INFOSECURITY NEWSLETTER

February 7, 2018

[Webinar] Data Breach Survival Tactics: Building Actionable Incident Response Plans

In today’s threat landscape, it isn’t a question of if you’ll experience an incident, but when. When a security incident strikes, you’ll need a well-prepared staff and with a battle-tested plan. A mature incident response plan keeps everyone on the same page. Join our incident response experts for a 45-minute webinar to learn how you can quickly contain the impact of a breach, resolve an incident, and get back to business as quickly as possible.

Reserve My Seat

[Guest Blog] Allscripts Attack Sets the Bar: First Notable Ransomware Lawsuit Puts Providers Under the Spotlight

Mike McKinley, deltarisk.com, February 2, 2018

Companies hit by cyber attacks are increasingly finding themselves open to potential liability from customers and third parties. The latest development was last week’s class action lawsuit against Allscripts Healthcare Solutions, the victim of a ransomware attack. Ransomware is a growing concern, as recently highlighted by the widespread WannaCry outbreak that impacted hundreds of thousands of computers worldwide last year. However, the number of lawsuits associated with ransomware has been fairly limited to date.

Read More


Ransomware Victims Hit on Average by Two Attacks Per Year

Catalin Cimpanu, bleepingcomputer.com, February 6, 2018

A study of 2,700 IT professionals across the globe has revealed that 54% of organizations suffered a ransomware attack in the last year, and most organizations were hit more than twice, with the average number of ransomware per attacks being two. On average, every ransomware attack costs companies $133,000, but some infections were more widespread than others, and 5% of respondents said they dealt with ransomware incidents that cost between $1.3 to $6.6 million.

Read More

Misconfigured Amazon Web Services Bucket Exposes 12,000 Social Media Influencers

Robert Abel, scmagazine.com, February 5, 2018

Another misconfigured Amazon Web Services (AWS) S3 cloud storage bucket has been left insecure this time exposing the sensitive data of 12,000 social media influencers, most of whom were female. On January 4, UpGuard researcher Chris Vickery discovered the bucket containing the real names, addresses, phone numbers, email addresses – including those specified for use with PayPal, from popular YouTube, Instagram, Twitter and Twitch users, according to a Feb. 5 blog post.

Read More


7 Steps for Getting Your Organization GDPR-Ready

Richard Poole, helpnetsecurity.com, February 5, 2018

While the EU has had long established data protection standards and rules, its regulators haven’t truly commanded compliance until now. Under the General Data Protection Regulation (GDPR), financial penalties for data protection violations are severe – €20 million (about $24.8 million USD) or 4 percent of annual global turnover (whichever is higher), to be exact. What’s more is that GDPR does not merely apply to EU businesses, but any organization processing personal data of EU citizens, regardless of location.

Read More

States Step Up Pace of Cyber Regulations

Susan Miller, gcn.com, February 2, 2018

With cyberattacks increasing in frequency and complexity, state legislators are stepping up security requirements, according to recent report from Edgile, a cyber risk and regulatory compliance firm. In 2017, 240 bills and resolutions related to cybersecurity were introduced across 42 states — more than double the number in 2016 — and at least 27 states enacted related legislation. Bills and resolutions introduced in 2017 included the targeting of computer crimes, restricting public disclosure of sensitive data and the implementation of workforce security training.

Read More

Don’t Forget Cybersecurity in M&A Due Diligence

Kevin Richards, cfo.com, January 30, 2018

For companies seeking to grow or diversify, mergers and acquisitions make perfect sense. Global activity is accelerating, with Wall Street forecasts indicating an upswing in corporate M&A in 2018 and the U.S. merger market set to clear $1 trillion for the fourth year in a row. But there is a note of caution. An Accenture Strategy analysis of the 500 largest acquisitions by publicly traded companies found that 45% were struggling to succeed.

Read More

Digital Extortion to Expand Beyond Ransomware

Kelly Sheridan, darkreading.com, January 30, 2018

2017 was another watershed year for cybersecurity. The breaches at Equifax and Yahoo! stand out for their size, but the more troubling development is how much more targeted attacks have become. The HBO attack showed us that hackers are willing to focus on valuable intellectual property or private conversations and hold them hostage for a hefty ransom. The continued attention on the Democratic National Committee hack also revealed that hackers have political agendas that can transcend financial motives.

Read More


6 Findings From Experian’s Newest Global Fraud Report

Auto Remarketing Staff, autoremarketing.com, Janaury 31, 2018

It would seem automotive financing and retail activity is not immune to unscrupulous behavior, especially activity that originates online.
Experian discovered six out of every 10 businesses are experiencing the same or more fraudulent losses online compared with a year ago. According to Experian’s “Global Fraud and Identity Report,” analysts found that fraud trends and patterns continue to grow across the globe. The research determined that most businesses — 72 percent — cited fraud as a growing concern.

Read More

Big Data and Cybersecurity – Making it Work in Practice

David Cook, infosecurity-magazine.com, February 2, 2018

In today’s complex IT environment, identifying security events fast is critical to minimizing the impact. However, in order to detect and remediate attacks in this environment, security teams need the proper tools to process and correlate massive amounts of real-time and historical security event data. By applying advanced analytics techniques to these huge amounts of data, infosec teams can better detect and defend against sophisticated attacks.

Read More

Sign Up for Our Newsletter

financial newsletterhealthcare newsletter
Infosecurity Newsletter Archive

June 2018: 6th

May 2018: 2nd, 9th, 30th

April 2018: 4th, 11th, 18th, 25th

March 2018: 7th, 14th, 21st, 28st

February 2018: 7th, 14th, 21st, 28th

January 2018: 3rd, 10th, 17th, 24th, 31st

December 2017: 6th, 13th, 20th

November 2017: 1st, 15th, 29th

October 2017: 4th, 11th, 18th, 25th

September 2017: 6th, 13th, 20th, 27th

August 2017: 2nd, 9th, 16th, 23rd, 30th

July 2017: 5th, 12th, 19th, 26th

June 2017: 7th, 14th, 21st, 28th

May 2017: 3rd, 10th, 17th, 24th, 31st

April 2017: 5th, 12th, 19th, 26th

March 2017: 1st, 8th, 15th, 22nd, 29th

February 2017: 1st, 8th, 13th, 22nd

January 2017: 4th, 11th, 18th, 24th

December 2016: 7th, 14th, 21st, 28th


top cyber incident pain points