On October 31, 2023, the Office for Civil Rights (OCR) issued a press release announcing that it has settled with Doctors’ Management Services for $100,000 following a ransomware attack that compromised the protected health information of 206,695 individuals.

According to the press release, “this marks the first ransomware agreement OCR has reached.”  The facts underlying

Threat actors don’t wait for a convenient time to attack your company. They attack when it suits them, and when they can find any small opening. Being prepared for different types of attacks helps companies prepare for their response before the attack happens. 

More and more companies are testing their incident response plans by conducting

The U.S. Transportation Security Administration (TSA) issued its second Security Directive to the pipeline industry on July 20, 2021, following the Colonial Pipeline cybersecurity incident. The first Directive on May 27, 2021, required pipeline owners and operators to notify CISA of cyber incidents, designate a cyber coordinator for the company, and review their cybersecurity program.

On July 19, 2021, the Federal Bureau of Investigations issued a Private Industry Notification to service providers and “entities associated with the Tokyo 2020 Summer Olympics that cyber actors who wish to disrupt the event could use distributed denial of service (DDoS) attacks, ransomware, social engineering, phishing campaigns, or insider threats to block or disrupt

Application Programming Interface (API), provides a way for programmers and developers to allow systems to exchange data with one another. For instance, all of your company’s important employee data may be contained in Active Directory (AD), but it also needs to be contained in the firm’s CRM system. Instead of having to perform tedious manual

Chinese cyber espionage and cyber-attack capabilities will continue to support China’s national security and economic priorities,” says Dan Coats, the Director of National Intelligence “Americans should not buy Huawei or ZTE products.” In March 2017 the Chinese Telecom company, ZTE, plead guilty to shipping US technology to Iran and North Korea, and reached a settlement

On April 10, the Federal Financial Institutions Examination Council (FFIEC) members issued a joint statement discussing cyber insurance and its potential role in the risk management programs of financial institutions. Members of the FFEIC include the Board of Governors of the Federal Reserve System, Consumer Financial Protection Bureau, Federal Deposit Insurance Corporation, National Credit Union

Arizona Governor Doug Ducey launched the Arizona Cybersecurity Team (ACT) by Executive Order on March 1, 2018. The ACT, comprised of 22 members representing officials from the Executive Branch, including the state’s Chief Information Officer and Chief Information Security Officer, representatives from public safety, homeland security, emergency and military affairs, as well as members of

The Council for Economic Advisors (CEA) issued a report this month, entitled “The Cost of Malicious Cyber Activity to the U.S. Economy,” which concludes that “malicious cyber activity cost the U.S. economy between $57 billion and $109 billion in 2016.”

The Executive Summary further depressingly concludes:

  • Malicious cyber activity directed at private and public entities