You continue to hear that your employees are your biggest risk when it comes to causing a data breach. Recent incidents that we have been involved in that were caused by employee error include...more
It is estimated that we will spend $4 billion online this year, including on Cyber Monday, coming up in just a few days.
With the increase in online shopping, particularly over the holidays, it is prime time for scheming...more
11/22/2017
/ Black Friday ,
Cyber Monday ,
Cybersecurity ,
Data Privacy ,
Debit and Credit Card Transactions ,
Facebook ,
Hackers ,
Holidays ,
Hyperlink ,
Internet Retailers ,
Malware ,
Network Security ,
Online Payments ,
Privacy Concerns ,
Ransomware ,
Social Media ,
Web Browsers ,
Wifi
We previously warned readers about the Locky ransomware, which is potent and designed to use phishing emails to lure users to click on links and attachments, including pdfs....more
We previously warned readers about the Locky ransomware, which is potent and designed to use phishing emails to lure users to click on links and attachments, including pdfs.
Now, researchers at Cylance have discovered...more
11/20/2017
/ Antitrust Provisions ,
Big Data ,
Colleges ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Drones ,
Educational Institutions ,
Email ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Ransomware ,
Universities ,
Unmanned Aircraft Systems
There have been a myriad of research studies attempting to come up with the “cost” of a data breach. The most recent, released by AT&T, estimates that it costs organizations $3.6 million to recover from a data breach....more
Michigan Governor Rick Snyder has signed into law the Cyber Civilian Corps Act, which established the Michigan Cyber Civilian Corps, dubbed MiC3. The corps has been in existence for three years but not statutorily deployed. ...more
11/10/2017
/ Consumer Financial Protection Bureau (CFPB) ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data-Sharing ,
Drones ,
Drug & Alcohol Abuse ,
Elder Issues ,
Financial Services Industry ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Opioid ,
Pain Management ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
State Data Breach Notification Statutes ,
Unmanned Aircraft Systems
Beazley has published a report outlining data breaches in the first nine months of 2017. The report notes that the highest cause of a data breach in 2017 so far are unintended disclosures, which accounted for 41 percent of...more
11/9/2017
/ Cyber Attacks ,
Cyber Crimes ,
Data Breach ,
Data Protection ,
Hackers ,
Health Care Providers ,
HIPAA Breach ,
Malware ,
Personally Identifiable Information ,
PHI ,
Phishing Scams ,
Ransomware ,
Social Engineering
Hilton Domestic Operating Co., Inc. (Hilton) has agreed to pay the New York and Vermont Attorneys General $700,000 to settle allegations that they violated those state consumer protection and data breach notification laws...more
11/3/2017
/ Consumer Protection Laws ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Debit and Credit Card Transactions ,
Hackers ,
Hilton ,
Hospitality Industry ,
Hotels ,
Malware ,
Personally Identifiable Information ,
Settlement Agreements
US-CERT Warns of New Ransomware: Bad Rabbit -
The U.S. Computer Emergency Readiness Team (US-CERT) is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated it has received multiple...more
11/3/2017
/ Airspace ,
Biometric Information ,
Centers for Medicare & Medicaid Services (CMS) ,
Children's Health Insurance Program (CHIP) ,
Class Action ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Department of Transportation (DOT) ,
Drones ,
Federal Aviation Administration (FAA) ,
Federal Pilot Programs ,
Fingerprints ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hilton ,
Hospitality Industry ,
Hotels ,
Hyatt ,
Information Technology ,
Internet of Things ,
LG Electronics ,
Malware ,
Medicare Access and CHIP Reauthorization (MACRA) ,
MIPS ,
NASA ,
Personally Identifiable Information ,
Ransomware ,
Risk Management ,
Unmanned Aircraft Systems ,
US-CERT
The U.S. Computer Emergency Readiness Team (US-CERT)is warning companies in the U.S. about a new ransomware dubbed “Bad Rabbit.” US-CERT stated that it has received multiple reports of infections by Bad Rabbit in countries...more
11/2/2017
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
US-CERT
The Federal Energy Regulatory Commission (FERC) has proposed new rules to enhance cybersecurity for the electric grid in the U.S., which includes security management controls to specifically respond to risks associated with...more
10/30/2017
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Electricity ,
Energy Sector ,
FERC ,
Hackers ,
Malware ,
Power Grid ,
Risk Management ,
Security Standards ,
Utilities Sector
The FBI and Department of Homeland Security issued a joint statement on October 20 warning of an increased danger of a malicious “multi-stage intrusion campaign” to critical infrastructure industries, including the energy...more
