February 15, 2024 at 10:04AM The traditional model of cybersecurity, focused on reactive threat detection, is no longer sufficient due to the complexity of modern cyber threats. A shift is occurring towards proactive strategies such as User and Entity Behavior Analytics (UEBA) and a focus on data flow to identify anomalies and potential security risks. … Read more
February 15, 2024 at 08:29AM Due to increased SEC regulations, companies are under pressure to enhance transparency and speed up breach disclosure in cybersecurity reporting. Boards are demanding more rigorous tracking of KPIs and KRIs, operational metrics, and asset and security performance indicators. The book, “The Cyber Savvy Boardroom,” co-authored by Homaira Akbari and Shamla … Read more
February 14, 2024 at 04:14PM Prudential Financial disclosed a data breach after detecting unauthorized access to its systems by a cybercrime group. The move is seen as a proactive response to the new SEC incident-disclosure rules. While the impact is yet to be determined, experts suggest it’s a strategic effort to mitigate reputational and financial … Read more
February 12, 2024 at 10:06AM Regularly re-evaluating third-party risk assessments enhances security and prevents potential headline-grabbing incidents for your company. The key takeaway from the meeting notes is that continuously evaluating and updating third-party risk assessment is crucial for improving security posture and avoiding headline-making incidents for the company. Full Article
February 12, 2024 at 07:53AM The Caravan and Motorhome Club (CAMC) is still uncertain about whether members’ data was stolen in a January cyberattack. Forensic investigation has not confirmed data access, but potentially compromised information includes names, addresses, policy details, and personal claims data. CAMC aims to directly notify affected members and advises precautionary measures … Read more
February 11, 2024 at 07:21AM Cohesity will acquire Veritas’ data protection business, creating a $7 billion security and management giant. The combined entity, led by Cohesity’s Sanjay Poonen, is projected to have over $1.6 billion in revenues with an expected close by the end of 2024. A separate company called DataCo, led by Lawrence Wong, … Read more
February 9, 2024 at 05:59PM Hyundai Motor Europe and SEIU Local 1000 in California both suffered cyberattacks last month, resulting in data loss. Black Basta claimed to have stolen 3TB of data from Hyundai, while LockBit took 308GB from the union. Both organizations are working with cybersecurity experts to investigate and enhance network security. The … Read more
February 8, 2024 at 05:02PM A fake LastPass app by someone impersonating the real company made it into the iOS App Store, attempting to deceive users. LastPass took swift action to have it removed, and is working with Apple to understand how it passed their security checks. Users are advised to carefully check app details … Read more
February 8, 2024 at 12:06PM The official password manager LastPass is warning users about a fake version of its app on the Apple App Store used for phishing. The fraudulent app named ‘LassPass’ mimics the original but has only one rating, compared to the real app’s 52 thousand. LastPass is working to take down the … Read more
February 7, 2024 at 07:12PM Proposed changes to US government procurement rules would require IT service organizations to provide full access to their systems in the event of a security incident. These requirements, developed by DoD, GSA, and NASA, have faced criticism from industry respondents who find them burdensome and inconsistent with other reporting rules. … Read more