June 12, 2024 at 12:19PM The White House report revealed that cybersecurity incidents reported by US federal agencies increased by 9.9% to 32,211 in 2023. Improper usage and phishing were the most common incidents. Despite the rise in attacks, none were classified as “high” impact. The report also detailed major incidents at various agencies, including … Read more
May 22, 2024 at 12:40PM The SEC has clarified guidelines for public companies regarding ransomware and cybersecurity incident disclosures. Public firms must report “material” cyber intrusions under Form 8-K, Item 1.05. For immaterial incidents or those lacking a materiality determination, use Form 8-K, Item 8.01. SEC aims to help investors distinguish between the two for … Read more
May 9, 2024 at 12:40PM The Government of British Columbia is investigating multiple cybersecurity incidents affecting its networks. Premier David Eby stated that sensitive information had not been accessed, and an ongoing investigation is assessing the impact. The government is working with the Canadian Centre for Cyber Security to determine their extent and enhance data … Read more
April 5, 2024 at 09:58AM Panera Bread’s recent week-long outage was caused by a ransomware attack, leading to encrypted virtual machines and preventing access to data and applications. Panera has not identified the responsible ransomware group and has not responded to inquiries about the incident. Employees expressed concerns about the company’s lack of transparency regarding … Read more
January 25, 2024 at 05:06PM The airline industry faces pervasive challenges such as delayed flights, lost luggage, and cybersecurity incidents. The complex mix of legacy and new technology in aviation creates security vulnerabilities, with cyber events on the rise. To address these issues, Cathay Pacific replaced its outdated infrastructure with a SASE solution, enhancing security … Read more
January 25, 2024 at 10:03AM The role of the Chief Information Security Officer (CISO) is evolving, with increased accountability and personal legal responsibility. Cybersecurity industry leaders need to understand the implications of recent cases, ensure high-integrity organizations, anticipate changing accountability rules, and be constantly vigilant. Proactive involvement and collaboration are vital for the CISO’s success … Read more
January 8, 2024 at 01:29PM Threat actors are targeting medical institutions through “swatting,” a form of pressure tactic involving fake bomb threats to force hospitals to pay ransom demands. Intrusions at Fred Hutchinson Cancer Center and Integris Health illustrate the escalation in cyber-extortion tactics. It remains to be seen whether these measures will yield ransom … Read more