Top 10 Cybersecurity Articles in 2022 // Echelon Risk + Cyber

At Echelon, we take pride in our contribution to the cybersecurity community, as well as our participation in it. Keeping our clients (and everyone!) aware is one of the main goals of our Intelligence blog.

Here are the top 10 articles from 2022, ranked by unique pageviews.

#10 Hacker’s Perspective: Web App Vulnerabilities - An In-Depth Look at Attacking File Uploads

File uploads are ubiquitous, making them a prime target for attackers. Here's how ethical hackers test your resilience against these kinds of attacks.

#9 What the Lapsus$ Attacks Should Teach Us About Third-Party Insider Threat

The Lapsus$ attacks have helped companies realize that third-party vendors can be the 'weakest link' within their own organizations. This article summarizes what companies can learn (and do) to protect data.

#8 Bite-Sized Cyber Essentials: Multi-Factor Authentication

Multi-factor authentication (MFA) is the process of having more than one form of authentication to ensure that if one methods is compromised, an attacker is still unable to access the account.

#7 Looking Inward, Charting a New Course for Effective TPRM

Most current third-party risk management (TPRM) programs are external-facing. But what if the greatest threat to your organization wasn’t external?

#6 How Safe is it to Scan a QR Code?

QR codes are clever (just ask Coinbase), but they can be security nightmares. Here’s what our CEO, Dan Desko, had to say when he was interviewed about this year’s Super Bowl ad.

#5 ISO/IEC 27001:2022 – Your Guide to the Updates and How to Get (and Stay) Compliant

The highly anticipated ISO 27001:2022 updates modernize the standard to keep up with the evolving cyber landscape. Here's everything you need to know about the changes and how you can get (and stay) compliant.

#4 Hacker’s Perspective: Securing JSON Web Tokens

If you are a modern-day developer, you’re probably plenty familiar with JSON Web Tokens (JWT’s). They perform their job efficiently when correctly implemented. Unfortunately, they can also be vulnerable to malicious threat actors.

#3 Are Your Vendors “Tall enough to Ride the Ride”?

We can think about an amusement park’s rider height and restriction requirements as a useful way to describe risk tolerances when onboarding new vendors or increasing scopes of work to existing ones.

#2 DEF CON 30 in Review: How the Echelon Team Won a Black Badge, and a Black Badge Breakdown

Buckle up for the story of how the Echelon team won the coveted DEF CON Black Badge, and dive deep into Ross Flynn's detail breaking down the Black Badge.

#1 The Countdown is On: New Cyber Incident Reporting Requirements for Banks

In January 2021, the Federal Reserve Banks implemented the Security and Resiliency Assurance Program outlining new compliance requirements for banks that use FedLine® by the end of 2022. This article outlines everything you need to know about this new program.

Want to stay informed of new articles like these?

Subscribe to our Cyber Intelligence Weekly newsletter to get articles like these (along with three hot cyber topics) in your inbox each week.