{"id":30477,"date":"2022-10-28T15:22:21","date_gmt":"2022-10-28T19:22:21","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=510079"},"modified":"2022-10-31T11:44:49","modified_gmt":"2022-10-31T15:44:49","slug":"cyber-security-today-week-in-review-for-friday-october-28-2022","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/cyber-security-today-week-in-review-for-friday-october-28-2022\/","title":{"rendered":"Cyber Security Today, Week in Review for Friday, October 28, 2022"},"content":{"rendered":"<p data-ar-index=\"0\">Welcome to Cyber Security Today. From Toronto, this is the Week in Review edition for the week ending Friday October 28th, 2022. I\u2019m Howard Solomon, contributing reporter for ITWorldCanada.com.<\/p>\n<p data-ar-index=\"1\"><iframe style=\"border: none;\" title=\"Libsyn Player\" src=\"https:\/\/html5-player.libsyn.com\/embed\/episode\/id\/24825828\/height\/90\/theme\/custom\/thumbnail\/yes\/direction\/forward\/render-playlist\/no\/custom-color\/000000\/\" width=\"100%\" height=\"90\" scrolling=\"no\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<table style=\"width: 100%;\">\n<tbody>\n<tr>\n<td><a href=\"https:\/\/www.amazon.com\/ITWC-Cyber-Security-Today\/dp\/B07BRNG89P\/ref=sr_1_1?s=digital-skills&amp;ie=UTF8&amp;qid=1522688435\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396718 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-alexa-200.png\" alt=\"Cyb er Security Today on Amazon Alexa\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<td><a href=\"https:\/\/www.google.com\/podcasts?feed=aHR0cDovL2N5YmVyc2VjdXJpdHl0b2RheS5saWJzeW4uY29tL3Jzcw%3D%3D\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"thumbnail aligncenter wp-image-408712 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2018\/09\/sub-gp-200.png\" alt=\"Cyber Security Today on Google Podcasts\" width=\"200\" height=\"74\" \/><\/a><\/td>\n<td><a href=\"https:\/\/itunes.apple.com\/ca\/podcast\/cyber-security-today\/id1363182054\" rel=\"noopener noreferrer\"><img decoding=\"async\" class=\"aligncenter wp-image-396720 size-full\" src=\"https:\/\/i.itworldcanada.com\/wp-content\/uploads\/2017\/09\/sub-itunes-200.png\" alt=\"Subscribe to Cyber Security Today on Apple Podcasts\" width=\"200\" height=\"74\" border=\"none\" \/><\/a><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p data-ar-index=\"2\">\n<p data-ar-index=\"3\">This week\u2019s discussion segment will have a roundup of coverage from our MapleSec conference last week, with IT World Canada CIO Jim Love, reporter Paul Barker and I reviewing some of the sessions we were at. They covered everything from ransomware to the roles of CISOs.<\/p>\n<p data-ar-index=\"4\">But before we get to that, a look back at some of the headlines from the past seven days:<\/p>\n<p data-ar-index=\"5\"><strong>A U.S. grand jury<\/strong> has charged a Ukrainian citizen with <a href=\"https:\/\/www.justice.gov\/usao-wdtx\/pr\/newly-unsealed-indictment-charges-ukrainian-national-international-cybercrime-operation\" rel=\"noopener\">allegedly being involved with the distribution of the Racoon Infostealer<\/a>. This is a malware-as-a-service operation that steals data from infected computers. It is alleged that more than 50 million unique credentials and other data was stolen from millions of victims. The accused man was arrested by Dutch authorities and is now awaiting an extradition hearing to the U.S.<\/p>\n<p data-ar-index=\"6\"><strong>A British man<\/strong> who allegedly operated a dark web market for stolen data called The Real Deal <a href=\"https:\/\/www.justice.gov\/usao-ndga\/pr\/hacker-and-dark-market-operator-arraigned-federal-charges\" rel=\"noopener\">has been arraigned in a U.S. court<\/a> in Atlanta to face trial. He had been extradited from Cyprus to the United States to face charges of selling stolen login credentials to several U.S. government networks including the Navy, stolen social security numbers and laundering cryptocurrency.<\/p>\n<p data-ar-index=\"7\"><strong>Another industry<\/strong> has been added to the U.S. government\u2019s Industrial Control Systems Cybersecurity Initiative. It pushes certain industries to improve their cybersecurity. This week the chemical sector became the fourth sector under the program.<a href=\"https:\/\/www.whitehouse.gov\/briefing-room\/statements-releases\/2022\/10\/26\/fact-sheet-biden-harris-administration-expands-public-private-cybersecurity-partnership-to-chemical-sector\/\" rel=\"noopener\"> The White House said<\/a> that over the next 100 days U.S.-based chemical companies have to asses and at least start to address the potential exposure of high-risk chemical facilities to cyber attacks. Others with industrial control equipment in the program include electric, energy pipeline and water providers.