Happy Sunday!
I hope this Brief finds you well and ready to tackle the week ahead.
In this edition, I am covering:
- New zero-day vulnerabilities in Ivanti's Cloud Services Application
- AI-powered email analysis detecting novel scams with high accuracy
- The importance of early CISO involvement in M&A processes
And much more.
Prefer to listen?
(Led by AI characters)
How would you prefer to consume Mandos Brief newsletter?
1️⃣ Written format only (no podcast)
2️⃣ Written format + AI-generated podcast
3️⃣ Written format + podcast with me speaking
Your feedback shapes Mandos Brief and I'd love to hear your thoughts about the content I share.
INDUSTRY NEWS
Casio Investigates Potential Data Breach Following Cyberattack
-
Casio detected unauthorized access to its network on October 5, resulting in system failures and service disruptions.
-
The company is investigating whether personal or sensitive information was compromised and has restricted external access to its systems.
-
This incident follows a data breach last year that exposed personal information of tens of thousands of customers across 150 countries through Casio's ClassPad.net education application.
Adobe Patches Critical Vulnerabilities in Commerce and Magento Products
-
Adobe released patches for 25 vulnerabilities in Adobe Commerce and Magento Open Source, including two with a critical CVSS score of 9.8/10.
-
The flaws could allow attackers to execute code, escalate privileges, and bypass security features in affected versions of the software.
-
Additional critical vulnerabilities were patched in other Adobe products, including Dimension, Animate, Lightroom, InCopy, InDesign, Substance 3D Stager, and FrameMaker.
Ivanti Discloses New Zero-Day Vulnerabilities Exploited in CSA Attacks
-
Ivanti reported multiple new zero-day vulnerabilities in its Cloud Services Application (CSA) being actively exploited in attacks.
-
Attackers are chaining these new flaws with the previously disclosed CVE-2024-8963 to bypass authentication and achieve remote code execution.
-
The vulnerabilities affect CSA versions 4.6 and 5.0, with Ivanti providing indicators of compromise to help detect potential attacks.
LEADERSHIP INSIGHTS
Cybersecurity Risks in M&A Deals Require Early CISO Involvement
- Inherited vulnerabilities from acquired companies can expose parent organizations to cyber threats, as seen in Verizon's acquisition of Yahoo.
- Integration of disparate IT systems during M&A can take 2-4 years, creating an extended period of vulnerability and complexity.
- CISOs should be involved early in M&A processes to conduct thorough due diligence, assess risks, and develop integration strategies prioritizing cybersecurity.
CISO Compensation Rises, But So Do Challenges and Responsibilities
- Average CISO compensation now $403,000 annually, up 6.4% from last year, but growth rate slowing compared to previous years.
- CISOs face increased liability due to new SEC rules requiring breach materiality determination within 4 days, often without adequate resources.
- Growing responsibilities include managing AI risks, despite many CISOs lacking comprehensive expertise in technical, governance, privacy, and data science aspects.
SMBs Face Increasing Cyber Threats Despite Limited Resources
- Nearly 70% of SMBs experienced at least one cyberattack in the past year, often due to limited budgets and inadequate security tools.
- SMBs should focus on three key areas to improve cyber resilience: people (addressing skills gaps), process (developing tailored strategies), and technology (selecting appropriate tools).
- Leadership involvement and external expertise are crucial for building a culture of security and staying informed about emerging threats.
CAREER DEVELOPMENT
Addressing Cybersecurity Talent Shortage with Contractors and Reskilling
-
Deploy certified cybersecurity contractors to quickly fill team vacancies, providing immediate support for projects and reducing pressure during hiring freezes.
-
Implement internal reskilling programs to reallocate existing employees into cybersecurity roles, leveraging their business knowledge and diverse perspectives.
-
Improve diversity in cybersecurity by prioritizing transferable skills and creating opportunities for candidates from non-traditional backgrounds, expanding the talent pool.
Global Cybersecurity Workforce Growth Stalls at 5.5M Professionals
-
Global cybersecurity workforce grew only 0.1% year-over-year, with an estimated 4.8 million job gap between active workforce and perceived need.
-
One-quarter of surveyed professionals reported layoffs in their organizations, while nearly 2 in 5 observed budget cuts and hiring freezes.
