Cybersecurity

Report – KnowBe4 Research Indicates Effective Security Awareness Training Reduces Likelihood of Breaches

A recent report from Cybersecurity firm KnowBe4 indicates the effectiveness of security awareness training (SAT) on overall organizational security. The report, titled “Effective Security Awareness Training Really Does Reduce Breaches,” notes that organizations who implement effective SAT programs are 8.3 times less likely to appear on public data breach lists annually compared to general statistics.

Read more about Report – KnowBe4 Research Indicates Effective Security Awareness Training Reduces Likelihood of Breaches

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 21, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 21, 2025

Supplemental Cyber Highlights – January 16, 2025

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – January 16, 2025

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 16, 2025

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS security advisories, along with additional alerts, updates, and bulletins:

ICS Advisories:

Read more about CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 16, 2025

CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet

Yesterday, CISA released the “JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet” to enhance information sharing between the public and private sectors in response to AI-related cyber threats. Developed in conjunction with the FBI, NSA's AI Security Center, and various industry partners including Google, IBM, and Microsoft, the playbook aims to create a “unified approach” to managing these threats.

Read more about CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet

NYSIC Cyber Intelligence Bulletin – Best Practices to Mitigate Threat Actor Targeting of IP Cameras

The New York State Intelligence Center (NYSIC) recently released a TLP:CLEAR cyber intelligence bulletin titled “Best Practices to Mitigate Threat Actor Targeting of IP Cameras.” The report highlights how internet protocol (IP) cameras and other internet of things (IoT) connected devices pose a significant vulnerability for organizations that utilize them and emphasizes the need for these organizations to implement certain mitigation strategies.

Read more about NYSIC Cyber Intelligence Bulletin – Best Practices to Mitigate Threat Actor Targeting of IP Cameras

Supplemental Cyber Highlights – January 14, 2025

Critical Infrastructure Resilience

Read more about Supplemental Cyber Highlights – January 14, 2025

Threat Awareness – Infostealers on the Rise

According to cybersecurity company Check Point, infostealers are on the rise with a 58% increase in infection attempts year-over-year.

Read more about Threat Awareness – Infostealers on the Rise

Cyber Resilience – CISA Releases the Cybersecurity Performance Goals Adoption Report

Yesterday, CISA released their “Cybersecurity Performance Goals Adoption Report”, highlighting the benefits that the Cybersecurity Performance Goals (CPGs) have incurred on U.S. critical infrastructure. The CPGs are based on 7,791 critical infrastructure organizations enrolled in CISA’s Vulnerability Scanning service between August 1, 2022 and August 31, 2024.

Read more about Cyber Resilience – CISA Releases the Cybersecurity Performance Goals Adoption Report

Secure by Demand – CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

Yesterday, CISA, along with11 domestic and international partners, including the European Commission, released the joint guidance “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products”. The guide outlines how owners and operators should incorporate security measures into their procurement processes when acquiring industrial automation, control systems, and other OT products. The agencies urge organizations to focus on products that include 12 key security elements.

Read more about Secure by Demand – CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

You are here

Cybersecurity

Report – KnowBe4 Research Indicates Effective Security Awareness Training Reduces Likelihood of Breaches

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 21, 2025

Supplemental Cyber Highlights – January 16, 2025

CISA ICS Advisories, Additional Alerts, Updates, and Bulletins – January 16, 2025

CISA Releases the JCDC AI Cybersecurity Collaboration Playbook and Fact Sheet

NYSIC Cyber Intelligence Bulletin – Best Practices to Mitigate Threat Actor Targeting of IP Cameras

Supplemental Cyber Highlights – January 14, 2025

Threat Awareness – Infostealers on the Rise

Cyber Resilience – CISA Releases the Cybersecurity Performance Goals Adoption Report

Secure by Demand – CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

Pages

You are here

Cybersecurity

Pages

Footer Email Signup