What's New in the NIST Cybersecurity Framework 2.0

Update to the NIST framework adds new "govern" function for cybersecurity. [TechWeb]( Follow Dark Reading: [RSS]( August 15, 2023 LATEST SECURITY NEWS & COMMENTARY [What's New in the NIST Cybersecurity Framework 2.0]( Update to the NIST framework adds new "govern" function for cybersecurity. [Following Pushback, Zoom Says It Won't Use Customer Data to Train AI Models]( Company's experience highlights the tightrope tech organizations walk when integrating AI into their products and services. [Phishing Operators Make Ready Use of Abandoned Websites for Bait]( Abandoned sites — like Wordpress — are easy to break into, offer a legitimate looking cover, and can remain active for longer than average. [Health Data of 4M Stolen in Cl0p MOVEit Breach of Colorado Department]( State's Department of Health Care Policy & Financing is the latest to acknowledge an attack by the Russian group's ongoing exploitation of third-party systems. [5 Ways CISA Can Help Cyber-Poor Small Businesses & Local Governments]( Adopting these recommendations will help SMBs and public-sector agencies that must deal with the same questions of network security and data safety as their larger cousins, but without the same resources. [Interpol Shuts Down Phishing Service '16shops']( Global law enforcement operation leads to arrests of suspects behind sale of popular phishing kits. [(Sponsored Article) Healthcare Innovation: A Safe and Secure Approach]( Six focus areas to address the top security challenges facing healthcare organizations today. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Microsoft Patches Zero-Day Bug Under Active Exploit in August Update]( Attackers are already exploiting one of Microsoft's August Patch Tuesday fixes in the wild, which offers up a low attack complexity for cyberattackers. [NSA: Codebreaker Challenge Helps Drive Cybersecurity Education]( The US National Security Agency aims to attract students to cybersecurity in general and its own open positions in particular: 3,000 new jobs this year. [What CISA and NSA Guidance Means for Critical Infrastructure Security]( Strategically investing in solutions that meet you where you are makes all the difference in staying secure from cyber threats. [10 Key Controls to Show Your Organization Is Worthy of Cyber Insurance]( More-effective cyber-risk management controls can help bolster a company's policy worthiness. Start with these 10 tips to manage risk as underwriter requirements get more sophisticated. [MORE]( EDITORS' CHOICE [XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure]( Disguised as harmless PDF documents, LNK files trigger a PowerShell script, initiating a Rust-based injector called Freeze[.]rs and a host of malware infections. LATEST FROM THE EDGE [7 Reasons People Don't Understand What You Tell Them]( No matter how clearly security professionals express themselves, not everyone thinks the same way. Here's why communication can go wrong. LATEST FROM DR TECHNOLOGY [Lock Down APIs to Prevent Breaches]( Developers need to focus on creating secure web and mobile applications, because flaws in Web application programming interfaces (APIs) have left companies open to attack. LATEST FROM DR GLOBAL [Russian-African Security Gathering Exposes Kremlin's Reduced Influence]( Messaging from joint summit in Saint Petersburg amounts to little more than "diplomatic subterfuge," observers note. WEBINARS - [Protecting the Database: How to Secure Your Enterprise Data]( For many enterprises, the "crown jewels" are found in their database applications - virtual "crown jewels" of data in traditional database applications that are often linked to the Internet. What are the chief threats to today's databases? How can you ... - [Implementing Zero-Trust With A Remote Workforce]( The shift to remote work and a distributed workforce model highlighted the importance of the zero-trust model for organizations. Corporate endpoint devices are no longer protected behind the enterprise perimeter, connect to routers with unknown levels of security, and share ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [9 Traits You Need to Succeed as a Cybersecurity Leader]( - [The Ultimate Guide to the CISSP]( - [Rediscovering Your Identity]( - [2023 Global Future of Cyber Report]( - [Cybersecurity in a post pandemic world: A focus on financial services]( - [Cybersecurity in 2023 and beyond: 12 leaders share their forecasts]( - [Know your customer: Enable a 360-degree view with customer identity & access management]( [View More White Papers >>]( FEATURED REPORTS - [Concerns Mount Over Ransomware, Zero-Day Bugs, and AI-Enabled Malware]( - [Everything You Need to Know About DNS Attacks]( - [The Promise and Reality of Cloud Security]( Cloud security has been part of the cybersecurity conversation for years but has been on the sidelines for most enterprises. The shift to remote work during the COVID-19 pandemic and digital transformation projects have moved cloud infrastructure front-and-center as enterprises ... [View More Dark Reading Reports >>]( PRODUCTS & RELEASES [DARPA Taps RTX to Attune AI Decisions to Human Values]( [Fortinet Announces Free Security Awareness Curriculum for K-12 Students Tied to White House's Cyber Initiatives]( [Osano Secures $25M Series B to Advance Data Privacy Platform]( [Rootly Raises $12M to Help Enterprise IT Teams Resolve Incidents 80 Percent Faster]( [MORE PRODUCTS & RELEASES]( CURRENT ISSUE [How Supply Chain Attacks Work, and How to Stop Them]( [DOWNLOAD THIS ISSUE]( [VIEW BACK ISSUES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=117711&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_08.15.23&sp_cid=49481&utm_content=DR_NL_Dark%20Reading%20Daily_08.15.23&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#19 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2023]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)