February 7, 2018
In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. Join our incident response experts for a 45-minute webinar to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.
[Guest Blog] Allscripts Attack Sets the Bar: First Notable Ransomware Lawsuit Puts Providers Under the Spotlight
Mike McKinley, deltarisk.com, February 2, 2018
Companies hit by cyber attacks are increasingly finding themselves open to potential liability from customers and third parties. The latest development was last week’s class action lawsuit against Allscripts Healthcare Solutions, the victim of a ransomware attack. Ransomware is a growing concern, as recently highlighted by the widespread WannaCry outbreak that impacted hundreds of thousands of computers worldwide last year. However, the number of lawsuits associated with ransomware has been fairly limited to date.
Catalin Cimpanu, bleepingcomputer.com, February 6, 2018
A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. On average, every ransomware attack costs companies $133,000, but some infections were more widespread than others, and 5% of respondents said they dealt with ransomware incidents that cost between $1.3 to $6.6 million.
Robert Abel, scmagazine.com, February 5, 2018
Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female. On January 4, UpGuard researcher Chris Vickery discovered the bucket containing the real names, addresses, phone numbers, email addresses – including those specified for use with PayPal, from popular YouTube, Instagram, Twitter and Twitch users, according to a Feb. 5 blog post.
Richard Poole, helpnetsecurity.com, February 5, 2018
While the EU has had long established data protection standards and rules, its regulators haven’t truly commanded compliance until now. Under the General Data Protection Regulation (GDPR), financial penalties for data protection violations are severe – €20 million (about $24.8 million USD) or 4 percent of annual global turnover (whichever is higher), to be exact. What’s more is that GDPR does not merely apply to EU businesses, but any organization processing personal data of EU citizens, regardless of location.
Susan Miller, gcn.com, February 2, 2018
With cyberattacks increasing in frequency and complexity, state legislators are stepping up security requirements, according to recent report from Edgile, a cyber risk and regulatory compliance firm. In 2017, 240 bills and resolutions related to cybersecurity were introduced across 42 states — more than double the number in 2016 — and at least 27 states enacted related legislation. Bills and resolutions introduced in 2017 included the targeting of computer crimes, restricting public disclosure of sensitive data and the implementation of workforce security training.
Kevin Richards, cfo.com, January 30, 2018
For companies seeking to grow or diversify, mergers and acquisitions make perfect sense. Global activity is accelerating, with Wall Street forecasts indicating an upswing in corporate M&A in 2018 and the U.S. merger market set to clear $1 trillion for the fourth year in a row. But there is a note of caution. An Accenture Strategy analysis of the 500 largest acquisitions by publicly traded companies found that 45% were struggling to succeed.
Kelly Sheridan, darkreading.com, January 30, 2018
2017 was another watershed year for cybersecurity. The breaches at Equifax and Yahoo! stand out for their size, but the more troubling development is how much more targeted attacks have become. The HBO attack showed us that hackers are willing to focus on valuable intellectual property or private conversations and hold them hostage for a hefty ransom. The continued attention on the Democratic National Committee hack also revealed that hackers have political agendas that can transcend financial motives.
Auto Remarketing Staff, autoremarketing.com, Janaury 31, 2018
It would seem automotive financing and retail activity is not immune to unscrupulous behavior, especially activity that originates online.
Experian discovered six out of every 10 businesses are experiencing the same or more fraudulent losses online compared with a year ago. According to Experian’s “Global Fraud and Identity Report,” analysts found that fraud trends and patterns continue to grow across the globe. The research determined that most businesses — 72 percent — cited fraud as a growing concern.
David Cook, infosecurity-magazine.com, February 2, 2018
In today’s complex IT environment, identifying security events fast is critical to minimizing the impact. However, in order to detect and remediate attacks in this environment, security teams need the proper tools to process and correlate massive amounts of real-time and historical security event data. By applying advanced analytics techniques to these huge amounts of data, infosec teams can better detect and defend against sophisticated attacks.