Up Times • Nov. 2023

Business Continuity Mixtape – Bryley-curated stories from around the internet:

Putting some English on it The FTC has created a plain-language overview of cybersecurity principles and practices with topics like email spoofing, ransomware and physical security. And it has a couple of videos and a reinforcing quiz. One of the highlights is an outline of the NIST (National Institute of Standards and Technology) framework which is a valuable guideline for success in an organization’s cybersecurity posture … [up to a 30 min. read depending on your selections] ftc.gov

Coming at it another way — Social engineering attacks can now include deepfakes – for instance faked audio of a boss making a purchase request. Images can be faked too – often with the intent to defame, sometimes for the purposes of extortion. Adobe has taken an interesting tack to combat fake images by introducing a new meta-tag (hidden text, revealed when a somewhat subtle ‘info’ star button is clicked). The meta-tag’s text shows a record of the origin and changes to the image in question. It’s commendable that Adobe’s made the project open source, while in practice so far I’ve only seen the implementations in Adobe’s own software (and Pixelstream an Adobe-affiliated platform) … [2 min. read] contentauthenticity.org

The strategy to destabilize — In October, Cybersecurity Awareness Month, a Hartford cybersecurity panel headed by the state’s Chief Information Officer, discussed business and election destabilization that arrives via cybercrime.

Kazem Kazerounian dean of UConn’s School of Engineering said that we measure [cybersecurity] by two metrics: one is the value of the target and the second one is the size of the surface attack. When you look at election systems, they are both extremely large. What makes it even worse is that an attack can succeed by simply creating a perception of success, that is, the criminals are affecting our perception about the trustworthiness of the electoral system.

In fact, last month the US intelligence community found evidence that Russian actors made a concerted effort to undermine faith in the voting process in at least nine countries, including the United States, between 2020 and 2022, per the Washington Post.

Ransomware gangs draw from a similar playbook to rot people’s trust in an organization. Recovery from ransomware is costly, but of no less impact are the reputation damage, litigation and loss of regulatory compliance businesses often have to face. So for businesses it’s a blow that’s commonly insurmountable. 75% of small businesses polled … said they’d be able to survive only three to seven days following a [successful] ransomware attack, per Tech Republic.

A well-conceived defensive posture is the way to minimize the incidence of these cyberattacks. The Hartford panel recommended the use of strong passwords, encrypted servers, employee training, and as Dean Kazerounian said, we have to ultimately use AI in our defenses [to combat the] bad players who use AI … [4 min. read] ctinsider.com

Gimme a break – The rates of myopia, or near-sightedness, observed in children are skyrocketing … from 25 percent in 1971 to nearly 42 percent in 2017, per the National Geographic.

Myopia’s particularly problematic in young people, because it can be a sign of more significant future eye issues. The consensus reasoning behind the troubling trend seems to be too much time indoors and not enough time outdoors – though the dramatic rise pre-dates smart phones.

The brightness of outdoors, according to a theory from researcher Ian Morgan, stimulates dopamine which signals the eyeball to slow myopic distortion … [7 min. read] nationalgeographic.com

^{Note: The Mixtape section is Bryley’s curated list of external stories. Bryley does not take credit for the content of these stories, nor does it endorse or imply an affiliation with the authors or publications in which they appear.}