<\/p>\n<p data-ar-index=\"8\"><strong>An Australian health insurance provider<\/strong> called Medibank <a href=\"https:\/\/www.medibank.com.au\/health-insurance\/info\/cyber-security\/\" rel=\"noopener\">admitted this week<\/a> it was badly hit recently by a hacker. The personal information of all of its 4 million subscribers and those of its AHM division was recently accessed by a hacker. A significant amount of health claims data was also copied.<\/p>\n<p data-ar-index=\"9\"><strong>Google has reached an agreement<\/strong> <a href=\"https:\/\/www.justice.gov\/opa\/pr\/google-enters-stipulated-agreement-improve-legal-process-compliance-program\" rel=\"noopener\">with the U.S. Justice Department<\/a> to better preserve customer information in foreign countries sought by American search warrants and subpoenas. This stems from a 2016 incident. At that time customer information held in Google data centres outside the U.S. was sought under American law by authorities for a criminal cryptocurrency investigation. Google fought the court order and initially won a decision saying it didn\u2019t have to hand over information held in servers outside the U.S. However, several years later Congress clarified the law does cover foreign-held data by an American-based company. By then the data sought by the authorities had been lost.<\/p>\n<p data-ar-index=\"10\"><strong>Finally,<\/strong> developers using the open-source SQLite database engine in their applications are urged to <a href=\"https:\/\/blog.trailofbits.com\/2022\/10\/25\/sqlite-vulnerability-july-2022-library-api\/\" rel=\"noopener\">install the latest version<\/a> if they haven\u2019t already done so. It fixes a 22-year-old serious vulnerability. The fix was released in June so should have been installed by now.<\/p>\n<p data-ar-index=\"11\"><em>(The following transcript has been edited for clarity)<\/em><\/p>\n<p data-ar-index=\"12\"><span style=\"font-weight: 400;\"><strong>Howard:<\/strong> Joining now are Jim Love, ITWorld Canada\u2019s CIO and host of the MapleSec conferences, and senior writer Paul Barker, who along with me covered some of the Maplesec sessions. Good afternoon guys.<\/span><\/p>\n<p data-ar-index=\"13\"><span style=\"font-weight: 400;\">Jim, the MapleSec conferences have been held for two years. But because of the pandemic it ran virtually. Last week there were combined live and virtual sessions. Tell us a bit about why you did that now and what MapleSec hopes to accomplish.<\/span><\/p>\n<p data-ar-index=\"14\"><b>Jim Love:<\/b><span style=\"font-weight: 400;\">\u00a0 The pandemic allowed us to introduce a new country-wide event \u2013 it was virtual, but we could bring people in from coast to coast. We didn\u2019t want to lose that. But we wanted to satisfy the desire, the need to get together in person\u2026. So we gave the audience the best of both worlds. Our events team found a great location at the Aga Khan museum.\u00a0 Our technical team, despite the obstacles, put together a live broadcast to a huge virtual audience.\u00a0<\/span><\/p>\n<p data-ar-index=\"15\"><span style=\"font-weight: 400;\">And we made a pact \u2013 to focus not on the doom and gloom or the reports and statistics. We committed that we wouldn\u2019t just talk about technology.\u00a0<\/span><span style=\"font-weight: 400;\">We wanted to share practical, actionable ideas and processes that could make our companies safer and more resilient.\u00a0<\/span><\/p>\n<p data-ar-index=\"16\"><b>Howard:<\/b><span style=\"font-weight: 400;\"> Paul, start by telling us about some of the sessions you covered.<\/span><\/p>\n<p data-ar-index=\"17\"><b>Paul Barker<\/b><span style=\"font-weight: 400;\">: One explored the complex world of ransomware. A key question that dominated discussion was what steps should an organization take when it comes to mitigating the impact of an attack.<\/span><\/p>\n<p data-ar-index=\"18\"><span style=\"font-weight: 400;\"><a href=\"https:\/\/www.itworldcanada.com\/article\/trio-of-experts-explores-the-complex-world-of-ransomware\/509329\" rel=\"noopener\">The panel entitled, Ransomware Attacks: You don\u2019t have to be a victim,<\/a> was moderated by Epsit Jajal, the virtual chief information officer (CIO) of Ricoh IT Services and he was joined by panelists Maryam Asgariazad, director of information security at Alterna Savings and Credit Union Ltd. which has a network of 47 branches across Ontario, and Greg Markell, president and CEO of Ridge Canada, an insurance company that specializes in specialty risk management.