According to the most recent Notifiable Data Breaches Report published by the Office of the Australian Information Commissioner (OAIC) data breaches rose considerable in the most recent quarterly reporting period.
Some say first impressions aren’t everything, and in many cases first impressions can be wrong. But they certainly are powerful, and bad first impressions can be difficult to overcome. This is true for friendships, dating, potential business partners, and more.
While the early promises in the move to cloud computing promised to simplify cloud management and security, and in many ways these promises have been kept. However, in other ways, cloud environments have increased security complexity. In fact, according to a recent survey, 84% of security professionals report that their organizations struggle to maintain secure cloud configurations.
When it comes to enterprise data, it’s employees that create some of the biggest risks, yet they still hold a considerable amount of trust from senior cybersecurity and business leaders. That’s the dislocated findings from the 2019 Global Data Exposure Report, conducted by Forrester Consulting and commissioned by data loss protection software maker Code42.
Banks, like most industries, are undergoing profound digital transformations. They’re trying to compete, lower business risk, and cut costs from their business operations.
As we’ve recently covered, cybersecurity in financial services is having a challenging time keeping up with the rate of technological change. A survey conducted by the Ponemon Institute (on behalf of electronic design automation and software security company Synopsys) found that more than half of the financial services companies they surveyed suffered data breaches or system downtime due to attack.
Periodically the Cloud Security Alliance publishes a report of the top threats to cloud computing. These reports hope to increase the awareness of risks to cloud computing. What’s interesting this year is that certain threats, including denial of service, shared technology vulnerabilities, and cloud service provider data loss and system vulnerabilities were ranked so low in a survey that they didn’t make the new report. They were all included in the Cloud Security Alliances previous report, the Treacherous 12.
There have been plenty — too many — breaches involving federal agencies over the years. Way back in 2006, a breach at the U.S. Department of Veterans Affairs affected 26.5 million people. In 2009, it was the National Archives and Records Administration that was hit and that breach affected 76 million. In one of the worst and most damaging breaches of all time, the U.S. Office of Personnel Management (OPM) affected 21.5 million federal employees and contractors, and breached the information included in security clearances, such as background investigation data and associated person data. Most recently, the U.S. Customs Agency fell victim to an attack and photos and other personal information collected by U.S. Customers and Border Patrol was leaked.
One might think financial institutions, such as banks, would have formidable levels of application security. Unfortunately, if one thought that, one would be wrong. According to an analysis by application security vendor ImmuniWeb, a startling 97 out of 100 of the world’s largest banks are vulnerable to web and mobile attacks.
Commercial law firm Reynolds Porter Chamberlain LLP says that the average fine levied by the Information Commissioner’s Office rose 14% in the year since the introduction of GDPR, increasing from £125,000 in 2017/18 to £143,000 in 2018/19.
Risk management firm LexisNexis Risk Solutions, in conjunction with Information Security Media Group (ISMG), recently announced the results of an online survey they conducted to identify current trends in healthcare cybersecurity. The survey is based on responses from more than 100 participants working within including hospitals, physician group practices and payers. The survey was conducted over the spring of 2019.
Phishing attacks strike again. Last week, Nemadji Research Corp., which does patient eligibility and billing services work for the Los Angeles County Department of Health Services, discovered that they’d been breached by a phishing attack. The attack enabled the criminals to gain access to the medical records of nearly 15,000 patients.
