The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021, following the Colonial Pipeline cybersecurity incident. ...more
On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event...more
7/22/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Denial of Service Attacks ,
Digital Service Providers ,
Events ,
FBI ,
Hackers ,
Olympics ,
Popular ,
Ransomware ,
Risk Management ,
Sports ,
Vulnerability Assessments
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
7/16/2021
/ Anti-Money Laundering ,
Biden Administration ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Enforcement Guidance ,
Hackers ,
Information Technology ,
Money Laundering ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Regulatory Reform ,
Risk Management ,
Virtual Currency
In a rare move, the Department of Health and Human Services (HHS) has issued a warning to hospitals and health systems to prioritize the patching of a two-year-old vulnerability in picture archive communication systems...more
7/9/2021
/ Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Department of Health and Human Services (HHS) ,
Hackers ,
Health Care Providers ,
Hospitals ,
Popular ,
Risk Management ,
Security Risk Assessments ,
Vulnerability Assessments
Another example of the resiliency and creativity of cyber-attackers is outlined in a new blog by Cisco/Talos researchers, which outlines how, over the past year, and in particular as a result of the migration from work at the...more
4/16/2021
/ Cisco ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Information Technology ,
Malware ,
Remote Working ,
Risk Management ,
Slack ,
Telecommuting ,
Vulnerability Assessments
Speaking of security education and training, the National Cybersecurity Center this week launched a new initiative to offer cyber-hygiene and IT security sessions to elected state government officials and their staff for...more
The United States Government Accountability Office (GAO) recently completed and published a study on electricity grid cybersecurity that concluded that the Department of Energy (DOE) needs to ensure its plans fully address...more
Cyber-hygiene and prevention are sometimes hard to fit in when there are so many vulnerabilities, zero-day attacks and third-party incidents that keep us busy every day....more
In a rare sharing of information about vulnerabilities in a blog post, Microsoft this week urged customers to download software patches to Microsoft Exchange Server after it detected “multiple 0—Day exploits being used to...more
The news is full of stories about crashing vaccination scheduling websites, seniors who are unable to get their vaccine appointment, and how different states are rolling out their limited supplies of COVID vaccines....more
The statistic that cybercriminals have been unleashing 18 million phishing emails laced with malware on a daily basis into cyberspace during the pandemic is mind boggling and one that executives should pay attention to when...more
2/18/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Phishing Scams ,
Risk Management ,
Statistical Analysis
In what the New York Department of Financial Services (NYDFS) is touting as the first guidance by a U.S. regulator on cyber insurance, NYDFS announced on February 4, 2021, in Insurance Circular Letter No. 2 (2021), that it...more
Although somewhat obvious, the World Economic Forum, in partnership with Marsh McLennan, SK Group and Zurich Insurance Group, recently issued its 16th edition of the Global Risks Report (the Report), which analyzes “the risks...more
My phone was ringing this week with inquiries from clients, friends and acquaintances who received a Form 1099 in the mail for an unemployment claim that they did not file, asking what should they do....more
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial services sector doing business in New York, recently provided guidance to its regulated...more
Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers...more
With the new year upon us, we reflect on the many challenges and lessons of 2020. This week’s Insider offers a collection of the most read posts of 2020.
...more
12/31/2020
/ ALEXA ,
Ballot Measures ,
Connected Items ,
Cybersecurity ,
Data Privacy ,
Financial Stimulus ,
Remote Working ,
Right to Repair ,
Risk Management ,
Scams ,
Telecommuting ,
Telematics
You executives and managers who are in my age group (that is, you didn’t grow up with mobile devices and computers) listen up. According to several studies, you pose a higher security risk to your organization than the...more
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to...more
11/30/2020
/ Best Practices ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FERC ,
Hackers ,
Infrastructure ,
NERC ,
NIST ,
Popular ,
Risk Management
CYBERSECURITY -
Responding to Cyber-Attacks in the Utility and Energy Sectors -
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American...more
11/25/2020
/ Ballot Measures ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
E-Commerce ,
FERC ,
Hackers ,
Home Depot ,
Infrastructure ,
Internet Retailers ,
Motor Vehicles ,
Popular ,
Right to Repair ,
Risk Management ,
Settlement Agreements
I have done more online shopping this year than ever before, and I know that I am not alone. With the holidays approaching, this will only increase because of the pandemic, and hackers and fraudsters know it....more
We spend a lot of time reporting on ransomware because we are seeing more incidents than ever before, and our readers comment that keeping them up to date on ransomware tactics is helpful. The ransomware gangs, strains and...more
11/12/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The UK National Cyber Security Centre (NCSC) issued an alert on October 16, 2020, to raise awareness “of a new remote code execution vulnerability (CVE – 2020 – 16952)”, which affects Microsoft’s SharePoint product....more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
10/23/2020
/ Bring Your Own Device (BYOD) ,
Coronavirus/COVID-19 ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Infectious Diseases ,
Information Technology ,
Multi-Factor Authentication ,
Popular ,
Remote Working ,
Risk Management ,
Telecommuting ,
Vulnerability Assessments
CYBERSECURITY -
Patching Gets More and More Complicated but Is Critical for
Managing Risk -
Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more
10/16/2020
/ Ballot Measures ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
HIPAA Breach ,
Information Governance ,
OCC ,
OCR ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Risk Management