May 21, 2024 at 07:21AM The US EPA issued an enforcement alert on safeguarding drinking water systems from cyber threats. Over 70% of water systems inspected do not comply with the Safe Drinking Water Act and have critical cyber vulnerabilities. Recommendations include reducing internet exposure, regular assessments, changing default passwords, and addressing vulnerabilities. The government … Read more
May 17, 2024 at 02:16PM The SEC will implement new data-breach reporting regulations for financial firms, aiming to modernize consumer data protection rules. The amendments require institutions to address technology risks, develop incident response programs, and notify affected individuals of any breaches. SEC Chair Gary Gensler notes the significant changes in data breaches over the … Read more
May 13, 2024 at 06:22AM In the last decade, IT and cybersecurity have seen a growing gap between front-line analysts and senior management, leading to challenges like high alert volumes and false positives. The SHQ Response Platform offers AI-driven log correlation and visualization to streamline incident investigation, leading to proactive risk mitigation and a more … Read more
May 10, 2024 at 10:24AM Ascension, a major US healthcare system, is dealing with a significant cyberattack affecting various systems, leading to disruptions and the implementation of downtime procedures. The incident, presumed to be a ransomware infection, has prompted the activation of emergency measures and the diversion of medical services. The company is working with … Read more
May 10, 2024 at 10:06AM The focus on cybersecurity is often on prevention, but breaches are inevitable, typically due to human error. To minimize damage after a breach, security leaders should: gather identity data for containment, provide temporary accounts, enforce accountability from executive level, and implement recovery strategies like incident response planning and comprehensive cybersecurity … Read more
May 9, 2024 at 02:07PM Dell confirmed a data breach on one of its portals, with information stolen from 49 million records now for sale on the dark web. The stolen data includes customer names, addresses, and Dell equipment details, but not payment info. Dell is undertaking an investigation and taking steps to protect customer … Read more
May 8, 2024 at 02:06PM The ransomware attack on Change Healthcare has underscored the vulnerability of data-rich healthcare companies to cyber theft. With ransomware attacks becoming more frequent and sophisticated, businesses must focus on cyber resilience to better prepare and recover from such incidents. Organizations should prioritize strategic readiness, prevention measures, and incident response in … Read more
May 8, 2024 at 10:06AM Security teams and SREs share common priorities including access controls, network design, observability, releases, incident response, and eliminating toil. They also have differences such as error budgets, measuring challenges, and compliance. To optimize organizational efficiency, collaboration, respect, and choosing each other’s priorities are key to leveraging their shared interests and … Read more
May 6, 2024 at 05:04AM Wichita, Kansas shut down its computer network after a ransomware attack encrypted data on certain systems. The impacted services were turned off as a containment measure. The city is conducting a thorough review to assess the situation, with first responders and law enforcement notified. Wichita has engaged with specialists to … Read more
May 1, 2024 at 10:05AM Mergers and acquisitions (M&A) are on the rise globally, with M&As in the US up 130% to $288 billion, and 56% globally to $453 billion. The exchange of sensitive data during M&As creates cybersecurity challenges, making cybersecurity critical for protecting confidential data and maintaining customer trust. A detailed cybersecurity checklist … Read more