873
Downloads
28
Episodes
Stay ahead of the latest cybersecurity trends with Cyberside Chats—your go-to cybersecurity podcast for breaking news, emerging threats, and actionable solutions. Whether you’re a cybersecurity pro or an executive who wants to understand how to protect your organization, cybersecurity experts Sherri Davidoff and Matt Durrin will help you understand and proactively prepare for today’s top cybersecurity threats, AI-driven attack and defense strategies, and more!
Episodes
11 hours ago
11 hours ago
Why do so many major cyberattacks happen over holiday weekends? In this episode, Sherri and Matt share their own 4th of July anxiety as security professionals—and walk through some of the most infamous attacks timed to exploit long weekends, including the Kaseya ransomware outbreak, the MOVEit breach, and the Bangladesh Bank heist. From retail breaches around Thanksgiving to a cyber hit on Krispy Kreme, they break down what makes holidays such a juicy target—and how to better defend your organization when most of your team is off the clock.
Takeaways:
- Treat Holiday Weekends as Elevated Threat Windows
Plan and staff accordingly. Threat actors deliberately strike when visibility and response capacity are lowest—your incident response posture should reflect that heightened risk. - Establish and Test Off-Hours Response Plans
Ensure escalation paths, contact protocols, and technical procedures are defined, reachable, and tested for weekends and holidays. On-call responsibilities should be clearly assigned with appropriate backups. - Reduce Your Attack Surface and Harden Perimeter Before the Break
Conduct targeted patching, vulnerability scans, and privilege reviews in the days leading up to any holiday period. Temporarily disable or restrict non-essential access and remote administration rights. - Practice Incident Response Tabletop Exercises With Holiday Timing in Mind
Simulate scenarios that unfold over weekends or during staff absences to uncover timing-based gaps in coverage, decision-making, or escalation. Make sure playbooks account for limited availability and stress-test your team’s ability to respond under real-world holiday constraints. - Communicate Expectations Across the Organization and With 3rd Parties
Brief relevant teams (not just security) on the increased risk. Reinforce secure behaviors, clarify how to report suspicious activity, and keep business units informed about potential delays or escalation protocols. Talk with your MSP and other 3rd party vendors to ensure they have consistent monitoring and know who to contact if there is an incident (and vice versa).
Resources:
- MOVEit Data Breach Timeline – Rapid7
- Kaseya Ransomware Attack Explained – Varonis
- Bangladesh Bank Heist – Darknet Diaries Episode 72
- Tabletop Exercises & Incident Response Planning – LMG Security
#cybersecurity #dfir #incidentresponse #ciso #cybersidechats #cybersecurityleadership #infosec #itsecurity #cyberaware
No comments yet. Be the first to say something!