Launched in 2018, the Cybersecurity Tech Accord is a coalition of more than 150 global technology companies committed to foundational cybersecurity principles for responsible industry behavior. In the years since, the coalition has strived to serve as the voice of the technology industry in discussions around peace and security online. Our Signatories believe that establishing safeguards to protect the online environment is in everyone’s interest, and that industry, governments and civil society all have a role to play in achieving this goal.
Today, the Cybersecurity Tech Accord is launching “Required Update”, our new threat intelligence newsletter, in order to to support government stakeholders and cyber diplomacy communities around the world in more easily accessing relevant cybersecurity resources and analysis from the private sector. The first edition of the “Required Update” newsletter aims to inform and support cyber diplomacy dialogues ahead of the fifth substantive session of the UN Open-Ended Working Group (OEWG) on security of and in the use of information and communications technologies (ICT) 2021-2025 taking place next week (24-28 July 2023).
The “Required Update” newsletter will be released on a quarterly basis. Read the first edition below and sign up here to receive the next editions of the newsletter: form.jotform.com/231231861229350
Cybersecurity Tech Accord Quarterly Threat Intelligence Newsletter
The Cybersecurity Tech Accord believes that it is our responsibility as industry to protect and share insights on our online world. Delivered in your inbox on a quarterly basis, “Required Update” features threat intelligence reports, whitepapers, technical assistance blogs, and other resources from the private sector.
We hope the entries in this newsletter prove relevant to cyber diplomacy communities and welcome feedback. If you have suggestions or requests on topics or issues you would like to see included in future newsletters, please contact us at firstname.lastname@example.org.
Threat Intelligence Reports from our Signatories
Cyber Bank Heists: Threats to the Financial Sector
Annual report from Contrast Security provides an overview of cyber threats to the financial sector. Financial sector security leaders reveal the attacks and threats they are most concerned with and how they are responding. The findings reflect the impact that the cybercrime events of the past year have had — and continue to have — on financial institutions (FIs) around the world.
Advanced Persistent Threat (APT) Activity Report – Q1 2023
Report summarizing the activities of selected advanced persistent threat (APT) groups observed and analyzed by ESET researchers. This includes info on threat actors aligned with China, India, Iran, and North Korea. It also includes Russia-aligned actors, which are especially active in Ukraine and the EU, deploying wipers and spear-phishing emails.
Quarterly report includes insights about malware campaigns, trends and techniques identified by HP Wolf Security. Highlights in this most recent report include trends in malware delivery, the latest in phishing scams via fake software advertising and malicious QR codes, and how advanced attackers are bypassing perimeter network security controls by embedding malicious links in PDF files.
Annual report provides insights into the evolving cyber threat landscape from global incident response investigations and threat intelligence analysis of high-impact attacks and remediations. Report reveals that while significant progress has been made in threat detection and response, Mandiant continues to see new threat groups and malware families emerge, and adversaries innovate and adapt.
Recent report from Microsoft detailing the extent of Russian cyber operations in Ukraine over the first year of the war. Based on proprietary and open-source data, Microsoft security highlights destructive and espionage-based cyberattacks, as well as influence operations utilized to support Russia’s invasion of Ukraine.
This report focuses on ransomware and on how ransomware attacks can impact and disrupt a business. It also lists best practices to avoid these attacks and focuses on the role of managed service providers (MSPs) in helping businesses mitigating the risks of the mentioned attacks.
Threat Highlight Report – June 2023
Monthly threat report based on proprietary data and sources from the wider cybersecurity industry. It provides an overview of previous month’s cybersecurity news, the changing threat landscape and relevant advice. On ransomware, it includes newcomers, and an update on the scale of attacks and statistics relating to the most active groups.
Analysis Blogs and Commentary
Cybersecurity Tech Accord
“Boiling Point” Reached: The State of International Cybersecurity Thermometer
Cybersecurity Tech Accord
New industry principles to curb cyber mercenaries
How You Can Be Hijacked Without Actually Being Hacked – Mark Flegg, global director, Security Services
National Cybersecurity Strategy: Public-Private Partnership Required to Successfully Meet 21st Century Challenges – Eric Wenger – Senior Director, Technology Policy, Global Government Affairs
The United States Executive Branch’s Influence on Cybersecurity: Embracing Passwordless Authentication in the Zero Trust Era – Reza Palizban, President and Co-founder
Upcoming Cyber Diplomacy Events
14 – 15: Global Cyber Conference 2023 -Zurich, CH
20 – 22: FT Cyber Resilience Summit – Lausanne, SWTZ
20 – 21: Nordic Cyber Summit 2023 – Copenhagen, DK
3 – 4: CyberTech Europe 2023 – Rome, IT
8 – 12: Internet Governance Forum (IGF) Japan – Kyoto, JP
17 – 19: Australian Cyber Conference 2023 – Melbourne, AU
Date TBD: Singapore International Cyber Week – SP (updated link soon)
11 – 12: Paris Peace Forum – Paris, FR
21 – 23: European Cyber Week 2023 – Rennes, FR
29 – 30: Global Conference on Cyber Capacity Building (CB3B) – Accra, GH
20.11 – 15.12: World Radiocommunications Conference (ITU WRC) – Dubai, UAE