March/April 2022

orderForm.title

orderForm.productCode

orderForm.description

orderForm.quantity

orderForm.itemPrice

orderForm.price

orderForm.totalPrice

orderForm.deliveryDetails.name

orderForm.deliveryDetails.accountNumber

orderForm.deliveryDetails.phone

orderForm.deliveryDetails.poNumber

orderForm.deliveryDetails.email

orderForm.deliveryDetails.companyName

orderForm.deliveryDetails.billingAddress

orderForm.deliveryDetails.deliveryAddress

orderForm.deliveryDetails.deliveryDetailsDeliveryAddressSameAsBillingAddress

orderForm.deliveryDetails.address1

orderForm.deliveryDetails.address2

orderForm.deliveryDetails.city

orderForm.deliveryDetails.state

orderForm.deliveryDetails.postCode

orderForm.deliveryDetails.country

orderForm.deliveryDetails.additionalInformation

orderForm.noItems

Guest Commentary By Terry L. Allen, CISSP, OXEN Technology

The State of Cybersecurity in 2022

 

Maybe it’s the times we find ourselves in, the experience that comes from getting older or both — but the challenges we face feel overwhelming. For Gen-X (those born approximately 1965 to 1980), the generations of our parents and grandparents saw many of our present challenges in the 20th century with wars, pandemics, geopolitical tension, economic hardships and likely supply and workforce pressures to go with it. 2022 might be a different calendar of time, but we have been here before in history and lived to talk about it with one relatively new exception: cybersecurity.

As I look back over the past year, 2021 was a defining one for cybersecurity. Some of the year’s most impactful incidents, as shared on darkreading.com/attacks-breaches/6-of-the-most- impactful-cybersecurity-incidents-of-2021, follow.

• a severe vulnerability in Log4J logging framework present in untold numbers of devices worldwide

24 mobankers.com

• ransomware attack on Colonial Pipeline resulted in gas shortages on the U.S. East Coast

• an attack on Kaseya, an IT management platform used by IT service providers, that affected thousands of downstream client networks with ransomware

• on premises Microsoſt Exchange Server (ProxyLogon) vulnerability that was so bad, the FBI was ordered to take the unprecedented step to intervene uninvitedly on private mail servers to mitigate the damage

• “PrintNightmare” vulnerability in the essential document printing subsystem of every single Microsoſt desktop and server

• an attack on a Florida Water Utility that resulted in the near poisoning of the water supply system

Ideally, soſtware defects are found and reported proactively and fixed privately, before being disclosed publicly. In many of the cases mentioned, everyone was finding out that the fox was already in the henhouse! Zero-day attacks occur when defects in a particular soſtware system are found to be actively used by malicious actors to attack computer systems before IT teams

Page 1 | Page 2 | Page 3 | Page 4 | Page 5 | Page 6 | Page 7 | Page 8 | Page 9 | Page 10 | Page 11 | Page 12 | Page 13 | Page 14 | Page 15 | Page 16 | Page 17 | Page 18 | Page 19 | Page 20 | Page 21 | Page 22 | Page 23 | Page 24 | Page 25 | Page 26 | Page 27 | Page 28 | Page 29 | Page 30 | Page 31 | Page 32