Welcome reader to your CybersecurityHQ report

Headlines

Insurer Parametrix says US Fortune 500 other than Microsoft will face up to $5.4 billion in financial losses due to the recent CrowdStrike outage. Parametrix said in a statement that somewhere between $540 million to $1.08 billion is likely to be covered by insurance, leaving an enormous gap.

The outage, which rocked industries worldwide, is still causing fallout. Delta Air Lines announced its operations will finally be back to normal today. The massive disruptions at Delta led to a US Transportation Department investigation opening up Tuesday after the company’s IT woes affected half a million travelers and left many stranded at airports across the US.

The US Federal Communications Commission (FCC) completed its investigation (PDF) into AT&T’s 12-hour-long outage in February that led to dozens of 911 call centers going down nationwide. On February 22 of this year, over 25,000 attempts to reach 911 emergency services were blocked due to the issue.

Just like last week’s devastating CrowdStrike blackout, this issue arose from a network update. The FCC report cites several more factors that exacerbated the event, including inadequate laboratory testing, lack of adherence to the company’s internal procedures, and lack of controls to step in once the outage began, among others.

KnowBe4, a US-based security training company, discovered it hired a North Korean hacker as a software engineer. Their identity came to light when the hire’s newly issued computer began loading malware immediately upon activation, starting an investigation that included the FBI and Mandiant, Google’s security team.

Despite being a North Korean hacker, the infiltrator passed KnowBe4’s background check and interview process. They even used an AI deepfake to alter a stock photo to create a convincing image of themselves.

Interesting Read

This profile in SecurityWeek highlights the career path of Alyssa Miller, telling the story of how she rose to such a high level in the world of cybersecurity. Like many in the field, her career really began as a kid when she taught herself to hack. But it’s continued for over 20 years, bringing her to an international stage.

Like so many cybersecurity professionals at her level, her number one takeaway is that success in the field requires daily work — staying on top of the latest threats and developing as a professional and human being.

Twitter Highlights

Employment Tip: Develop Incident Response

Cybersecurity follow the dictum that an ounce of prevention is worth a pound of cure. But once there is an incident, organizations need professionals who can rise to the challenge. Certifications like CISSP and GCIH show your ability to do just that.

For the latest openings in cybersecurity careers, check CybersecurityHQ.

Stay Safe, Stay Secure.

The CybersecurityHQ Team