<\/span><\/p>\n<p data-ar-index=\"19\"><span style=\"font-weight: 400;\">All three speakers brought a unique perspective to the conversation. Jajal and his firm were the external cybersecurity advisors, Asgariazad the end user who if there is an attack will be the one who must have some sort of Plan B in place, and last, but not least, there was Markell. A leading expert on the topic of cyber and privacy liability, he holds the keys to the castle in a sense for he is the one who decides if said firm qualifies for coverage.<\/span><\/p>\n<p data-ar-index=\"20\"><span style=\"font-weight: 400;\">Whether or not coverage is approved depends on many factors such as the level of preparedness prior to an attack occurring. Asgariazad and the bank she works for would likely qualify based on the fact a cybersecurity framework has been put in place.<\/span><\/p>\n<p data-ar-index=\"21\"><span style=\"font-weight: 400;\">The policy itself, she said, focuses on five key elements: identify, protect, detect, respond and recovery.\u00a0<\/span><\/p>\n<p data-ar-index=\"22\"><span style=\"font-weight: 400;\">A key piece of it revolves around a business impact analysis, she said, adding that it is imperative for \u201call organizations to know which functions are critical in order for the business to survive.\u201d<\/span><\/p>\n<p data-ar-index=\"23\"><span style=\"font-weight: 400;\">The five-pronged approach would not only allow an IT department to know what data has been captured should an attack occur, but also implement an action plan that has been adopted well before the attackers swoop in on an organization.<\/span><\/p>\n<p data-ar-index=\"24\"><span style=\"font-weight: 400;\">Markell stressed that having the type of contingency planning that is now in place at Alterna, is not just a nice-to-have, it is a need-to-have if any organization hopes to qualify.<\/span><\/p>\n<p data-ar-index=\"25\"><span style=\"font-weight: 400;\">Much of that has to do with the sheer number of claims relating to ransomware and other cybersecurity attacks. According to Markell, the cyber insurance sector in Canada is the least profitable sector: \u201cWe have surpassed hail insurance,\u201d he pointed out, \u201cwhich is a pretty big feat and not one we should be proud of.\u201d<\/span><\/p>\n<p data-ar-index=\"26\"><span style=\"font-weight: 400;\">He added that the adversaries \u201care advancing way faster than anyone can keep up with. They are well-run organizations and they are just that, organizations with full-blown HR departments and recruiting departments.\u201d<\/span><\/p>\n<p data-ar-index=\"27\"><span style=\"font-weight: 400;\">Jajal recalled a phone conversation with a ransomware attacker that had a similar setup as a call centre. \u201cYou call a toll-free number, and the attacker replies, \u2018oh, you are from ABC Company, Jake is handling your attack. I will put you through. At the end of it, they actually sent us a two-page security report outlining how they got in.<\/span><\/p>\n<p data-ar-index=\"28\"><span style=\"font-weight: 400;\">In terms of what to do once attacked, Markell recommends calling a lawyer, one who is trained in what best to do if a client becomes the victim.<\/span><\/p>\n<p data-ar-index=\"29\"><span style=\"font-weight: 400;\">They won\u2019t provide any information on coverage, he said, but they will help \u201cquarterback the situation\u201d and propose steps that can be taken, be it reaching out to forensics companies that \u201care basically on standby to deal with these things and help support the IT security teams to figure out what, where, and how.<\/span><\/p>\n<p data-ar-index=\"30\"><span style=\"font-weight: 400;\">\u201cOnce you have the intelligence about what\u2019s going on, and how it\u2019s happened, then you can make informed decisions on how to handle it.\u201d<\/span><\/p>\n<p data-ar-index=\"31\"><span style=\"font-weight: 400;\">What it comes down to is preparation and to that end there are key, practical steps that every company can take to prevent attacks and mitigate the damage when attackers do break through.<\/span><\/p>\n<p data-ar-index=\"32\"><b>Howard: <\/b><span style=\"font-weight: 400;\">\u00a0I\u2019ve always thought that you defend against ransomware doing the same things you do for any cyber threat: Educate your users about the risks of clicking on links and opening attachments, make sure your software is quickly patched in order of its sensitivity, and making sure your data is encrypted so if it\u2019s stolen it\u2019s useless. Don\u2019t forget about protecting corporate attachments that sitting in employees\u2019 email inboxes. They contain sensitive information as well<\/span><\/p>\n<p data-ar-index=\"33\"><b>Jim:<\/b> I\u2019m <span style=\"font-weight: 400;\">continually amazed at the sophistication and the innovation of ransomware gangs.