Can you believe 2021 is almost over? This year has just flown by! It has also been another jam-packed year of cybersecurity industry news, advances, and major security breaches.
Living Security's Mini-Campaigns in a Box are timely resources focused on major events in the cybersecurity industry. They are meant for Security Awareness Program Owners to provide ad-hoc training for their organizations by adding background and context around some of the biggest cybersecurity stories of the year.
The following resources are a few highlights from our 2021 Mini-Campaigns in a Box. And while the topics they cover may no longer be front-page news, the lessons that can be drawn from them are just as relevant today as the day they were published. We at Living Security would like to wish you Happy Holidays and look forward to seeing you in 2022!
1. Colonial Pipeline Cyberattack
May 2021. In one of the biggest cybersecurity stories of the year, the criminal group DarkSide conducted a ransomware attack on the largest fuel pipeline operator in the United States, Colonial Pipeline. The attack lead to fuel shortages across the country and forced Colonial to pay $4.4 million in ransom.
2. International Fraud Awareness Week
November 2021. Every November since 2000, the Association of Certified Fraud Examiners (ACFE) select one week as "Fraud Week," where hundreds of organizations around the world pledge to spread fraud awareness throughout their companies and communities.
3. JBS Ransomware Attack
June 2021. The world's largest meat processing company, JBS, was forced to pay an $11 million ransom in order to stop a major cyberattack in June this year. JBS, which supplies one-fifth of the meat sold globally, was forced to shut down facilities in the United States, Canada, and Australia. The attack was believed to be perpetrated by the Russia-based cybercriminal group REvil.
4. New Cybersecurity Regulations for the Energy Sector
October 2021. Following President Biden enacting Executive Order 14028, "Improving the Nation's Cybersecurity," the Transportation Security Administration (TSA) has released directives aimed at boosting cybersecurity throughout the energy sector, with an emphasis on pipeline operators. TSA, which is a part of the Department of Homeland Security (DHS), says these directives are to ensure the nation's network of pipelines is as secure as possible from future cyberattacks.
5. Kaseya Ransomware Attack
July 2021. In another attack claimed by the cybercriminal group REvil, American software company Kaseya was targeted. Kaseya provides software for managing networks and other systems infrastructure; due to the nature of the software, the malicious code was able to affect between 800-1500 other businesses who directly use Kaseya's VSA product or utilize an MSP that was affected.
Monthly Content for Your Program
Developing new, fresh content that keeps your team engaged during cybersecurity awareness training can be difficult and time-consuming. That’s why our team at Living Security developed Campaign in a Box.
Receive new content to promote your awareness campaigns every month without the legwork. Request more information about our resources for program owners today or download our 2022 Security Awareness Program Calendar for a look at the upcoming content releases.