Although somewhat obvious, the World Economic Forum, in partnership with Marsh McLennan, SK Group and Zurich Insurance Group, recently issued its 16th edition of the Global Risks Report (the Report), which analyzes “the risks...more
My phone was ringing this week with inquiries from clients, friends and acquaintances who received a Form 1099 in the mail for an unemployment claim that they did not file, asking what should they do....more
The New York Department of Financial Services (DFS), which regulates certain covered entities and licensed persons in the financial services sector doing business in New York, recently provided guidance to its regulated...more
Following Ubiquiti’s security incident and its subsequent recommendation to change your router password and enable multi-factor authentication, and the fact that it is widely reported that using default passwords on routers...more
With the new year upon us, we reflect on the many challenges and lessons of 2020. This week’s Insider offers a collection of the most read posts of 2020.
...more
12/31/2020
/ ALEXA ,
Ballot Measures ,
Connected Items ,
Cybersecurity ,
Data Privacy ,
Financial Stimulus ,
Remote Working ,
Right to Repair ,
Risk Management ,
Scams ,
Telecommuting ,
Telematics
You executives and managers who are in my age group (that is, you didn’t grow up with mobile devices and computers) listen up. According to several studies, you pose a higher security risk to your organization than the...more
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American Electric Reliability Corporation (NERC) recently issued a report on best practices to...more
11/30/2020
/ Best Practices ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Protection ,
FERC ,
Hackers ,
Infrastructure ,
NERC ,
NIST ,
Popular ,
Risk Management
CYBERSECURITY -
Responding to Cyber-Attacks in the Utility and Energy Sectors -
To assist utilities with assessing and responding to cyber risks, the Federal Energy Regulatory Commission (FERC) and the North American...more
11/25/2020
/ Ballot Measures ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
E-Commerce ,
FERC ,
Hackers ,
Home Depot ,
Infrastructure ,
Internet Retailers ,
Motor Vehicles ,
Popular ,
Right to Repair ,
Risk Management ,
Settlement Agreements
I have done more online shopping this year than ever before, and I know that I am not alone. With the holidays approaching, this will only increase because of the pandemic, and hackers and fraudsters know it....more
We spend a lot of time reporting on ransomware because we are seeing more incidents than ever before, and our readers comment that keeping them up to date on ransomware tactics is helpful. The ransomware gangs, strains and...more
11/12/2020
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Information Technology ,
Malware ,
Personally Identifiable Information ,
Popular ,
Ransomware ,
Risk Management ,
Vulnerability Assessments
The UK National Cyber Security Centre (NCSC) issued an alert on October 16, 2020, to raise awareness “of a new remote code execution vulnerability (CVE – 2020 – 16952)”, which affects Microsoft’s SharePoint product....more
Secureworks issues an annual Incident Response Report that is very helpful in obtaining information on what types of incidents are occurring in order to become more resistant to threats. The 2020 IR Report was recently...more
10/23/2020
/ Bring Your Own Device (BYOD) ,
Coronavirus/COVID-19 ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Security ,
Infectious Diseases ,
Information Technology ,
Multi-Factor Authentication ,
Popular ,
Remote Working ,
Risk Management ,
Telecommuting ,
Vulnerability Assessments
CYBERSECURITY -
Patching Gets More and More Complicated but Is Critical for
Managing Risk -
Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more
10/16/2020
/ Ballot Measures ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
HIPAA Breach ,
Information Governance ,
OCC ,
OCR ,
Online Safety for Children ,
Personal Data ,
Personally Identifiable Information ,
Risk Management
Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as manufacturers try to stay abreast of zero-day vulnerabilities and issue patches as quickly as they can....more
CYBERSECURITY -
U.S. Chamber of Commerce and FICO Release Security Guidelines
on Telework During COVID-19 -
It is no secret that companies are experiencing an increase in security incidents following the transition...more
10/9/2020
/ California Consumer Privacy Act (CCPA) ,
Chamber of Commerce ,
Construction Project ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Management ,
Data Privacy ,
Drones ,
FBI ,
Governor Newsom ,
Hackers ,
OCR ,
Personal Data ,
Premera Blue Cross ,
Ransomware ,
Risk Management ,
Telecommuting ,
Wifi
It is no secret that companies are experiencing an increase in security incidents following the transition from work in the office to work from home during the pandemic. There are a number of causes, including the difficulty...more
On October 6, 2020, the Federal Bureau of Investigations (FBI) issued a warning to consumers about using WiFi when teleworking from a hotel.
The FBI acknowledges that many workers are having difficulty working from home...more
10/9/2020
/ Coronavirus/COVID-19 ,
Cybersecurity ,
Data Protection ,
FBI ,
Hotels ,
Infectious Diseases ,
Remote Working ,
Risk Management ,
Telecommuting ,
Virtual Private Networks ,
Wifi
On October 1, 2020, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an advisory “to highlight the sanctions risks associated with ransomware payments related to malicious cyber-enabled...more
10/5/2020
/ Cryptocurrency ,
Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Digital Wallets ,
Economic Sanctions ,
Financial Institutions ,
Foreign Policy ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Risk Management ,
Risk-Based Approaches ,
Sanction Violations
In the wake of the increase in ransomware attacks, including data exfiltration prior to or during a ransomware attack, I think it is worth the time and resources to focus on data recovery and business continuity....more
Auditors have to continue doing their job of auditing, but with the pandemic, audits now are rarely on-site. Many auditing firms are using remote technology to conduct audits, and companies are either forwarding files...more
Security researchers are warning companies to be aware of a new resurgence of the Emotet botnet that has been reactivated after a hiatus of five months.
According to the researchers, the Emotet malware steals information,...more
Live adult streaming website CAM4 has reportedly not secured 7TB of users’ information, which may be able to be used for blackmail and identity theft purposes, according to researchers from Safety Detectives....more
5/8/2020
/ Adult Entertainment ,
Blackmail ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
Hackers ,
Identity Theft ,
Internet Streaming ,
Online Platforms ,
Risk Management ,
Vulnerability Assessments
Google has warned users in a blog article that nation state-backed hackers are using the COVID-19 crisis to ramp up phishing attempts and, in one example, are posing as American fast food franchises and sending malicious...more
The transition from work-from-the-office to work-from-home has been rapid during the pandemic. All of a sudden, millions of workers are working from home, while data security personnel were not able to plan and operationalize...more
The scammers know that most of us are working from home and are trying to use this to their advantage. The robocalls have increased, and telemarketers are calling more frequently, but with a new twist—preying on fears of...more