\u00a0 But I\u2019m also heartened by the \u201cnew realism\u201d that companies seem to have.\u00a0<\/span><\/p>\n<p data-ar-index=\"34\"><span style=\"font-weight: 400;\">Prevention is critical, but we need to accept that ransomware gangs are going to get through.\u00a0 So looking at how you are going to respond is important. Greg Markell said it best \u201ccontingency planning is not a nice to have, it\u2019s a need to have.\u201d<\/span><\/p>\n<p data-ar-index=\"35\"><span style=\"font-weight: 400;\">So, know your data, have good backups and test restoration, use m<\/span><span style=\"font-weight: 400;\">ulti-factor authentication and have u<\/span><span style=\"font-weight: 400;\">ser awareness and training, try to l<\/span><span style=\"font-weight: 400;\">imit the damage with network segmenting, restricting privileged access, and have a tested incident response plan.<\/span><\/p>\n<p data-ar-index=\"36\"><b>Paul:<\/b><span style=\"font-weight: 400;\"> Another session was about a topic that probably keeps IT executives up at night \u2013 what to do about email havoc, which has been described by some security experts as one of our greatest areas of vulnerability.<\/span><\/p>\n<p data-ar-index=\"37\"><span style=\"font-weight: 400;\">The numbers certainly back up that claim. Over the course of 2022, according to Statista, an estimated 333 billion emails will be sent and received globally this year, 347 billion next year and 376.4 billion in 2025.<\/span><\/p>\n<p data-ar-index=\"38\"><span style=\"font-weight: 400;\">Stunning numbers and a key reason <a href=\"https:\/\/www.itworldcanada.com\/article\/maplesec-session-examines-how-best-to-end-email-havoc\/509262\" rel=\"noopener\">guest panelist Alkin Gorgun, field chief information security officer (CISO) for Cloudflare<\/a> focused on the potential havoc all of that email activity that has and no doubt will cause an organization and how best to prevent an attack.<\/span><\/p>\n<p data-ar-index=\"39\"><span style=\"font-weight: 400;\">A key recommendation he put forward was this: No matter what email system is in use, organizations have to implement a Zero Trust strategy, despite the fact that users of Google Workspace, formerly known as G-Suite, and Office 365 contain native security controls.<\/span><\/p>\n<p data-ar-index=\"40\"><span style=\"font-weight: 400;\">\u201c(They) are pretty good and they are getting much better at blocking those highly volumetric attacks. We can, in fact, stop about 95 per cent of (them) just with the native controls within these tools. The trouble is that the attackers are always evolving, they are always changing their methods and it is becoming a real problem.\u201d\u00a0<\/span><\/p>\n<p data-ar-index=\"41\"><span style=\"font-weight: 400;\">Asked \u201chow email programs should be set up to eliminate the threats,\u201d Gorgun said the answer lies in implementing new solutions. An example of the former revolves around emails that impersonate a CEO wiring a CFO for money, which is more problematic as a result of remote working where people at home \u201care more likely to click\u201d on a tampered email when they should not.<\/span><\/p>\n<p data-ar-index=\"42\"><span style=\"font-weight: 400;\">Gartner, he said, recently released their market guide for email security, and they recommend that anything new, must contain AI or machine learning component: \u201cWhat these new tools do is look at the way that people communicate in an organization through natural language processing.\u201d communicate.\u201d<\/span><\/p>\n<p data-ar-index=\"43\"><span style=\"font-weight: 400;\">I am a big fan of this recommendation from Gartner, which said, \u201cEffective email security requires not only the selection of the correct products, with the required capabilities and configurations, but also having the right operational procedures in place.\u201d<\/span><\/p>\n<p data-ar-index=\"44\"><b>Jim \u2013 <\/b><span style=\"font-weight: 400;\">it\u2019s important that we don\u2019t forget about email. Most of us have a cloud email now and it\u2019s important to remember that while these emails are more secure in their infrastructure, they don\u2019t always protect you.\u00a0 We have Gmail and I can\u2019t tell you the number of times I\u2019ve seen the message \u201cGmail scanners are offline.\u201d\u00a0 Microsoft 365 is sophisticated, but it has to be configured correctly. I\u2019ve heard some security experts say that a vanilla install of Microsoft 365 is highly insecure \u2013 it needs to be configured.