-
90% of respondents reported skills shortages at their organizations, with two-thirds identifying skills gaps as a greater challenge than staffing levels.
Security Budgets Grow Modestly While Hiring Slows, IANS Research Finds
-
Security spending expected to reach $212 billion by 2025, a 15% increase from 2024 levels, according to Gartner.
-
Companies face competing priorities: improving cyber protection while managing overall expenses due to economic concerns.
-
Security leaders struggle to deliver better protection with limited resources, as digital technology becomes crucial for business growth.
AI & SECURITY
AI-Powered Email Analysis Detects Novel Scams and Malicious Content
-
Multimodal AI systems can identify fraudulent emails with over 97% accuracy, even for previously unseen brand impersonation attacks.
-
Researchers created an automated e-commerce scam platform using multiple AI agents, demonstrating potential for large-scale microtargeted campaigns.
-
AI-augmented analysis helps detect critical business workflow compromises related to money, credentials, sensitive data, and confidential processes.
Oracle Launches AI-Powered Case Management for Bank Fraud Detection
-
Oracle introduces a new case management solution leveraging artificial intelligence to help banks combat financial crime and stay ahead of bad actors.
-
The system aims to streamline fraud investigation processes, potentially reducing case resolution times by up to 30% through automated data gathering and risk scoring.
-
Oracle's solution integrates with existing bank systems and utilizes machine learning to continuously improve its fraud detection capabilities based on historical case data and outcomes.
Cloud and AI Skills Gap Hinders Cybersecurity Teams
-
Nearly 39% of security teams report difficulty finding cloud computing skills, crucial for securing virtual infrastructures across multiple providers.
-
Approximately 34% of respondents indicate a lack of AI security talent, particularly for emerging threats like prompt injection attacks.
-
Upskilling through certifications, books, and conferences is recommended to address talent gaps, with popular certifications including CISSP, CompTIA Security+, CEH, and CISM.
MARKET ANALYSIS
HUMAN Security Raises $50+ Million to Enhance Bot and Fraud Defense Platform
-
HUMAN Security secured growth funding led by WestCap, with participation from Goldman Sachs and others, to expand its Human Defense Platform that verifies 20 trillion digital interactions weekly.
-
The investment will accelerate platform growth by incorporating advanced AI techniques, improving digital account protections, and developing new media security solutions for click fraud defense and advertising integrity.
-
HUMAN's platform protects against account takeover, scraping, transaction abuse, and fake interactions across the entire customer journey, from ad serving to account creation and transactions.
Cyrisma Raises $7M to Expand MSP-Focused Cyber Risk Management Platform
-
Cyrisma, a cyber risk management firm founded in 2018, announced raising $7 million in Series A funding, bringing the total raised to nearly $9 million.
-
The platform helps MSPs identify sensitive data, connected assets, configuration errors, and security defects, providing visibility into customers' entire attack surface.
-
The new funding will be used to accelerate product development, expand sales and marketing efforts, and invest in customer support, enabling Cyrisma to enter new markets and increase brand awareness.
Relyance AI Raises $32.1M Series B to Scale AI Governance Platform
-
Relyance AI, an AI-powered data governance platform, announced a $32.1 million Series B funding round led by Thomvest Ventures with participation from M12, Microsoft Ventures Fund, Cheyenne Ventures, Menlo Ventures, and Unusual Ventures.
-
The platform provides visibility into enterprise-wide data processing and compares it against contractual commitments, global privacy regulations, and compliance frameworks, helping companies navigate the complex regulatory landscape surrounding AI use.
-
The funding will be used to further develop Relyance AI's platform and scale go-to-market efforts in response to significant recent momentum, with the company increasing its enterprise customer base by 30% in the first half of 2024 and projected to double its annual recurring revenue.
TOOLS
event-generator
Generate a variety of suspect actions that are detected by Falco rulesets.
NETRESEC
NETRESEC is an independent software vendor specializing in network security, offering tools like NetworkMiner for network forensic analysis, CapLoader for handling large pcap files, and RawCap for lightweight sniffing. They also maintain a list of publicly available pcap files.
Cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized HTML report.
Before you go
If you found this newsletter useful, I'd really appreciate if you could forward it to your community and share your feedback below!
For more frequent cybersecurity leadership insights and tips, follow me on LinkedIn, BlueSky and Mastodon.
Best,
Nikoloz
