Cybersecurity And Much More Newsletter — Week 01 (2022)
Greetings, friends.
Welcome to my weekly newsletter, if you are not yet subscribed, please do. It might include books, articles, tech, tips, and of course interesting stuff about cybersecurity.
Enjoy!
What to expect in cybersecurity in 2022
- Ransomware and Crypto-Jacking isn’t going anywhere and will keep spreading
- CISOs will still need to adapt and do more security work than pleasing the business
- API threats must be a high priority as it’s become the major portion of the global web traffic and more business are relying on it
- Cybersecurity training should be adapted to real-life issues, not to paper skills, books, and certifications
- Companies need to take seriously the security basics such as: password management, system hardening, patching, segmentation, user education and awareness, 3rd party risks.
- IoT concerns most companies, not only manufacturing, and critical infrastructures.
- Be prepared to hear about 5G vulnerabilities.
- It’s time to consider having cybersecurity insurance.
Some new cybersecurity problems
Surveillance for hire is a real problem
- The global surveillance-for-hire industry targets people across the internet to collect intelligence, manipulate them into disclosing information, and compromise their accounts and devices.
- This is becoming a bigger problem because of how it’s used and who is authorized to use it. In fact, it is providing spyware technology to random customers regardless of their targets.
- The recent reports, especially from 2021, have shown that most of the targets were not really representing a threat to the entities using this software.
- The key players to fight against this are the big tech companies, they must be more proactive, prioritize the user’s privacy and security, and collaborate more with researchers.
Some new technologies
Cognitive Cybersecurity
- This AI-empowered technology will be used to secure RF communication between motion detection nodes and their central collection endpoint. The principle is to assess the RF waves characteristics, monitor network traffic, and based on it detect unauthorized devices.
- The security model will constantly keep learning about the authoriZed devices to keep an updated baseline of what’s “Normal”. It can also be configured to renew the encryption keys if unauthorized devices are detected or any other anomalies.
- Read more about it here.
Books You might like
- BioHack Your Brain By “Kristen Willeumier”
- Dopamine Nation By “Anna Lembke”
- AI 2041 By “Kai-Fu Lee”
What I am reading right now
Still Reading “Risk” by McChrystal
I really liked this paragraph about building the capacity:
“Ensuring that every single member of an organization is proficient in the basic skills necessary to perform their role is essential to maintaining a healthy risk immune system.”
Start 2022 with a more secure device
- Enable MFA on all your accounts
- Don’t reuse passwords
- Use Long Passwords 26+ characters
- Use a password manager
- Only enable location when needed
- Keep your unused devices turned off or offline
- Only install trusted applications from trusted app stores
- Only grant necessary privileges to applications and connected devices
- Isolate IoT devices in a separate network from your personal devices
- Keep your OS, Apps, Firmware up-to-date
- Install antivirus software when possible, keep up-to-date, and schedule it to scan regularly and when new applications are installed.
Check out my latest video about Risk Management, If you’re interested in starting a career in Cybersecurity, watch this one, and don’t forget to subscribe to my channel and leave a comment if there are any topics you’re interested in seeing on my next videos.
Check my other stuff here.
Originally published at https://www.linkedin.com.
