FINANCIAL INFOSECURITY NEWSLETTER

September 2017

Credit Reporting Firm Equifax Says Data Breach Could Potentially Affect 143 million US Consumers

Todd Haselton, cnbc.com, September 7, 2017

Equifax Inc., which supplies credit information and other information services, said Thursday that a data breach could have potentially affected 143 million consumers in the U.S. The U.S. population was about 324 million as of January 1, 2017, according to the U.S. Census Bureau, which means the Equifax incident affects a huge portion of the United States.

Read More

Cybersecurity 101: How Universities are Dealing With Hackers

Alfred Ng, cnet.com, August 27, 2017

As thousands of freshmen move into their dorms for the first time, there are plenty of thoughts rushing through their minds: their first time away from home, what cringy nickname they’re gonna try to make a thing, if there are any parties before orientation kicks off.

Read More

August 28 Deadline Nears for 23 NYCRR 500: Can You Pass the Compliance Test?

Zackery Mahon, deltarisk.com, August 11, 2017

Less than three weeks remain for New York financial service companies to meet the initial cyber 23 NYCRR 500 security requirements set forth by the New York Department of Financial Services (NYDFS). As part of a series of rolling deadlines, August 28 is the first major deadline. In our first blog, we discussed which covered entities must comply.

Read More

NICE Cybersecurity Workforce Framework Focuses on Education

Elizabeth Snell, healthitsecurity.com, August 11, 2017

The National Initiative for Cybersecurity Education (NICE) released a Cybersecurity Workforce Framework to help organizations in various sectors educate and train staff members in needed cybersecurity measures. Entities will also have guidance on workforce development and planning that can be catered to their individual operations.

Read More

IRS Warns of Emails Spreading Ransomware

Catalin Cimpanu, bleepingcomputer.com, August 29, 2017

The Internal Revenue Service (IRS) is warning US citizens of a new phishing scheme that poses as official IRS communications in the hopes that victims access a link, download a file, and hopefully get infected with ransomware.

Read More

Cyber Security Basics Still a Component in Managing Digital Risks

Mekhala Roy, searchcio.techtarget.com, August 31, 2017

What is the key takeaway from the report? Kate Kuehn: For me, the report was really a call back to the basics in a world where we talk about a digital revolution, about the fast pace of change and about how companies are really transforming.

Read More

8 Top Cyberattack Maps and How to Use Them

Steve Ragan, csoonline.com, August 21, 2017

Cyber-attack maps can be fun to look at, but are they useful? As usual, when it comes to security context is key, so CSO looked at eight of the web’s most popular cyber-attack maps. While the maps themselves are mostly eye candy with limited context, there are some creative ways they can be used.

Read More

Why the Honor Code Among Hackers Has Broken Down

Jeff John Roberts, fortune.com, August 26, 2017

The honor code among hackers has broken down. That’s the opinion of Christopher Ahlberg, the CEO of Recorded Future, a company that places moles in chatrooms where cyber-criminals gather, and uses machine learning to predict attacks. Over lunch in New York, Ahlberg explained that professional hackers will spy, steal, or deface a target’s computer systems.

Read More

Petya Ransomware: Cyberattacks Cost Could Hit $300M for Shipping Giant Maersk

Danny Palmer, sdnet.com, August 16, 2017

Falling victim to the global Petya cyberattack is set to cost Maersk, the world’s largest container ship and supply vessel operator, up to $300m in lost revenues. The Danish transport and logistics conglomerate — which has offices in 130 countries and almost 90,000 employees — revealed predicted losses due to the ransomware infection in its second quarter financial report.

Read More