\u00a0 So my message is \u2013 email is important, don\u2019t be complacent about it just because it\u2019s in the cloud.\u00a0<\/span><\/p>\n<p data-ar-index=\"45\"><b>Howard:<\/b><span style=\"font-weight: 400;\"> It\u2019s not just scanning email for malicious attachments. As\u00a0 I talked about encrypting email earlier, in every company employees send sensitive information to each other \u2013 for example, monthly reports on who\u2019s behind paying bills. A report like that might have people\u2019s names and credit card numbers. In a travel agency people\u2019s names, birthdates and passport numbers might be sitting in emails. Companies need to have security policies about things like that. It\u2019s important to remember that a hacker can get a lot of information from compromising the email of the right person.\u00a0<\/span><\/p>\n<p data-ar-index=\"46\"><b>Paul:<\/b><span style=\"font-weight: 400;\"> I covered a <a href=\"https:\/\/www.itworldcanada.com\/article\/fireside-chat-at-maplesec-iosecure-ceo-on-lessons-learned\/509267\" rel=\"noopener\">fireside chat with Tom Jacoby,<\/a> who founded a British Columbia-based company s called, IOSecure Internet Operations Inc, which began in 1994 and then as now it was an IT services company that focused on online security \u2026<\/span><\/p>\n<p data-ar-index=\"47\"><span style=\"font-weight: 400;\">Jacoby said the key to any successful cybersecurity initiative \u2026 can be crystalized in four key words: People, Policy, Platform and Program.<\/span><\/p>\n<p data-ar-index=\"48\"><span style=\"font-weight: 400;\">\u201cUltimately all of our success in business comes down to our people,\u201d he said. \u201cIt\u2019s an overused phrase,\u201d but he added that having the right people with the necessary skills, the training and the proper communication skills is paramount.\u201d<\/span><\/p>\n<p data-ar-index=\"49\"><span style=\"font-weight: 400;\">Many challenges happen, said Jacoby, because of a lack of communication: \u201cAre the technologists in the company, communicating with the lines of business, to keep both the business secure and the business operating?\u201d\u00a0<\/span><\/p>\n<p data-ar-index=\"50\"><span style=\"font-weight: 400;\">And it is not only IT professionals of an organization that need to be aware of security, so too must support staff, particularly the personnel who might physically guard a physical building.<\/span><\/p>\n<p data-ar-index=\"51\"><span style=\"font-weight: 400;\">Jacoby recalled a \u201cstrange experience\u201d that happened to him a few years ago when he was doing a project for a large telco provider in Canada: He needed access to a particular part of the building, He had no reservation or appointment. He just showed up at the door at 6:45 in the morning in this warehouse in a part of town that was not particularly safe.\u00a0<\/span><\/p>\n<p data-ar-index=\"52\"><span style=\"font-weight: 400;\">But he looked the part: He had a suit on, a tie, a briefcase, a laptop, and probably more importantly, knew the name of a relevant project. he said. So he was escorted inside and dropped off at the equipment I needed to work on.\u00a0<\/span><\/p>\n<p data-ar-index=\"53\"><span style=\"font-weight: 400;\">Right next to him was the central office phone switch, which is critical infrastructure for a large city. \u201cI was left alone with it for the day,\u201d he recalled. \u201cI didn\u2019t want access to it \u2013 it had nothing to do with what I was doing. But there it was \u2026 the point being that all of our staff throughout the organization are key to our security success. And we have to make security more approachable, not scary.\u201d<\/span><\/p>\n<p data-ar-index=\"54\"><b>\u00a0Howard<\/b><span style=\"font-weight: 400;\">: One of the sessions I covered was the <a href=\"https:\/\/www.itworldcanada.com\/article\/cisos-must-be-proactive-in-their-cyber-strategies-maplesec-conference-told\/509058\" rel=\"noopener\">keynote address by Nick Aleks<\/a>, senior director of security at Wealthsimple, a Toronto-based online investment management service. He argued that information security leaders should be proactive rather than reactive to cyber threats.<\/span><\/p>\n<p data-ar-index=\"55\"><span style=\"font-weight: 400;\">By that he means always be thinking about what you\u2019re going to do if something bad happens, not how you\u2019re going to prevent it from happening<\/span><\/p>\n<p data-ar-index=\"56\"><span style=\"font-weight: 400;\">So, for example, instead of doing tabletop exercises, penetration tests and security audits once or twice a year, they should be done quarterly \u2014 or more often if your team has the capability.