Although executives of organizations report that ransomware is their number one security concern, and 87 percent of them expect an increase in cyber-attacks against their organizations over the next year, only one-third of them said they had conducted a tabletop exercise to prepare for a ransomware attack.

According to a survey of 50 executives, Deloitte

Yesterday (August 25, 2021), the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack.

The fact sheet, entitled Protecting Sensitive and Personal Information from Ransomware-Caused Data Breaches provides organizations with tips to prevent and respond to

In an unusual but significant move, on August 4, 2021, the Federal Trade Commission (FTC) removed Aristotle International from the Children’s Online Privacy Protection Act (COPPA) Safe Harbor List. There were 7 organizations on the list, which were approved by the FTC to self-regulate themselves under COPPA, but with this first removal by the FTC,

If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. Microsoft has issued an alert to its customers warning them of the new attack, which merits mention to your users.

The phishing scheme is designed to

A new report from Beyond Identity focuses on old, but very important issues—ending  access rights to network systems by terminated employees and the rampant sharing of passwords.

According to the report, it is estimated that almost 25 percent of previous workers still have access to their former employers’ networks through work accounts. This is concerning

The federal Cybersecurity and Infrastructure Security Agency (CISA) released a few cybersecurity “bad practices” this week to assist in decreasing the volume of knowable and preventable cyber mistakes. These bad practices are aimed at educating critical infrastructure owners and operators, as well as the defense industry and the organizations that support the supply

I know I sound like a vinyl record that has a scratch in it, but I write it as I see it. And right now, I am seeing that the companies hit with cyber-attacks, ransomware attacks, double extortion attacks, and data theft are unprepared to respond because they either don’t have an incident response plan