2019 and Cyber Risk - Cyber Security Informer

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

The Last Watchdog

MARCH 14, 2019

So they began inundating their third-party suppliers with “bespoke assessments” – customized cyber risk audits that were time consuming and redundant. I had the chance to visit with CyberGRX CEO Fred Kneip at RSA 2019 at San Francisco’s Moscone Center last week. For a full drill down, please listen to the accompanying podcast.

Cyber Risk

Cyber Risk Risk Digital transformation Accountability

Seeds of Destruction: Cyber Risk Is Growing in Agriculture

The Security Ledger

MAY 4, 2021

In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production. Read the whole entry. »

Cyber Risk

Cyber Risk Risk Digital transformation InfoSec

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Cyber Risk

Cyber Risk Risk Financial Services Banking

6 steps for third-party cyber risk management

CSO Magazine

SEPTEMBER 30, 2021

Many organizations transact with hundreds of third-party partners, according to EY’s Global Third-Party Risk Management Survey 2019-2020 , a trend that PwC finds shows no sign of slowing, even as the risks increase.

Cyber Risk

Cyber Risk Risk Cybersecurity

Public companies may not grasp responsibility to investors in sharing info on cyber risk

SC Magazine

MARCH 5, 2021

Publicly traded companies must start disclosing more “actionable” information to shareholders and regulators around their cyber risks and vulnerabilities. A 2019 study from McKinsey on cybersecurity in the boardroom found widespread confusion and dissatisfaction from executives about how digital threats are reported and explained.

Cyber Risk

Cyber Risk Risk Data breaches Cyber threats

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

Furthermore, from 2019–2023E, approximately USD 5.2 trillion in global value will be at risk from cyberattacks. IBM found that the average time to identify a breach in 2019 was 206 days. The figures vary with Verizon reporting 21%, IBM reporting 24% and Cybsafe reporting 90% in 2019. billion by 2022. But know this.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

RiskLens Fast Facts on Cyber Risk for Retailing – Wawa Data Breach

Security Boulevard

AUGUST 25, 2022

In July, 2022, Wawa, the convenience store/gas station operator, agreed to pay up to $8 million to attorneys general for seven states and the District of Columbia, to settle a lawsuit over the breach in 2019 of PCI that compromised about 34 million credit cards.

Cyber Risk

Cyber Risk Retail Data breaches Risk

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

The Last Watchdog

FEBRUARY 3, 2020

.” Related: Cyber warfare enters Golden Age In fact, strategic cyber operations essentially pitting Russia and Iran against the U.S. and Saudi Arabia have been steadily escalating for at least the past decade, with notable spikes in activity throughout the course of 2019. As geopolitical tensions between the U.S.

Energy and Utilities

Energy and Utilities Malware Hacking Passwords

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

The Last Watchdog

DECEMBER 5, 2019

I’m privileged to share news that two Last Watchdog articles were recognized in the 2019 Information Management Today MVP Awards. I’ve never done stories to win awards. I find gratification communicating intelligible insights that foster understanding about topics that affect the way we live.

IoT

IoT Cyber Risk Internet Internet

Apple Phone Phishing Scams Getting Better

Krebs on Security

JANUARY 3, 2019

Jody Westby is the CEO of Global Cyber Risk LLC , a security consulting firm based in Washington, D.C. 2, 2019: What Westby’s iPhone displayed as the scam caller’s identity. the day before, but she didn’t answer that call).

Scams

Scams Phishing Cyber Risk Engineering

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

SecureWorld News

MAY 27, 2021

Here are three examples from the new report: "In 2019, a NASA contract employee used a personal computer to access NASA-owned networks and systems to mine cryptocurrency.". "In

Cyber Risk

Cyber Risk Risk Architecture Cyber threats

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

The Last Watchdog

MAY 2, 2019

Small and midsize businesses — so-called SMBs — face an acute risk of sustaining a crippling cyberattack. This appears to be even more true today than it was when I began writing about business cyber risks at USA TODAY more than a decade ago. I had the chance at RSA 2019 to discuss the SMB security landscape at length with Gill.

Risk

Risk Cyber Risk Cyber threats Banking

Pearson agreed to pay $1 million for 2018 Data Theft

CyberSecurity Insiders

AUGUST 17, 2021

To deteriorate the cyber risk, Pearson filed an annual review report in July 2019 saying there was a significant possibility of student Dobs and email addresses stolen in the cyber attack, when it actually knew that the records were indeed stolen.

Data breaches

Data breaches Education Cyber Risk Cyber Attacks

Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy

The Security Ledger

SEPTEMBER 11, 2019

Third party cyber risk is growing. In this Spotlight Podcast, a companion to our new eBook, Rethinking Third Party Cyber Risk Management, we go deep on the topic of building a mature third party cyber risk program with Dave Stapleton the Director of Assessment. Third party cyber risk is growing.

