63,341 customers impacted in Blue Shield of California data breach

U.S. healthcare giant Blue Shield of California confirmed more than 63,000 customers may have been affected by a recent ransomware attack.

from Cybersecurity News https://ift.tt/OpFlK67

Experts weight in on CIRCIA one year later

It has been a year since CIRCIA was signed into law by President Biden and security leaders are sharing their thoughts on the legislation.

from Cybersecurity News https://ift.tt/N02TmgY

Biden Administration addresses potential commercial spyware risks

An executive order was signed by President Biden prohibiting the use of commercial spyware that pose risks to national security or human rights. 

from Cybersecurity News https://ift.tt/CBIeRMu

CISA MTS Guide may enhance critical infrastructure resilience

A CISA guide may improve relationships between stakeholders and partners who may not traditionally be involved in a port resilience assessment. 

from Cybersecurity News https://ift.tt/Chxaos9

U.S. announces $25M to bolster Costa Rica’s cybersecurity

The U.S. and Costa Rica will collaborate on cybersecurity with the U.S. planning to provide $25M to strengthen Costa Rica’s digital infrastructure.

from Cybersecurity News https://ift.tt/4tLIjqW

Report: 58% of victim organizations don’t have MFA enabled

A new report reveals a turbulent year in the threat actor community as Russia’s invasion of Ukraine disrupted the operations of top ransomware groups.

from Cybersecurity News https://ift.tt/D6yCLUG

17% of security leaders consider cybersecurity team fully-staffed

Security leaders' perception of their cyber resilience was analyzed in a study by Immersive Labs finding that teams aren't fully prepared for threats.

from Cybersecurity News https://ift.tt/qZLk9Ez

DNV appoints Anette Roll Richardsen as Director of Cybersecurity

Anette Roll Richardsen has been appointed as Director of Cybersecurity for Norway-based DNV to safeguard against risks to critical infrastructure.

from Cybersecurity News https://ift.tt/uKcCSO8

J.P. Morgan to utulize biometric-based payments

A new biometric payment system will be rolled out by J.P. Morgan including palm and face identification for payment authentication in-store. 

from Cybersecurity News https://ift.tt/shamxej

51% of users admit to resetting forgotten passwords once a month

Research highlights current shifts in identity management including passwordless authentication and personally identifiable information ownership.

from Cybersecurity News https://ift.tt/DMSFmf0

Report shows top transport cyber threats in EU

A new report by the European Union Agency for Cybersecurity reveals ransomware attacks are the most prominent threat facing the transport sector.

from Cybersecurity News https://ift.tt/m4L96KU

Susan Ferensic named WMDD Assistant Director at FBI

Susan Ferensic has been named as the assistant director of the Weapons of Mass Destruction Directorate (WMDD) at FBI Headquarters.

from Cybersecurity News https://ift.tt/Af4JLiF

Ransomware cases saw a 26% year-over-year decline

New research reveals a year of turbulence within the threat actor community due to international conflicts and enhanced attack methods.

from Cybersecurity News https://ift.tt/XcRpm1Z

Philadelphia warns citizens against tax-based phishing attacks

In response to the IRS warning against tax-based phishing attempts, the city of Philadelphia released cybersecurity recommendations to protect data.

from Cybersecurity News https://ift.tt/fXwzYou

Security leaders discuss CISA access management best practices

The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) has released access management best practices.

from Cybersecurity News https://ift.tt/x1TXh7C

13 new members join CISA's Cybersecurity Advisory Committee

Earlier this week 13 new members were appointed to the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Advisory Committee (CSAC).

from Cybersecurity News https://ift.tt/5bdowfr

48% of security leaders hesitant to adapt to post-quantum algorithms

According to research, the rise of machine identities has created visibility and management challenges for public key infrastructures (PKI).

from Cybersecurity News https://ift.tt/NK8rXUO

Digital fraud surpasses pre-pandemic levels

According to research, the pivot to digital transactions during the pandemic means the risk of digital fraud is greater than it was pre-pandemic.  

from Cybersecurity News https://ift.tt/zAw4Dhn

7 tips to combat government data breach risks

Cybercrime is transitioning from targets of opportunity to focused targets of choice and the shift is bad news for government agencies.

from Cybersecurity News https://ift.tt/PKTjmCb

80% of security leaders predict increase in cybersecurity automation

Research finds that security leaders are dissatisfied with the use of automation within their company's security operation centers (SOCs).

from Cybersecurity News https://ift.tt/vTU0rMd

As data privacy gets stricter, is zero trust the answer?

