Inglés C2 - An evolution in the cybersecurity landscape

Questions and Answers

True or false:The pandemic has not had any impact on cybersecurity threats.

False

True or false: Remote workers are more likely to use secure networks and devices than office workers.

False

True or false: Phishing attacks are not a major risk for remote workers.

False

True or false: The evolution of cyberattacks has led to a unidisciplinary approach to threat management.

False

True or false: Preparedness and validation of capabilities are not important for effective cybersecurity.

False

True or false: High-profile ransomware attacks have not highlighted the importance of cybersecurity for businesses.

False

True or false: A layered approach to cybersecurity is not effective in preventing high-profile attacks and ransomware attacks.

False

True or false: Oversharing does not lead to security risks.

False

True or false: Consumers are becoming more willing to share their personal data due to increased trust in cybersecurity measures.

False

True or false: Companies do not need to prioritize communication and collaboration between IT and non-IT staff for effective cybersecurity.

False

Study Notes

• Cyberattacks are becoming more sophisticated and destructive.
• Companies have evolved their approach to cybersecurity to include information sharing and collaboration.
• The pandemic and remote work have introduced new cybersecurity threats.
• Remote workers may be using less secure networks and devices.
• Phishing attacks are a major risk, and remote workers may not have easy access to help or information sharing.
• The evolution of cyberattacks has led to a multidisciplinary approach to threat management.
• Automation and vendor solutions are being used to manage and triage security events.
• Preparedness and validation of capabilities are important for effective cybersecurity.
• Banks on Wall Street can deal with dozens of attacks every day, with phishing attacks being particularly common.
• High-profile ransomware attacks have highlighted the importance of cybersecurity for businesses.
• Layered approach to cybersecurity is important in preventing high-profile attacks and ransomware attacks.
• Good practices like least privileged access, vulnerability management, phishing testing and training, and aggressive patching help reduce attack surface.
• Organizations need to focus on third- and fourth-party risks and critical vendors' awareness of threats.
• Having a strong handle on asset inventory is important.
• Bug bounty programs incentivize security researchers to report vulnerabilities in a responsible way.
• Cyber Incident Reporting Act and Ransomware Disclosure Act are being watched for quick reporting of incidents.
• Collaboration between public and private sectors can be done via direct engagement and partnerships.
• Consumer and retail sectors are vulnerable to cyberattacks due to the nature of their online traffic.
• Balancing user experience with maintaining security posture is important.
• Defense and depth approach with regards to process and practices, controls, and assurance activities is vital.
• Consumers are increasingly reluctant to share data due to rising cybercrime.
• Companies need to protect data while addressing consumer concerns.
• Oversharing can also lead to security risks.
• Large breaches have led to numbness among consumers.
• Responsible organizations invest in programs to protect customers.
• Banks have a good track record of protecting customers.
• Companies need to continually evolve their programs and technology to keep pace with evolving attacks.
• Cybersecurity awareness among employees is important.
• Best practices to improve cybersecurity awareness include training, regular testing, and clear policies.
• Companies should also prioritize communication and collaboration between IT and non-IT staff.