<\/span><\/p>\n<p data-ar-index=\"57\"><span style=\"font-weight: 400;\">He argued a good strategy starts with having a security champion in every department, a person who becomes part of the IT security team. They will feed intelligence back \u2014 \u2018We\u2019re seeing a lot of this kind of attack\u2019 \u2014 and in turn they will be part of an attack response and containment effort.<\/span><\/p>\n<p data-ar-index=\"58\"><span style=\"font-weight: 400;\">He also said infosec leaders don\u2019t necessarily need to invest in a breach attack simulation tool or hire a penetration testing firm: Just look deeply at your last big cyber incident. In addition to finding the root cause and ensuring it doesn\u2019t happen again, the team should ask how effective it was in responding.<\/span><\/p>\n<p data-ar-index=\"59\"><span style=\"font-weight: 400;\">IT and security teams shouldn\u2019t hoard intelligence, Aleks added. Instead it should be shared with other organizations. He didn\u2019t say, but I think he meant threat information should be shared where appropriate through, for example, industry associations, approved networking groups and police. The idea is the more intelligence you know about the better you can fight threat actors. He didn\u2019t mention it, but one place is the<a href=\"https:\/\/www.itworldcanada.com\/article\/canadian-cyber-threat-exchange-now-actively-recruiting-smbs\/414102\" rel=\"noopener\"> Canadian Cyber Threat Exchange.<\/a> Depending on the size or your organization membership can be as little as $500 a year. In the United States there a number of industry-specific information-sharing and analysis centers, or ISACs.<\/span><\/p>\n<p data-ar-index=\"60\"><b>Jim: <\/b>I loved his presentation. I think the quote from him was that cybersecurity isn\u2019t a competitive advantage, it\u2019s something we should all share in for the greaeter good is right on in that.<\/p>\n<p data-ar-index=\"61\">Also loved his comment about not needing penetration testing tools or simulations. if you have the budget and you can get great tools, good for you. But you can do a lot with a simple tabletop exercise and that focus on making it real.<\/p>\n<p data-ar-index=\"62\"><strong>Paul:<\/strong> I have a question for both of you: What I find a little confusing is this constant need to tell people to do some sort of review about their operations, be it quarterly or whatever .<\/p>\n<p data-ar-index=\"63\"><strong>Howard: <\/strong>I think one of the problems that an IT or security leader face is they\u2019ve got to do the day-to-day things and I think that just takes up a lot of time \u2014 and before you know it 30 days have passed. If you want to do regular reviews and tabletop exercises and audits you really have to set aside time for it.<\/p>\n<p data-ar-index=\"64\"><strong>Jim:<\/strong> And it\u2019s not just that you do a review, It should test your capability and that\u2019s the most important thing \u2026 I personally walk in and tap somebody [on the IT team] on the shoulder and say, \u2018Restore a file. I want to see you do that.\u2019<\/p>\n<p data-ar-index=\"65\"><strong>Howard:<\/strong> Jim, Paul, that was a really good summary of a very good event. Thanks to both of you for appearing on the show this week.<\/p>\n<p data-ar-index=\"66\">You can follow cybersecurity today on Apple Podcasts, Google Podcasts or add us to your flash briefing on your smart speaker.<\/p>\n<p data-ar-index=\"67\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/cyber-security-today-week-in-review-for-friday-october-28-2022\/510079\">Cyber Security Today, Week in Review for Friday, October 28, 2022<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This episode looks at highlights of the recent MapleSec cybersecurity<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[360,16],"tags":[389],"class_list":["post-30477","post","type-post","status-publish","format-standard","hentry","category-podcasts","category-security","tag-cyber-security-today"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/30477","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=30477"}],"version-history":[{"count":4,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/30477\/revisions"}],"predecessor-version":[{"id":30547,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/30477\/revisions\/30547"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=30477"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=30477"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=30477"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}