How should security leaders implement zero trust? Find out more in this Security podcast episode featuring Mark Ruchie, CISO at Entrust.

from Cybersecurity News https://ift.tt/HPlkg7T

Ransomware attack exposed Ferrari customer data

Italian car manufacturer Ferrari confirmed this week it was the target of a cyberattack with a ransom demand related to certain client contact details.

from Cybersecurity News https://ift.tt/Ju29Gmv

Department of Commerce regulates CHIPS program funding

Rules have been proposed for the CHIPS Incentives Program by the Department of Commerce to ensure funded technology is not used for malign purposes.  

from Cybersecurity News https://ift.tt/GhqkFWl

Experts warn of healthcare sector cybersecurity risks

The healthcare sector continues to face a significant increase in cybersecurity threats putting patients’ lives and personal data at risk. 

from Cybersecurity News https://ift.tt/QIMFuh9

SEC issues new cybersecurity requirements for risk management

The SEC has issued new cybersecurity risk management requirements. The requirements will apply to sectors collectively labeled as "Market Entities".

from Cybersecurity News https://ift.tt/nwR4PAu

CISA starts ransomware vulnerability pilot program

CISA announces the Ransomware Vulnerability Warning Pilot to help determine vulnerabilities commonly associated with known ransomware exploitation.

from Cybersecurity News https://ift.tt/OwF6NI1

Will AI replace humans in phishing attacks?

Recent research from Hoxhunt analyzed effectiveness of ChatGPT-generated phishing attacks showing people are still better at deceiving other people.

from Cybersecurity News https://ift.tt/GJuiZCM

Senators write letter to CISA over drone manufacturer concerns

A group of senators led a bipartisan effort to urge CISA to assess the potential national security risks associated with a drone manufacturer.

from Cybersecurity News https://ift.tt/v0SlQDM

Gareth Lindahl-Wise named Ontinue CISO

Ontinue, the managed detection and response division of Open Systems, announced Gareth Lindahl-Wise as its new Chief Information Security Officer.

from Cybersecurity News https://ift.tt/OhWjI6q

CISA, Girl Scouts joins forces to close cybersecurity gender gap

With a focus on working toward closing the gender gap in cybersecurity, CISA and Girl Scouts of the USA formalize collaboration efforts.

from Cybersecurity News https://ift.tt/D8adxrv

Portable health device company suffers data breach

ZOLL Medical has notified its customers of a data breach affecting customers' protected health information (PHI) that occurred in late January.  

from Cybersecurity News https://ift.tt/5lgt2im

Department of State receives funding for semiconductor development

The Department of State implements new funding to address security objectives through new programs and initiatives for semiconductor development.

from Cybersecurity News https://ift.tt/ijzUQ7L

NSA releases information for advancing zero trust

To help improve threat prevention, the NSA released the Advancing Zero Trust Maturity throughout the User Pillar Cybersecurity Information Sheet.

from Cybersecurity News https://ift.tt/2TvZ4A6

Greg Day hired as Cybereason VP and CISO

Greg Day has been hired by Cybereason as the Vice President and Global Field Chief Information Security Officer (CISO) for the EMEA region.

from Cybersecurity News https://ift.tt/VIx1DAv

57% of financial firms at risk of data breach due to mismanaged data

Research reveals 57% UK financial services sector senior executives say their organization is at risk of a data breach because data is mismanaged.

from Cybersecurity News https://ift.tt/lWfDVty

Antwan D. Banks hired as NMFTA Director of Enterprise Security

Antwan D. Banks has been hired as Director of Enterprise Security for the National Motor Freight Traffic Association to defend trucking cybersecurity.

from Cybersecurity News https://ift.tt/nDimBkh

Financial services DDoS resilience starts with understanding attack surface

The recent attack on Danish Bank shows what can happen when organizations need more awareness of vulnerabilities and evolving DDoS attack surface. 

from Cybersecurity News https://ift.tt/sYlSiT5

88% of breached passwords are 12 characters or less

A recent study of 800 million breached passwords found that 88% of passwords used in successful cyberattacks were 12 characters or less.

