CyberInsights Weekly #16

Your weekly dose of learnings from cybersecurity news

I. Integrating cybersecurity and ERM

NIST has released the NISTIR 8286, a framework for bringing together cybersecurity risks and enterprise risks.

Cybersecurity risks, after all, are a subset of enterprise risks!

Download the standard in pdf here.

CISO Check:

How closely does your cybersecurity risk register match the enterprise risk register?

II. Using DDoS attacks for extortion

Cyber criminals have identified another way to extort money from organisations - by threatening a DDoS attack.

DDoS attacks seem to be getting cheaper and easier to manage for the attacker. Google revealed that they faced a nation state sponsored 2.5 terabyte attack in 2017.

According to a study, 16 DDoS attacks occur every minute!

CISO Check:

What are your primary and secondary risks of a DDoS attack? What is your DDoS management ecosystem?

What is the capacity of DDoS attack that your business can withstand?

III. Quote of the week

The role of a CISO evolves from a ´policeman of computers´ to a ´dietician of risk appetite´. - Stephane Nappo

---

Have an original interesting cybersecurity quote? Let us know in the comments and we will publish it along with your name in our quotes section.