The US Cybersecurity and Infrastructure Agency (CISA) has issued an alert regarding malicious activity conducted by an advanced persistent threat group associated with the Iranian government. The group is targeting various critical infrastructure sectors, including healthcare, by exploiting vulnerabilities in Microsoft Exchange and Fortinet systems. CISA advises organizations to investigate potential suspicious activity in their networks and implement various security measures to mitigate risks. This highlights the growing prominence of nation-state actors beyond Russia in cyberattacks. Collaboration and information sharing among organizations is crucial to addressing such threats effectively.
Board-Ready Security Metrics That Actually Matter
TL;DR Board-ready security metrics translate technical capabilities into financial risk and business outcomes. Boards need visibility across three dimensions: risk exposure, incident response capability, and
