Cybersecurity Saturday - Ermer and Suter PLLC

Happy New Year! Cybersecurity Dive offers viewpoints of “six security experts on what cyber threats they expect in 2023. In sum
Organizations will keep a close eye on geopolitical tension and supply chain attacks. But at the core, the biggest threats are built on mistakes.”

Becker’s Health IT provides the viewpoints of healthcare cybersecurity experts on what’s in store for 2023.

Security Week discusses five stories that shaped cybersecurity in 2022.

From the ransomware front —

The Healthsector Cybersecurity Coordination Center released an analyst note on CLOP ransomware last Wednesday:

Clop operates under the Ransomware-as-service (RaaS) model, and it was first observed in 2019. Clop was a highly used ransomware in the market and typically targeted organizations with a revenue of $5 million U.S. Dollars (USD) or higher. Since its appearance, HC3 is aware of attacks on the Health and Public Health (HPH) sector. The HPH sector has been recognized as being a highly targeted industry for the Clop ransomware.

Health IT Security provides a related article.

Bleeping Computer’s The Week in Ransomware reports

BitDefender and law enforcement released a free decryptor for the MegaCortex ransomware. Any victims who saved their encrypted files in the hopes of a decryptor being released can recover their files for free.

From the cyber defense front —

Health Tech informs us about “Tips for health systems on managing legacy systems to strengthen security bolstering; basic security can help protect legacy systems as healthcare organizations make strides to modernize infrastructure.”

ISACA posted articles about the relationship between “high IP address IQ” and strong cybersecurity and the new emergent CISO.

The National Institute of Standards and Technology informs us

The Zero Trust Architecture (ZTA) team at NIST’s National Cybersecurity Center of Excellence (NCCoE) has published the second version of volumes A-D and the first version of volume E of a preliminary draft practice guide titled “Implementing a Zero Trust Architecture” and is seeking the public’s comments on their contents. This guide summarizes how the NCCoE and its collaborators are using commercially available technology to build interoperable, open standards-based ZTA example implementations that align to the concepts and principles in NIST Special Publication (SP) 800-207, Zero Trust Architecture.

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Subscribe to FEHBlog