Welcome to the weekly highlights and analysis of the blueteamsec subreddit (and my wider reading). Not everything makes it in, but the best bits do.

Operationally this week nothing of note other than the chaos that individual contributors can bring with their ability to blow holes in very large corporations.

In the high-level this week:

• Surge in ransomware attacks helps fuel 80pc rise in cyber insurance claims - from Australia - “Cyber has become the new D&O” and “A small or medium-sized business wanting to buy $10 million of cover would, on average, face a $60,000 premium, up from $33,000 a year ago, Honan said.” - eeesh!

• EU Cyber Resilience Act - New EU cybersecurity rules ensure safer hardware and software - getting serious around IoT in Europe and more generally - only a good thing.

• CISA Strategic Plan for 2023-25 - “the first comprehensive Strategic Plan since CISA was established as an Agency in 2018.” - CISA outline their four things

  • “spearhead a national effort to ensure the defen…