Leveraging Knowledge to Manage Your Data Risks
On July 28, 2021, the Cybersecurity & Infrastructure Security Agency (CISA) issued a cybersecurity alert entitled “Top Routinely Exploited Vulnerabilities” in collaboration with the Australian Cyber Security Centre, the United Kingdom’s National Cyber Security Centre, and the FBI.
The Alert concludes that cyber criminals are exploiting vulnerabilities in unpatched systems, but that many of the…
A new commercial has hit the airwaves in Israel. It begins with a door swinging open to reveal a beautiful seaside patio with a couple awaiting their dinners as a voiceover says, “How much have we missed going out with friends?” Well, with the Green Pass “a door simply opens in front of you” and…
The statistic that cybercriminals have been unleashing 18 million phishing emails laced with malware on a daily basis into cyberspace during the pandemic is mind boggling, and one that executives should pay attention to when prioritizing resources for user education. Math was never my strongest subject, but 18 million malicious emails targeted at all of…
You executives and managers who are in my age group (that is, you didn’t grow up with mobile devices and computers) listen up. According to several studies, you pose a higher security risk to your organization than the up-and-comers you manage.
According to a new survey of 2,000 workers aged 16 to 55+ in the…
The GEO Group, Inc. (GEO), a publicly held company located in Boca Raton Florida, announced on November 3, 2020, that it is beginning to notify individuals following a ransomware attack that “impacted a limited amount of personally identifiable information and protected health information for some inmates and residents contained on certain servers for a small…
The UK National Cyber Security Centre (NCSC) issued an alert on October 16, 2020, to raise awareness “of a new remote code execution vulnerability (CVE – 2020 – 16952)”, which affects Microsoft’s SharePoint product. According to the alert, “successful exploitation of this vulnerability would allow an attacker to run arbitrary code and to carry out…
Last week, authorities from the United States, United Kingdom and Canada accused a well-known hacker group tied to the Russian government, APT29 a/k/a Cozy Bear of using malware to exploit security vulnerabilities to enable it to steal COVID-19 vaccine research from companies located in these countries working to develop a vaccine. This was after a…
A recent report released by the British Ports Association and Astaara, a risk management firm based in the U.K., concludes that since February 2020, the maritime industry has seen a dramatic increase in cyber-attacks. The number of attacks has quadrupled, as companies struggle with COVID-19 and remote work forces.
According to the report, in what…
Beginning in 2016, the computer hacking organization known as “The Dark Overlord,” began to target victims in the St. Louis, Missouri area, including various health care providers, several accounting firms, and a medical records company. By remotely accessing these victims’ computer networks without authorization, The Dark Overlord was able to obtain sensitive records and information,…
The “security principle” under the General Data Protection Regulation (GDPR) requires that organizations process personal data securely by means of “appropriate” technical and organizational measures. This month, the United Kingdom’s Information Commissioner’s Office (ICO) issued new guidance focused on two specific measures the ICO recommends that companies consider in complying with the GDPR security requirements: encryption and passwords.…
Continue Reading UK Information Commissioner’s Office Issues Guidance on Use of Encryption and Passwords in Connection with GDPR
