I. Slacking on Slack
An attacker compromised one of Twitter’s internal Slack channels that had the credentials for an admin tool.
Cloud based Shadow IT (without centralised authentication and monitoring) is a recipe for disaster. Uncontrolled use of peripheral communication tools (Slack, WhatsApp, Teams, etc…) will lead to crown jewel compromise.
CISO check: How many such uncontrolled communication channels are lurking in the shadows? Do employees know what shouldn’t be shared on these?
II. Are you covered?
Work from home has changed the risk dynamics for most organisations. Suddenly.
Cyber insurance coverage, on the other hand, has not kept pace with the risk.
CISO check: Who identifies the risks that cyber insurance should cover? Does your policy cover new risks like shared use of personal assets for work, cloud usage, etc.? What will you do if they don’t?
III. Quote of the week
The user's going to pick dancing pigs over security every time. - Bruce Schneier
Have an original interesting cybersecurity quote? Let us know in the comments and we will publish it along with your name in our quotes section.
For weekly CyberInsights and thought provoking questions: