August 16, 2017
William H. Saito, forbes.com, August 8, 2017
Companies and organizations are still struggling to deal with ransomware, a cyberattack in which user data is encrypted and held hostage, supposedly until a ransom is paid. This trend looks set to continue and perhaps even intensify.
Michael Hill, infosecurity-magazine.com, August 10, 2017
More than two-thirds of security professionals are not confident their organizations have made necessary security improvements since the WannaCry and Petya attacks earlier this year, according to new research from Tripwire.
Zackery Mahon, deltarisk.com, August 11, 2017
Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply.
Elizabeth Snell, healthitsecurity.com, August 11, 2017
The National Initiative for Cybersecurity Education (NICE) released a Cybersecurity Workforce Framework to help organizations in various sectors educate and train staff members in needed cybersecurity measures. Entities will also have guidance on workforce development and planning that can be catered to their individual operations.
Michael Mimoso, threatpost.com, August 10, 2017
One of the patches included in Tuesday’s Adobe Flash Player update was a do-over after the researcher who privately reported the problem earlier this year discovered the original patch incompletely resolved the issue. Dutch researcher Bjorn Ruytenberg disclosed details after Adobe updated the soon-to-be deprecated Flash Player on Tuesday to version 26.
Healthcare IT News Staff, healthcareitnews.com, July 31, 2017
Healthcare proved itself a lucrative target for hackers in 2016, and so far in 2017 is, unfortuantely , following suit. From organizations with exposed, unused websites to unencrypted storage drives, health organizations still have much to learn about security.
Help Net Security Staff, helpnetsecurity.com, August 10, 2017
Nothing should be more important for these sites and apps than the security of the users who keep them in business. Unfortunately, Dashlane found that that 46% of consumer sites, including Dropbox, Netflix, and Pandora, and 36% of enterprise sites, including DocuSign and Amazon Web Services, failed to implement the most basic password security requirements.
George Nott, cio.com, August 9, 2017
A survey of 250 self-identified hackers at the twentieth annual Black Hat conference in Las Vegas last month has revealed the security technologies they find toughest to beat. Of the hackers that responded, 38 per cent said multi-factor authentication was the ‘hardest to get past’ while 32 per cent considered encryption the toughest defence to beat.
David Thornton, federalnewsradio.com, August 9, 2017
Building a well-trained cyber workforce has been a challenge for the federal government, and the first step in that process is finding well-qualified candidates to fill the positions. Laura Bate, senior programming associate for New America’s Cybersecurity Initiative, said there are several factors that make that the case, but agencies do have options to overcome the obstacles.