Cyber News & Resources
US News
The Uber Data Breach Conviction Shows Security Execs What Not to Do
Former Uber security chief Joe Sullivan’s conviction is a rare criminal consequence for an executive’s handling of a hack. Uber’s Former chief security officer, Joe Sullivan, was found guilty this week of actively hiding a data breach from the US Federal Trade Commission (FTC) and concealing a felony. The case has reverberated through the security and tech worlds because it is seemingly the first time that an individual executive has faced criminal prosecution for charges related to a data breach against the executive’s company. READ ARTICLE »
US News
InfoSec Institute, November 10, 2020 — 55 federal and state regulations that require employee security awareness and training. Humans are repeatedly described as the weakest link in the cybersecurity chain. We are highly susceptible to falling for phishing attacks, social engineering schemes, and other deceptive attempts. Some businesses are putting more effort into their cybersecurity training programs, but does the law require cybersecurity training? No matter your industry, many laws and mandates require employees to receive some level of cybersecurity training. If applicable, these laws and mandates also dictate tracking requirements. Audits happen, so you need to track and document your training program.
Global News
Optus: How a massive data breach has exposed Australia
Last week, Australian telecommunications giant Optus revealed about 10 million customers – about 40% of the population – had personal data stolen in what it calls a cyber-attack.
Some experts say it may be the worst data breach in Australia’s history.
But this week has seen more dramatic and messy developments – including ransom threats, tense public exchanges and scrutiny over whether this constituted a “hack” at all.
European Business Magazine, Feb. 24, 2021 — Over half (51%) of businesses suffered a cyberattack during the pandemic in 2020, according to the report Mind the Gap published by the Chartered IIA, based on research carried out during lockdown across all sectors, looking at cybersecurity risk. Internal auditors reported that the most significant barriers to implementing better cybersecurity practices during the pandemic were competing priorities (48%), employees working remotely (42%), and insufficient budget (28%).
- 60% of these board members think they may have been breached without them knowing
- 73% consider themselves at risk from cybercrime
- Only 31% believe their security strategy will protect them from a cyberattack
- 21% of businesses failed to have any cybersecurity plan in place.
READ ARTICLE »
Resources
Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA)
Since 2004, the President of the United States and Congress have declared October to be Cybersecurity Awareness Month, helping individuals protect themselves online as threats to technology and confidential data become more commonplace. The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCA) lead a collaborative effort between government and industry to raise cybersecurity awareness nationally and internationally.