November 2022
The White House publishes FACT SHEET: The Second International Counter Ransomware Initiative Summit
08/11/22 13:49 Filed in: ransomeware
The U.S. White House facilitated a summit of 36 countries and the EU for the Second International Counter Ransomware Initiative (CRI) Summit which was held between the 31st October and 1st November, 2022. The summit outcomes and initiatives are summarised in the White House's Fact Sheet which can be found here.
The closing remarks made by the US administration's National security Advisor, Jake Sullivan, can be found here.
The closing remarks made by the US administration's National security Advisor, Jake Sullivan, can be found here.
European Union Agency for Cybersecurity (ENISA) - Annual threat landscape report
08/11/22 13:17 Filed in: Cyber Security
The European Union Agency for Cybersecurity (ENISA) has just published (on the 3rd November) their 10th Annual Threat Landscape Report. In their own words “It identifies the top threats, major trends observed with respect to threats, threat actors and attack techniques, as well as impact and motivation analysis. It also describes relevant mitigation measures.”
I find it makes interesting reading although at a 150 pages long it is not for everyone.
It is a well-structured document and the sections likely to be of most interest are Annex A, “Mapping to MITRE ATT&CK Framework” and Annex D, “Recommendations”, which cross references them to the relevant ISO standards as well as NIST’s Cybersecurity Framework (CSF). If nothing else these can act as a good aide memoire / checklist.
The document can be downloaded directly from ENISA’s website here.
I find it makes interesting reading although at a 150 pages long it is not for everyone.
It is a well-structured document and the sections likely to be of most interest are Annex A, “Mapping to MITRE ATT&CK Framework” and Annex D, “Recommendations”, which cross references them to the relevant ISO standards as well as NIST’s Cybersecurity Framework (CSF). If nothing else these can act as a good aide memoire / checklist.
The document can be downloaded directly from ENISA’s website here.
National Cyber Security Centre (NCSC) publishes its Annual Review for 2022
08/11/22 13:02 Filed in: NCSC
If you have not yet seen the announcements, the NCSC has recently published its 2022 Annual Review. It can be found here.
It makes for interesting reading because it contains some policy statements and our government's views about the state of cyber security over the next decade.
Sir Jeremy Fleming, Director, GCHQ says in his introduction "Looking at the big picture, it is clear the cyber security threat is diversifying and evolving. We are seeing more states with cyber capabilities and more non state actors joining the mix. We are also experiencing a shift in technology leadership towards the East. These factors and more have implications for the cyber security threats we all face.".
and …
"The global shifts we are witnessing will take decades to settle. Whilst I cannot predict how things will turn out, I can confidently say that cyber and cyber security will continue to be pivotal to our nation’s success."
For me, this reaffirms my view that cyber attacks are increasingly more sophisticated in nature and increasing on volumes. Capabilities once the preserve of nation states are now in the hands of organised crime and activists, increasing the need for organisations to boost their own detection and defensive capabilities.
It makes for interesting reading because it contains some policy statements and our government's views about the state of cyber security over the next decade.
Sir Jeremy Fleming, Director, GCHQ says in his introduction "Looking at the big picture, it is clear the cyber security threat is diversifying and evolving. We are seeing more states with cyber capabilities and more non state actors joining the mix. We are also experiencing a shift in technology leadership towards the East. These factors and more have implications for the cyber security threats we all face.".
and …
"The global shifts we are witnessing will take decades to settle. Whilst I cannot predict how things will turn out, I can confidently say that cyber and cyber security will continue to be pivotal to our nation’s success."
For me, this reaffirms my view that cyber attacks are increasingly more sophisticated in nature and increasing on volumes. Capabilities once the preserve of nation states are now in the hands of organised crime and activists, increasing the need for organisations to boost their own detection and defensive capabilities.