from Cybersecurity News https://ift.tt/VdOXvIf

Blackbaud settles with SEC over misleading ransomware information

Blackbaud has agreed to settle SEC charges due to misleading information regarding the extent of a ransomware attack the company suffered in 2020.

from Cybersecurity News https://ift.tt/CAjIthm

31% of organizations had users fall for phishing attack

The 2023 Security 360: Annual Trends Report by Jamf examines the top security threats that impact devices used in the modern workplace. 

from Cybersecurity News https://ift.tt/xY3obQZ

EPA stresses the need for improved water cybersecurity

The EPA is stressing the need to improve the cybersecurity of drinking water systems to better defend critical infrastructure from cyberattacks.

from Cybersecurity News https://ift.tt/9sAXZ3L

Anti-theft software solution developed for Hyundai and Kia users

Theft deterrent software has been developed by Hyundai and Kia following online videos detailing how to start and steal the vehicles without a key.

from Cybersecurity News https://ift.tt/0uXLkCZ

New Cyber Reports & Initiatives Target Key Vulnerabilities

Two recently released reports highlight the increasing challenges faced by security practitioners, particularly those who have larger and more integrated systems between their IT and OT environments.

from Cybersecurity News https://ift.tt/ED3ZJbX

Senators introduce foreign technology legislation

The RESTRICT Act was introduced to Congress to address the potential threat of technology from foreign adversaries to improve national cybersecurity.

from Cybersecurity News https://ift.tt/axEXPtI

Security leaders discuss how to make space for women in the workplace

For the 113th International Women’s Day, Security Magazine is sharing stories and suggestions from women in security leadership positions. 

from Cybersecurity News https://ift.tt/vyV1tdo

3 ways to support women in the cybersecurity field

Shikha Kothari, Principal Security Advisor at Eden Data, shares strategies for cybersecurity leaders to create supportive work environments for women.

from Cybersecurity News https://ift.tt/g8oiETk

David Dunn named Chief Information Security Officer at Kroll

David Dunn has been appointed as Kroll’s Chief Information Security Officer (CISO). Dunn succeeds Wayne Peterson, who recently retired.

from Cybersecurity News https://ift.tt/XZ0aJmV

Legislation introduced to protect personally identifiable health data

The UPHOLD Privacy Act was introduced to the Senate to prevent companies from profiting off of identifiable health data for advertising purposes. 

from Cybersecurity News https://ift.tt/ZhNs0EW

Keith Anderson named CISO at JetBlue

Keith Anderson has been named CISO at JetBlue. Anderson will work to ensure the company’s data, systems and other assets remain protected.

from Cybersecurity News https://ift.tt/Vk01fQA

Cloud exploitation grew by 95% in 2022

A global threat report analyzed the trends and behaviors of recent cyberattacks finding that attacks had increased in both number and complexity. 

from Cybersecurity News https://ift.tt/vOVpAjz

FTC orders BetterHelp to end use of health information for advertising

Online counseling service BetterHelp has received a proposed order from the FTC banning the company from sharing users' private health information.

from Cybersecurity News https://ift.tt/ZCG5Pu8

Over 50% of personal devices were exposed to a mobile phishing attack

According to a recent report, mobile phishing is on the rise with 2022 having the highest percentage of mobile phishing encounter rates.

from Cybersecurity News https://ift.tt/uTtXgGQ

Security leaders share thoughts on Biden's cyber strategy announcement

Security leaders share thoughts on the National Cybersecurity Strategy released by the Biden Administration, designed to expand and improve standards.

from Cybersecurity News https://ift.tt/CRFmPZj

1 year of war: From weaponizing Ukraine to Russia's outsourced cyber war

In Episode 14 of the Cybersecurity & Geopolitical Podcast from Security magazine, hosts Ian Thornton-Trump and Philip Ingram assess the Russia-Ukraine conflict.

from Cybersecurity News https://ift.tt/9qvWbD8

Research found 53% gap between best and worst email security solutions

A recent report analyzed medium and small businesses' email security solutions' popularity and incidence defense between 2018 and 2022.   

from Cybersecurity News https://ift.tt/DwQjGBT

Thirty-one percent of former employees still have company SaaS access

SaaS report quantifies the volume, types and exposure risk of business assets stored within the SaaS estates of medium and large companies. 

from Cybersecurity News https://ift.tt/UAiwLcP