Tiernan Connolly’s Post

The Cyber Strategy dropped yesterday. While the tone of its first priority - shape adversary behavior - has shifted from what was previewed, the strategy remains problematic. I outlined some of my concerns last week.

If connected products are part of your roadmap, now is the time to evaluate how prepared your technology partners are 🚨 At Remion, we’ve assessed how the Cyber Resilience Act (CRA) impacts both our own solutions and our customers’ operating environments. We’re strengthening our development practices to ensure regulatory requirements are systematically embedded into our solutions. If you are wondering what CRA means in practice check out our article by our Security Manager Jesse 📖 👉 Link in comments

The #CyberResilienceAct is approaching, and many organizations affected by it are still unprepared. That’s why The Purple Book Community has established a Center of Excellence dedicated to Cyber Resilience Act readiness, and their insights will be shared with you at #RSAC. Join this session at #PBCConnect on Monday 3/23 to connect with numerous security leaders who are also working to interpret the EU regulations and plan for compliance: https://gag.gl/4jfKlG Leading the discussion are experts Cassie Crossley, Nathan Motyl, Deepak Parashar, Sahil Bhanushali and Mark Lambert

The newly-released National Cyber Strategy helps to galvanize the cybersecurity community around a clear map for action, Daniel Kroese of Palo Alto Networks told BSA's Henry Young following the strategy's release. As the strategy moves toward implementation, hear more perspectives from industry leaders here (https://lnkd.in/eYidsmNU) and BSA's vision (here: https://lnkd.in/enBsBzRz) to realize cyber regulatory harmonization as outlined in the strategy.

While cyber-attacks can appear random, it’s inevitably the least-well-defended businesses that become targets of choice. NFU Mutual’s article explores how businesses can increase their cyber resilience and what steps they can take to prevent cyber-attacks: https://orlo.uk/85xE0

FBI’s Operation Winter SHIELD is now live — 10 actionable steps to strengthen your cyber defenses. The Federal Bureau of Investigation (FBI), courtesy of Brett Leatherman and team, just released this practical approach, distilling the 10 most impactful actions organizations can take right now to build real resilience against intrusions. Drawing from real-world investigations and global partners, it focuses on layered defense: phish-resistant authentication, risk-based vulnerability management, immutable offline backups, third-party risk, privilege reduction, and more. Full guide (free PDF): https://lnkd.in/gGNwT69D I've taken this material and distilled an actionable framework and approach that every company could use in order to address the FBI's 10 overall areas.

The speed at which an organisation detects and responds to an incident can significantly reduce its impact. Visibility, monitoring and preparation all play a role in ensuring teams can act early. Explore practical cyber insights: https://lnkd.in/ewWAkEa8

Insight from our work at CMC Consultancy Partnership : cyber risk often lives in the overlap of connected systems — see more here: https://lnkd.in/e5mEEwPv

Thanks to Phil Muncaster for featuring Beyond Blue Limited’s director Carl Hunt in his recent article for ISMS.online on the findings of the Bank of England’s CBEST report. In the article, Carl provides advice for financial services organisations on how they can enhance their cyber defences – from technical capabilities to ensuring CISOs have the business context to make rapid decisions to contain incidents quickly. Read the full piece here: https://lnkd.in/efsiPSfP

Part 2 of our cyber series explores the financial and operational impact a cyber incident can have on a business. Jerry Power explains how the damage often extends well beyond the initial breach, with hidden costs such as business interruption, lost income and legal expenses creating long-term challenges. Watch the full episode and explore the series via: https://www.mga.com/cyber/