10/30/2017
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Department of Homeland Security (DHS) ,
Email ,
Energy Sector ,
FBI ,
Hackers ,
Information Technology ,
Malware ,
Oil & Gas ,
Phishing Scams ,
Popular
Security researchers this week have found a new vulnerability that affects Wi-Fi Protected Access II, also known as WPA2, which is the security protocol used by many wireless networks....more
10/19/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Malware ,
Mobile Device Management ,
Mobile Devices ,
Network Security ,
Public Wireless Networks ,
Ransomware ,
Risk Management ,
US-CERT ,
Vulnerability Assessments ,
Wifi ,
Wireless Industry ,
Wireless Technology
The Apache Struts vulnerability has been mentioned frequently in the media over the past month, as it is believed to have been involved in one of the largest and most damaging data breaches in history....more
In its cyber security incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care sector as having suffered the most security incidents, which surpasses the public...more
10/9/2017
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Malware ,
Personally Identifiable Information ,
PHI ,
Ransomware
McAfee Report Lists Health Care Sector as Most Targeted Industry for Cyber-Attacks -
In its cybersecurity incident report outlining vulnerabilities for the second quarter of 2017, security firm McAfee lists the health care...more
10/5/2017
/ Airspace ,
BSA/AML ,
Class Action ,
Corruption ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Department of the Interior ,
Drones ,
Fast-Food Industry ,
Federal Aviation Administration (FAA) ,
Financial Institutions ,
FinCEN ,
Franchises ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Breach ,
Home Depot ,
Malware ,
Money Laundering ,
Netflix ,
Personally Identifiable Information ,
PHI ,
Ransomware ,
Restaurant Industry ,
Unmanned Aircraft Systems ,
Venezuela ,
White Collar Crimes
Hackers working on behalf of the Iranian government have been targeting the aviation and petrochemical industries in the United States, Saudi Arabia, and South Korean since 2013, according to a report released by FireEye...more
DNV GL recently issued a new globally applicable recommended practice (DNLVGL-RP-G108) to assist oil and gas operators, system integrators and managers, and vendors in the offshore industry to manage increasing cybersecurity...more
9/26/2017
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cybersecurity ,
Data Security ,
Energy Sector ,
Hackers ,
Malware ,
New Guidance ,
Oil & Gas ,
Popular ,
Ransomware ,
Risk Management
A new report released by Check Point has security personnel working in the health care industry particularly concerned and they are warning their colleagues about the existence of “Fireball.”...more
The American Institute of CPAs (AICPA), has released a risk management reporting framework intended to "establish a common, underlying language for Cybersecurity risk management reporting — almost akin to US GAAP or IFRS...more
6/9/2017
/ AICPA ,
Cell Phones ,
Class Action ,
CPAs ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Drones ,
HIPAA Breach ,
International Travel ,
Laptop Computers ,
Malware ,
Mobile Apps ,
OCR ,
PHI ,
Popular ,
Risk Management ,
TCPA ,
Terrorist Threats ,
Unmanned Aircraft Systems
Following the massive WannaCry event, the mantra among security folks is push patches to vulnerabilities as soon as they are released.
US-CERT issued a warning late last week that there is a newly discovered flaw,...more
6/2/2017
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management ,
US-CERT
The fall-out from WannaCry continues, particularly in the healthcare sector.
There are new reports that WannaCry affected at least two hospital systems in the U.S. and encrypted medical devices (power injector systems)...more
Electronic signature technology company DocuSign has admitted that it suffered a breach of one of its computer systems resulting in stolen data including customer and user email addresses. The breach has allowed the hackers...more
We have read multiple reports on WannaCry and if you are reading this and don’t know what WannaCry is, Google it for the background story. The clear message is this is not the last major attack we will see, and future attacks...more
5/19/2017
/ Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
FBI ,
Hackers ,
Health Care Providers ,
Malware ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management ,
US-CERT
Over the past week, many clients and individuals have asked me why some companies and health care facilities were devastated by the WannaCry ransomware, and why others made it through the weekend without a blink of an eye....more
5/18/2017
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Health Care Providers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Phishing Scams ,
Ransomware ,
Risk Management