Preparedness & Cyber Risk Reduction Part Four: Awareness and Operational Training

In our ongoing series on Preparedness & Cyber Risk Reduction, we’ve discussed an “Introduction to the Preparedness Cycle” and we’ve explored the topics of preparedness and operational planning, and organizing and equipping. In our sustained effort to reduce risk through proper preparedness, we’ll tackle the next critical step in the Preparedness Cycle — training. To… Read More

Weekly Cyber Risk Roundup: Industroyer Malware and Fines for Delayed Breach Notification

Ukrainian power utility Ukrenergo was back in the news as the top trending cybercrime target after researchers analyzed new samples of a destructive malware, dubbed “Win32/Industroyer,” which they said was likely used in the December 2016 attack against the Ukrainian power grid. “Industroyer is a particularly dangerous threat, since it is capable of controlling electricity… Read More

Preparedness & Cyber Risk Reduction Part Three: Organize & Equip

In Parts One and Two of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks and preparedness, as well as a slightly deeper look into planning — both preparedness and operational planning — to minimize the likelihood and impacts of the undesired threats that have the potential to… Read More

Weekly Cyber Risk Roundup: ‘Staggering’ Amount of Data Exposed and Hacks Lead to Fake News

Organizations are making it easy for cybercriminals by putting vast amounts of sensitive data at risk due to improper security configurations, various researchers recently warned, and this past week saw several new data breaches announced due to the public exposure of sensitive customer, patient, and other internal data. The first warning came from Appthority, which… Read More

TheDarkOverlord Targets Entertainment Sector with Leak of Unaired ABC Show

On Monday, the extortion group known as TheDarkOverlord released the first eight episodes of ABC’s soon-to-be-aired television show “Steve Harvey’s Funderdome” on the torrent site The Pirate Bay. The leak of the ABC show follows a similar failed extortion attempt and subsequent leak of the first ten episodes of Netflix’s upcoming season of “Orange is the… Read More

Weekly Cyber Risk Roundup: Chipotle and Kmart Announce POS Breaches

Payment card breaches were back in the news this week as both Chipotle and Kmart announced point-of-sale breaches affecting a number of locations. The Chipotle incident, which was first disclosed on April 25, appears to be the larger of the two breaches. A recent company update on the breach said it now includes most of… Read More

Preparedness & Cyber Risk Reduction Part Two: Preparedness and Operational Planning

In part one of this blog series, “Introduction to the Preparedness Cycle,” we took a general look at threats, risks, and preparedness. Recognizing that there will be undesired threats that develop into disruptions and other “unwanted outcomes” impacting our organizations’ people, information, operations, and/or facilities, we want to be ready and resilient — ideally preventing… Read More

Monitoring Your Digital Risk Footprint: Q&A with a Former CISO

The digital footprints of many organizations are expanding, and with that expansion comes more avenues of attack for cybercriminals to exploit. The past few years have seen organizations having to manage more devices, more social media channels, and more customer service features — in addition to the increased interconnection and sharing of data with partners, vendors,… Read More

Weekly Cyber Risk Roundup: More W-2 Breaches and Upcoming GDPR Challenges Organizations

Stolen W-2 information was back in the news this week due to reports of another W-2 breach as well as new data from IRS officials on the threat. The latest breach involves TALX, an Equifax subsidiary that provides online payroll, HR and tax services. KrebsOnSecurity reported that an undisclosed number of customers were affected when… Read More

Weekly Cyber Risk Roundup: WannaCry Updates and Sensitive Leaks Continue

WannaCry remained as the week’s top trending cybercrime target as organizations continued to deal with the fallout from being infected and researchers uncovered more information on the ransomware. On Friday, a Kaspersky Lab researcher tweeted that machines running Windows 7 were the most impacted by WannaCry, accounting for more than 97 percent of total infections… Read More