Seven Steps to Stay Safe Online in the Workplace

By: Gwenn Barney

Ensuring the online safety and security of a workplace is only possible through the joint efforts of all the employees using a company’s computer systems. The failure to maintain a secure network environment can result in direct financial losses and expose a business to liability. The seven tips below can be used to keep your work files and network safe, whether working in the office or from home. …

Five Steps to Make Your Home More Cyber Secure

By: Michael Jervis

October has been designated National Cyber Security Awareness Month by the Department of Homeland Security, and in the first week of the month we are focusing on developing good cybersecurity habits in our most personal spaces – our homes. Most of us are aware that in the age of nearly ubiquitous WiFi, as well as the near-constant presence of mobile phones, the cyber world extends into our living rooms, bedrooms and kitchens. Anywhere the internet reaches, so do the cyber threats. The seemingly constant stream of news about cyber threats and attacks can seem daunting, but there are several things we can all do in as little as a few hours that will go a long way to staving off many of the most common threats. …

How a Cybersecurity Antitrust Dispute Could Undermine Confidence in Cybersecurity Products

By: Sedgwick Jeanite

Three of the biggest names in the cybersecurity world, CrowdStrike, Inc., Symantec Corporation and ESET, LLC have been named as defendants in an antitrust lawsuit that alleges they conspired to hamper independent reviews of their antivirus products. A fourth defendant in the action is Anti-Malware Testing Standards Organization, an organization formed in 2008 to develop the first official standards for anti-malware testing. Ordinarily, customers pay attention to antitrust litigation because the outcome may have some financial impact on the price for products. However, in this day and age, where cybersecurity is extremely important to every company, the facts alleged in this antitrust lawsuit could undermine consumers and customers’ confidence in certain cybersecurity products. …

Five Questions (And Possible Good Answers) Boards of Directors Should Ask About Cybersecurity

By: Joshua Mooney and Kate Woods

Data privacy and security can feel overwhelming for a company’s executive management. Unfortunately, that overwhelming feeling can prevent constructive dialogue and action toward improving a company’s cybersecurity program. Recently, the U.K.’s National Cyber Security Centre (NCSC) issued what it called a “Board toolkit” – five questions a board of directors should ask and know the answers to regarding its company’s cybersecurity. …

Significant Vulnerability Discovered in Software Platform Serving Close to 2,000 Banks

By: Michael Jervis

KrebsOnSecurity recently reported a vulnerability found in perhaps little-known but widely used financial services software which powers the websites of thousands of banks. The exposure allowed even a mildly clever user to view financial account details for accounts that did not belong to the user. …

Talking ‘Bout A (Healthcare Economy) Revolution

By: Rick Borden and Kate Woods

On August 13, 2018, the Centers for Medicare and Medicaid Services (CMS) held the Blue Button 2.0 Developer Conference in Washington, D.C., a gathering of leading healthcare and technology business and thought leaders. Over 350 organizations were represented, from Fortune 500s, to electronic health record companies (EHRs),  and startups. Why were they there? What were they talking about? And what were their lofty goals? …

Data Breach Report Reveals Cost Saving Measures for Companies

By: Josh Mooney and Michael Jervis

The Ponemon Institute has released a recent report concluding, among other things, that the cost to a company suffering a data breach in the U.S. has risen eight percent year-on-year from 2017. The total cost of the average breach has reached a staggering $8 million. Perhaps more important, however, is the report’s conclusion that organizations which took proactive measures drastically reduced the cost of a breach. Not surprisingly, costs of a breach were the highest in the U.S. compared to other jurisdictions. Also not surprising is that organizations in the healthcare industry generally suffer higher costs than other organizations—three times higher than the average cost. Information used to compile the report came from interviews with over 2,000 IT and data protection professionals. …

New York’s Cyber Regulations Now Apply to Credit Reporting Agencies

By: Josh Mooney and Emma Bechara

On June 25, 2018, the New York Department of Financial Services (NYDFS) issued a final regulation that requires any credit reporting agency (CRA) with “significant operations” in New York to register with the NYDFS and comply with the NYDFS cyber regulations under Part 500. CRAs must register by September 15, 2018. Significantly, as outlined below, CRAs also must begin complying with New York’s cyber regulations as early as November 1, 2018 – i.e., in four months. …

Supreme Court Alert: The Government Must Obtain a Warrant for Cell-Site Records

By: Jay Shapiro

Earlier this morning, the Supreme Court of the United States issued its long-awaited ruling in Carpenter v. United States. The question answered by the Court was “whether the Government conducts a search under the Fourth Amendment when it accesses historical cell phone records that provide a comprehensive chronicle of the user’s past movements.” In its decision, the Court acknowledged that it was applying the Fourth Amendment “to a new phenomenon” – tracking a person’s past movements through the record of his cell phone signals. The Court found that the acquisition of this information required, in most instances, a warrant supported by probable cause. …

No Coverage for Seafood Importer Netted in Phishing Scam

By: Josh Mooney

On April 16, 2018, Beazley Group issued a report highlighting increased attacks on Microsoft’s cloud-based business products and services. The report stated that successful attacks typically are achieved by tricking employees into opening spoofed emails with malicious links or fraudulent instructions to credential harvest. These attacks allow hackers entry into the insured’s system, where they can search for personal information and bank records to initiate wire transfers or redirect payments to hacker-controlled bank accounts. …

Copy link
Powered by Social Snap