Weekly News Roundup July 18-21, 2023

Posted on July 21, 2023

I recall hearing the name Kevin Mitnick for the first time when I started writing for cybersecurity publications back in 2015. Admittedly, I had a very naïve, “Oh my goodness,” sort of response when an editor recommended someone who had previously been on the FBI’s most wanted list as a reliable source. Mitnick passed away this week, leaving behind a colorful history and eventually an honorable legacy which positioned him as one of the most predominant industry influencers of our time.

Though I didn’t know him personally, news of his death saddened me. Mitnick was a fascinating human. I had learned about the tangled webs of deception that people can achieve through different literary characters, so the concept of social engineering was one aspect of cybersecurity that I could wrap my head around. For me, Mitnick was a real-life Iago (from Shakespeare’s Othello) with the heart-warming caveat that the former hacker had redirected his life to eventually become the Chief Hacking Officer of KnowBe4. As I reflect back on the Conference themes of the past four years, Mitnick is the personification of all of them: Human Element, Resilience, Transform, and Stronger Together.

To find educational resources to help your organization tackle the challenges of social engineering and the human element, visit our Library or go to RSAC Marketplace where you can find a variety of cybersecurity vendors and service providers who can assist with your specific needs.

Now let’s take a look at what else made industry headlines this week.

Jul. 21: CSO Online shared a list of new CISO appointments that have happened thus far in 2023.

Jul. 21: Security Week reported, “A Russian prosecutor on Friday requested an 18-year prison sentence for Ilya Sachkov, founder of one of the country’s top cybersecurity firms, on treason charges.”

Jul. 20: In light of the challenges organizations have with hiring cybersecurity experts and writing accurate job descriptions, it's worth asking, "Should You Be Using a Cybersecurity Careers Framework?"

Jul. 20: According to ZD Net, Singapore has published a draft of guidelines for when and how organizations' can use personal data to train AI models and systems.

Jul. 19: The ALPHV ransomware group, which claims responsibility for a cyberattack on Estee Lauder last week, reported said they tried to contact the company but received no response and has threated to leak stolen data.

Jul. 18: "Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation," Bleeping Computer reported.

Jul. 18: China continues to demand loyalty from its IT sector to establish a strong "cybersecurity barrier" which will allow stronger control over the country's cyberspace.

Jul. 18: The latest cybersecurity initiative announced by the Biden Administration is the “US Cyber Trust Mark” program—" a cybersecurity certification and labeling program to help Americans more easily choose smart devices that are safer and less vulnerable to cyberattacks.”

RSAC Insights

standards & frameworks artificial intelligence & machine learning business continuity & disaster recovery data loss prevention government regulations ransomware cyberattacks phishing security awareness

View More Blogs

Blogs posted to the RSAConference.com website are intended for educational purposes only and do not replace independent professional judgment. Statements of fact and opinions expressed are those of the blog author individually and, unless expressly stated to the contrary, are not the opinion or position of RSA Conference™, or any other co-sponsors. RSA Conference does not endorse or approve, and assumes no responsibility for, the content, accuracy or completeness of the information presented in this blog.