Weekly #cybersecurity digest to your inbox

Subscribe for our weekly digest and get each Friday the most important cyber security news, list of upcoming free webinars and a summary of Cyberday development to your inbox.

Thanks! See you in your inbox on Fridays. :)

Unfortunately something went wrong. You can contact us at team@cyberdayai.

Recent #cybersecurity weekly digests

See full archive? Go to Weekly digests -page >>

🛡️ Cyberdigest: 10 most important tasks for a CISO 🏆 Read Cyberday success story 📝

Published at

17:00

Open digest

🛡️ Cyberdigest: 10 things I wish I knew before ISO 27001 process 👀 2024 cyber trends ⚖️

Published at

17:02

Open digest

🛡️ Cyberdigest: Easter Greetings! 🐣 Read about NIS2 supervision and penalties 📝🛡️

Published at

17:00

Open digest

Webinars

See the full calendar? Go to Webinars-page >>

Coming up on:

Wednesday

30

.

5

.

at

14:00

Admin training (part 3/5): Risk management and security control implementation

Coming up on:

Wednesday

7

.

6

.

at

14:00

Admin training (part 5/5): Operating and improving an ISMS and reporting compliance

Coming up on:

Wednesday

13

.

6

.

at

14:00

Admin training (part 4/5): Automating employee awareness, guidance and training

Coming up on:

Wednesday

21

.

6

.

at

15:00

ISO 27001 (part 3/5): Certification audit fundamentals

Coming up on:

Wednesday

9

.

8

.

at

14:00

Admin training (part 2/5): Framework selection and asset identification

Coming up on:

Wednesday

9

.

8

.

at

15:00

ISO 27001 (part 4/5): Staff training, guidelines and policy documents

Blog posts

Info of new posts? Subscribe now >>

Cannes Hospital data breach, the impact of AI and NIS2 evolution: the Cyberday product and news round-up 5/2024 🛡️

May's Product and News Update presents the new monthly ISMS reports as well as the Metrics page. Other topics include Cyberday's new framework DORA and recent news around the world.

17.5.2024

6 ways to assess security work effectiveness

Evaluating the effectiveness of your cybersecurity involves examining the adequacy of your existing security measures. This process helps you identify your current security status and determine the necessary actions to enhance and fortify.

3.5.2024

System acquisition and development in NIS2: Suggested best practices

Get tips on securely acquiring and developing systems with a focus on ISO 27001, helping meet NIS2 requirements. Post explains key aspects like secure coding, acquiring secure applications and testing or publishing changes in a controlled manner.

16.4.2024

Continuity management in NIS2: Benchmark measures for business continuity and backups with ISO 27001

This post offers insight on complying with NIS2's continuity and backup requirements using ISO 27001's best practices. It guides you through continuity planning, backup processes, challenges, and achieving compliance effectively.

12.4.2024

HR security in NIS2: Best practices for compliance

Learn how HR drives ISO 27001 and NIS2 compliance through security training, roles, and policies essential for building a strong information security culture.

5.4.2024

Access control & MFA in NIS2: Build a solid foundation with ISO 27001 controls

What are the requirements for access control and MFA in NIS2 and ISO 27001 and how can they be implemented successfully? Learn more about the controls, requirements, best practices and how to overcome potential challenges in this blog post.

4.4.2024

Potential Struggles IT Companies might Encounter with Incident Identification and Reporting Today

The complexities of incident identification and reporting in IT, touching on coordination problems, tool inadequacies, and process deficiencies. It explores modern challenges like cyber threats and alert fatigue, as well as the cognitive gap.

28.3.2024

Information Security Risk Management: A Step-by-step Guide to a Clear Process

Get a step-by-step guide on managing information security risks, from asset identification to monitoring, essential for navigating growing cybersecurity threats.

21.3.2024

News articles

Get weekly news? Subscribe now >>

New Hertzbleed Side Channel Attack Affects All Modern AMD and Intel CPUs

⚠️ New interesting #vulnerability in modern Intel/AMD processors can let attackers steal e.g. encryption keys via timing-based side channels. Intel recommends cryptographic devs to harden apps against frequency throttling info disclosure.

Go to article at

Facebook Messenger Scam Duped Millions

🎣 One #phishing scam stole 1M FB credentials in 4 months - and counting. Scam included familiar elements: 🔗 short msg with a link ↩️ chain of redirects to dodge security 🔐 fake FB login 🤖 automated distribution to victim's friends

Go to article at

Ransomware Group Debuts Searchable Victim Data

#Ransomware groups have started regularly threatening to publish stolen victim data on dark web. ⚠️ Latest cunning innovation to get victims concerned is publishing on public internet, with all data available in an easily searchable form.

Go to article at

Paying Ransomware Paints Bigger Bullseye on Target’s Back

#Ransomware deals often go wrong: ⚠️ 80% of victims that paid were hit a 2nd time ⚠️ Frequently data became unusable during the decryption because of corruption issues Remember - attackers will often try to profit in any possible way.

Go to article at

Cybersecurity awareness training: What is it and what works best?

82% of breaches in 2021 involved a “human element.” Bad actors exploit credulous or careless employees. Trends that grow the need for employee #cybersecurity skills: 🔓 Poor password practices 🦹 Cybercrime growth 📲 Hybrid work

Go to article at

Know your enemy! Learn how cybercrime adversaries get in…

Researchers dug into reports of 144 real-life #cyberattack's. ⚠️ Unpatched vulnerabilties entry point for 50% of attacks ⌛ Attackers around for more than a month on avg 🖥️ RDP abused to spread the attack by more than 80% of attackers

Go to article at

Apple's New Feature Will Install Security Updates Automatically Without Full OS Update

Apple: "macOS security gets even stronger with new tools that make the Mac more resistant to attack, including Rapid Security Response that works in between normal updates to easily keep security up to date without a reboot" #cybersecurity

Go to article at

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rican terveysministeriössä tulostimet menivät sekaisin tänä aamuna Hive #ransomware'ryhmän hyökkäyksen jälkeen. Kaikki järjestelmät ovat toistaiseksi alhaalla. HIVE ei ole julkaissut lunnasvaatimusta. Hyökkäykset voivat jatkua.

Go to article at

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Printers at the Costa Rican government health ministry went crazy this morning after the Hive #ransomware group attacked. All systems went down until further notice. HIVE has not released their ransom fee. Attacks are expected to follow.

Go to article at

Get started today

Start free, in your familiar Teams environment.
If you have some questions first, book a meeting with us.

Start free 14-day trial