It's hard to believe what netzwoche reported on 11 September 2023: A master key from a crash dump was stolen directly from a Microsoft lab in the USA. The hackers from the Chinese Storm-0558 group used this Azure Cloud Signing Key for the Azure Active Directory to attack 25 organisations, including the US government, from May 2023. They captured around 60,000 emails from ten accounts and extensive email address lists of the US authorities.
Cyber insurance is a relatively new form of risk transfer that helps companies to mitigate the financial impact of cyber-attacks and outages. It provides an additional layer of protection by addressing some of the residual risks that cannot be completely eliminated through technical and organizational controls alone.
This event is in planning.
In an era where technology and business strategies go hand in hand, harmonising IT governance and management with business objectives is key to the success of leading organisations. My presentation will use a specific audit to highlight how we, as internal auditors, use the COBIT framework to not only review this alignment, but also strategically plan our subsequent audits to target where they will provide the most value in achieving organisational objectives.
New variants of criminal activities are constantly being developed to illegally obtain information and data, highly developed technologies, processes, patents and customer information. The motives lie in the realisation of financial gain or the acquisition of power.