying information to open accounts with the exchange and linked bank accounts controlled by the defendants. They used deposited money, frequently through a series of cash deposits using ATMs, to buy cryptocurrency. Photos of fake U.S. passports and driver’s licenses were often used to carry out the fraud.

Contact MARS Suite today and learn how our latest release can enhance or accelerate your cybersecurity program and posture.

More from the blog

Learn More About Upcoming Events