Being aware of the trends that are expected to shape the digital landscape is an important step in ensuring the security of your data and online assets.
Amongst others, the webinar covers:
• Top Cyber Trends for 2023
• Cyber Insurance
• Prioritization of Cyber Risk
Presenters:
Colleen Lennox
Colleen Lennox is the Founder of Cyber Job Central, a newly formed job board dedicated to Cybersecurity job openings. Colleen has 25+ years in Technical Recruiting and loves to help other find their next great job!
Madhu Maganti
Madhu is a goal-oriented cybersecurity/IT advisory leader with more than 20 years of comprehensive experience leading high-performance teams with a proven track record of continuous improvement toward objectives. He is highly knowledgeable in both technical and business principles and processes.
Madhu specializes in cybersecurity risk assessments, enterprise risk management, regulatory compliance, Sarbanes-Oxley (SOX) compliance and system and organization controls (SOC) reporting.
Date: January 25, 2023
Tags: ISO, ISO/IEC 27032, Cybersecurity Management
-------------------------------------------------------------------------------
Find out more about ISO training and certification services
Training: https://pecb.com/en/education-and-certification-for-individuals/iso-iec-27032
https://pecb.com/article/cybersecurity-risk-assessment
https://pecb.com/article/a-deeper-understanding-of-cybersecurity
Webinars: https://pecb.com/webinars
Article: https://pecb.com/article
Whitepaper: https://pecb.com/whitepaper
-------------------------------------------------------------------------------
For more information about PECB:
Website: https://pecb.com/
LinkedIn: https://www.linkedin.com/company/pecb/
Facebook: https://www.facebook.com/PECBInternational/
Slideshare: http://www.slideshare.net/PECBCERTIFICATION
YouTube video: https://youtu.be/BAAl_PI9uRc
3. Introduction
Madhu Maganti, CPA, CISA
20+ years in Cybersecurity/Risk &
Compliance
Partner in the Risk Advisory practice
within Baker Tilly, an international
CPA and advisory firm.
4. Introduction
Colleen Lennox
25+ years experience in business
development & recruiting
Founder of Cyber Job Central, a
recruitment platform for
cybersecurity related jobs
5. Employees continue to pose the greatest threat to cybersecurity
People Remain A Risk
• Phishing attacks continue to be one of the main causes of data breaches.
• Access controls can help reduce this risk, but organizations must continue to invest
in awareness training and building a cybersecurity-oriented culture.
6. New privacy regulations lead to higher burden on organizations
• Several states have already passed their
own set of privacy requirements, with
many more on the way.
• Organizations will need hire dedicated
GRC staff and maintain a compliance
matrix for privacy obligations on a state-
by-state basis.
This includes foreign requirements
such as GDPR, PIPEDA, and more.
Increased Compliance Requirements
7. High level of M&A in the security space
• Security vendors are focusing on refining their own software instead of
developing new features.
New features are added to existing security software through acquisitions.
• This allows organizations to outsource tasks to fewer security vendors and
reduce the burden of IT staff in managing those vendors.
Even when outsourcing security functions, it’s important that an organization still
maintains in-house experienced cybersecurity staff to manage the vendors.
Vendor Consolidation
8. Leaders are expected to place a higher priority on cyber risk
• Despite economic uncertainty, spending
on cybersecurity is still expected to
increase, as funding for other areas may
slow.
Leaders are recognizing the value of
cybersecurity, and prioritizing risk
mitigation efforts.
• Many leaders are seeking budget-
friendly cybersecurity investments to
help reduce risks.
• At the same time, cybercrime is
expected to reach record highs.
Prioritization of Cyber Risk
9. Economic uncertainty results in budget cuts and increased risks
• Although security spending is projected to
increase, leaders may not be comfortable
spending the amount required to mitigate
cybersecurity risks.
• This includes additional experienced security
staff, employee training, advanced
cybersecurity tools, process improvements,
and more.
Budget Constraints
10. • Over the past 2 years, the top 20 cyber
insurers have had record high loss
rates.
• Insurance providers will seek to better
quantify risks using security data and
risk modeling techniques.
• More thorough security assessments
and increased security requirements
will help keep policy holders safe.
Cyber Insurance
Insurance will quantify risks
11. Healthcare providers will remain the highest priority target.
• Medical data remains some of the most
sought-after information on the black
market.
• Use of emerging technologies in the medical
field creates additional vulnerabilities for
healthcare providers.
• Other industries with time-sensitive
operations, sensitive data, financial
information, and poor security will also be
prioritized.
Industry Specific Attacks
12. Many IT teams are struggling to keep everything up-to-date
• Many IT teams either lack the means or the
know-how to keep up with current patches for all
systems used by their organization.
The Ponemon institute found that 64% of
organizations are looking to hire more IT staff for
patch management.
• In the current environment, hiring and retaining
experienced IT staff can be difficult.
• Outdated software can lead to vulnerabilities and
increase the risk of a data breach.
More Software Patches
13. More businesses will adopt zero trust to mitigate risks
• Zero trust means that every stage of a digital interaction will be validated.
This prevents unauthorized users from freely moving around systems, networks,
and applications.
• Organizations are relying on Identity and Access management software and
combining it with other security solutions to manage and monitor access
across all IT systems.
Zero Trust Adoption
14. The government may begin talks on how to protect businesses
• Ransomware and other cyberattacks are a
growing threat for US Businesses.
Payment is often the only way out for an
unprepared organization.
• Though it’s unlikely that the government
will pass any legislation this year, they may
begin discussions on how to protect US
based businesses.
Government Intervention
15. Phishing attacks are being designed with MFA in mind
• New phishing techniques are designed with
MFA in mind – tricking employees into
granting access to the attacker.
• While MFA can make breaching a system more
difficult, it is not a catch-all security measure
that guarantees the prevention of
unauthorized access.
MFA Aware Phishing
Image by storyset on Freepik