#NSBCS.038 - From the desk of the CCO | Lessons from a Non-Tech Exec

Cyber ResilienceCyber Governance
Written By Shane Bell
From the desk of the CCO _ Lessons from a Non-Tech Exec NSB Cyber Security Sydney Australia

Source: NSB Cyber

 

From the desk of the CCO | Lessons from a Non-Tech Exec

Coming from a non-technical background, transitioning into the cybersecurity space was a significant shift for me. My expertise had always been in finance, operations, strategy and risk - not in navigating the complexities of cyber threats. However, it quickly became clear that a solid grasp of cybersecurity was essential for all of those functions and just a basic understanding of some key concepts would go a long way in helping everyone be part of the solution in protecting the company they work in.

Through my years in various roles and particularly over the last year, I’ve learned a few valuable lessons that I believe other non-tech executives could benefit from.

1. While you don’t need to become a cybersecurity expert, it’s important to develop a solid understanding of the fundamental threats. Attacks such as phishing, ransomware, and malware – know what these are, how to spot the threats and have a plan if one of these get through your organisation’s defences. This knowledge equips you to engage in more meaningful discussions with your technical teams and make more informed decisions.

2. Leverage the expertise of your cybersecurity team, whether this team is internal or external, open the dialogue and request sessions with the rest of the leadership team and teams across the business. Regularly consulting with them and encouraging open dialogue can bridge the gap between technical complexities and business needs – like most things, it’s simple, just talk about it. This collaboration ensures that cybersecurity measures are effectively integrated into the broader strategy, it doesn’t have to be expensive or overly complex to make your organisation more secure.

3. Invest in continuous education and training for yourself and your team. One of the biggest eye-openers that I’ve learned this year is just how dynamic the cyber landscape is, with new threats emerging constantly. Staying informed about the latest developments allows you to anticipate challenges and reinforce your company’s defences proactively.

4. Having a robust incident response plan is non-negotiable. A well-prepared plan ensures that your organisation can respond swiftly and effectively to any breach, minimising potential damage and facilitating a quicker recovery. This plan should not just be theoretical, work through scenarios, understand who will be in the room if an incident occurs and what role everyone will play, with contingencies.

5. I may be biased on this point given the industry I’ve come from but importantly, think through your insurance requirements as part of your overall cyber strategy. Incidents (particularly ransomware attacks) have the potential to cripple businesses, don’t be that business.

By focusing on these key areas, non-tech executives can significantly enhance their company’s cybersecurity posture, ensuring that they are not just reactive but proactively safeguarding their business.  Cyber really is everyone’s business and as we always say at NSB Cyber, it doesn’t have to be difficult or scary, you just need to plan appropriately.

For information on NSB Cyber’s Cyber Resilience capabilities or to book a meeting with our team, click here.

What we read this week

  • Microsoft Warns of Office Vulnerability - Microsoft has disclosed a zero-day vulnerability (CVE-2024-38200) in multiple Office versions, which could allow attackers to access sensitive information through a spoofing flaw. Researchers identified that attackers could host a website containing a specifically crafted file designed to exploit the vulnerability. The vulnerability affects Microsoft Office 2016, 2019, LTSC 2021, and Microsoft 365 Apps. Updates for this vulnerability were released on August 13th, but an alternative fix has been implemented as of July 30. Microsoft advises users to follow mitigation strategies and update to the final patch for optimal protection.

  • FBI Investigating Hackers Targeting Presidential Campaign - The Federal Bureau of Investigation (FBI) is investigating alleged cyberattacks targeting the United States presidential campaign. The investigation, which is still in its early stages, is focused on potential foreign interference aimed at disrupting the 2024 presidential election. While nothing has nothing been confirmed, Professor Mathew Warren from RMIT University Centre said nations such as Iran, Russia, and China have previously faced allegations of foreign interference due to varying motivations and political objectives. Additionally, there has also been reports of individuals from the Biden and Harris campaign being targeted with phishing emails, although, these efforts have been unsuccessful.

  • Australian Survey Reveals Persistent Cybersecurity Threats - A recent survey by Cloudflare reveals that Australian businesses are increasingly facing persistent cybersecurity threats, with 41% experiencing data breaches in the past year. Despite previous pledges, 50% of those attacked paid the ransom, highlighting the severity of the situation. Phishing, web attacks, and malware were the most common attack vectors, with customer and financial data frequently targeted. The survey also noted concerns about AI increasing the complexity and severity of cyber threats.

  • Windows SmartScreen Bypass Exploited - Microsoft has revealed that a Windows SmartScreen bypass vulnerability (CVE-2024-38213), which has been exploited as a zero-day since March, was patched in June 2024. The flaw allowed attackers to bypass SmartScreen protection by manipulating files tagged with Mark of the Web (MotW). The vulnerability was exploited by threat actors in the wild to deploy malicious software disguised as legitimate installers. DarkGate malware operators exploited this vulnerability to deploy malicious payloads camouflaged as installers for software such as Apple iTunes.

  • Hostile State Behind Hack of Poland’s Anti-Doping Agency - The Polish Anti-Doping Agency (POLADA) suffered a significant data breach, with hackers leaking a large amount of sensitive information, including athletes' personal details, test results, and medical records. The hackers supposedly supported by the actions of a hostile state, are believed to have obtained access to over 50,000 confidential files. The breach, which has been attributed to a Ukrainian hacker group ‘Bregini’, raises concerns about the privacy and security of the athletes affected. The Bergini hacking group is believed to be self-proclaimed hacktivists working independently in support of Russian interests.

References
https://thehackernews.com/2024/08/microsoft-warns-of-unpatched-office.html
https://www.abc.net.au/news/2024-08-14/fbi-investigating-alleged-hacks-us-presidential-campaign/104222614
https://itbrief.com.au/story/australian-survey-reveals-persistent-cybersecurity-threats
https://www.bleepingcomputer.com/news/microsoft/new-windows-smartscreen-bypass-exploited-as-zero-day-since-march/
https://therecord.media/polish-anti-doping-agency-polada-hack-leak
Shane Bell
Previous

#NSBCS.039 - APRA’s Open Letter: A Summary
Next

#NSBCS.037 - Cyber Security: Defend with Confidence