September Risk Roundup: Last summer BBQ or cyber attack primetime?

by Stephanie Mangold.
The Risk Roundup is our weekly collection of curated content that relates to all things digital risk management. Members of the Coalition team have pulled together their favorite posts from the week that highlight relevant trends in cybersecurity and cyber insurance. Enjoy our TL;DR and useful snippets on topics we’re keeping a close eye on.

Summer holidays are for beach, beers, barbeque, and relaxing before school and work restart in the fall — but they’re also a prime opportunity for threat actors because most companies have reduced coverage. So before you clock out this Friday, heed the latest warnings, and take a moment to ensure that your employees and your network are properly prepared for a possible cybersecurity event.

1. Ransomware awareness for holiday and weekends

It's sad but true. Attackers know which days we have our guards down (2 p.m. on a Friday before a holiday weekend), and then they choose to attack. The busiest weekends of my professional career are usually Thanksgiving and Christmas, year after year. So, if you are ever planning to beef up security or implement any alerting or monitoring, holidays are the ideal times. – Leeann Nicolo, Incident Response Lead

View tweet here

2. FBI, CISA advise ransomware risk increases on holidays, weekends

This is 100% true; last year, a threat intelligence partner revealed that ransomware attacks on a handful of our insureds were imminent several days before Christmas. Our incident response team reached out, stopped it from happening, and saved the day. – Tommy Johnson, Cyber Security Engineer

View tweet here

3. Danger due to danger

As the kids used to say, “because risk.” Last month we highlighted someone with PhD-level credentials in the field who struggled with operationalizing security. Complex choices, multiplied by unhelpful error messages can make risk feel unsolvable — but the danger remains. – Aaron Kraus, Security Engagement Manager

View tweet here

4. Students skipping college in favor of boot camps

Four-year degree programs don’t make much sense for rapidly evolving fields like computer science. Instead, students can acquire basic concepts and foundational knowledge in a boot camp or shortened academic program and focus on continuing education to stay on top of emerging trends. This also makes it easier for these fields to welcome currently underserved populations who can’t afford the exorbitant cost of traditional college. Aaron Kraus, Security Engagement Manager

I believe that 18 is too young to decide what you want to do in life. An introduction to “a day in the life” of a wide range of careers during high school could be more helpful in determining a path for students, which would lead to better decisions on whether college or training is a better fit for what you’d like to do. It beats going to college undecided and spending 40k/year while you figure it out. – Sarah Miknis, Social Media Manager

View tweet here

If you enjoyed this post be sure to check our blog weekly; the Risk Roundup runs Friday mornings in addition to more enlightening content we post related to the ever-evolving landscape of digital risk. Follow us on Twitter (@SolveCyberRisk), LinkedIn (Coalition Inc), and Youtube. If you have any suggestions for content that we should be adding to our reading list, let us know!