Cyber Risk

Cyber Risk Risk Data privacy Insurance

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Security Boulevard

JANUARY 24, 2025

Are we clear on who must be involved in assessing and mitigating AI adoption cyber risks? By assessing and mitigating cyber risks, leaders can align AI adoption with organizational goals and resilience needs, reads the companion WEF article Securing innovation: A leaders guide to managing cyber risks from AI adoption.

Banking

Banking Cybersecurity Artificial Intelligence Ransomware

Zurich chief warned that cyber attacks will become uninsurable

Security Affairs

DECEMBER 28, 2022

With the increase in the number of cyber attacks, a growing number of organizations opted to transfer the cyber risk by underwriting cyber insurance. The increase in cyber losses in recent years pushed up prices, some insurance companies also changed their policies to limit their refunds in case of cyber incidents.

Cyber Attacks

Cyber Attacks Cyber Insurance Insurance Cyber Risk

Russian cyber attack on US mobile customers

CyberSecurity Insiders

MARCH 31, 2022

He asked all the technology CEOs, and the business heads to bolster their in-house cybersecurity measures to mitigate the cyber risks emerging from Moscow. Cyber Attack on Verizon’s network and generating spam from the users’ own phone numbers needs a lot of technical expertise of international standards.

Cyber Attacks

Cyber Attacks Mobile Wireless Cyber Risk

What Are the Cyber Security Trends Around the World?

Thales Cloud Protection & Licensing

DECEMBER 16, 2021

In the United States, the FBI report indicates that there was a 69% increase in total complaints in comparison with 2019. In the UK, four out of ten businesses (40%) and 25% of charities report having cyber security breaches or attacks in 2020. In Singapore, ransomware attacks marked a 154% rise compared to 2019.

Social Engineering

Social Engineering Ransomware Engineering Phishing

REvil ransomware operators breached healthcare org Valley Health Systems

Security Affairs

AUGUST 27, 2020

During this period, due to the ongoing COVID19 pandemic, these structures are under pressure and more exposed to cyber risks. According to the Cisco/Cybersecurity Ventures Cybersecurity Almanac , the healthcare organizations suffered 2-3 more cyberattacks in 2019 than the average amount for the other industries.

Healthcare

Healthcare Ransomware Advertising Cyber Risk

MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

The Last Watchdog

OCTOBER 10, 2019

Related: Implications of huge Capital One breach CASBs supplied a comprehensive set of tools to monitor and manage the multitude of fresh cyber risks spinning out of the rise in in corporate reliance on cloud services. In doing so, CASBs became the fastest growing security category ever , as declared by Gartner.

Risk

Risk Cloud Migration Engineering Cyber Risk

NEW TECH: Human operatives maintain personas, prowl the Dark Net for intel to help companies

The Last Watchdog

OCTOBER 7, 2019

I met with Darrah at Black Hat 2019. Triaging cyber risks It struck me that a service like this is needed because companies are increasingly replacing legacy on-prem systems with third party services, ranging from cloud hosting and cloud storage to the modularized software development movement known as DevOps.

Cyber Risk

Cyber Risk Artificial Intelligence Big data DDOS

NEW TECH: Brinqa takes a ‘graph database’ approach to vulnerability management, app security

The Last Watchdog

APRIL 18, 2019

Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation. Related: Data breaches fuel fledgling cyber insurance market. Enterprises, especially, tend to be methodical and plodding.

Digital transformation

Digital transformation Cyber Risk Risk Penetration Testing

Cloudflare Helps Businesses Manage Their Cyber Risk; Announces Partnerships with Leading Cyber Insurers and Incident Response Providers

CyberSecurity Insiders

DECEMBER 11, 2021

As a result, a new generation of insurance startups has arisen over the past five years to rethink how cyber risk is underwritten, infusing security expertise into the insurance product. We are excited to work with Cloudflare to address our customers’ cybersecurity needs and help reduce their cyber risk. in the U.S.

Cyber Insurance

Cyber Insurance Insurance Cyber Risk Risk

SolarWinds-Like Supply Chain Attacks will Peak in 2022, Apiiro Security Chief Predicts

eSecurity Planet

DECEMBER 23, 2021

In addition, 91 percent said that their budgets for third-party cyber-risk management would increase in 2021. Third-party cyber-risk must become a priority at companies, Bixler said. The company launched in 2019 and Zioni signed on in September after almost four years as director of threat research at Akamai Technologies.

Cyber Risk

Cyber Risk Risk Software Marketing

A cyber-attack on major banks could trigger a liquidity crisis, ECB President Christine Lagarde warns

Security Affairs

FEBRUARY 9, 2020

“Last year, the G7 announced a joint cross-border crisis management exercise on a cyber incident affecting the financial system that it carried out in June 2019, saying that cyber risks were increasing and posed a “genuine and growing threat” to the stability and integrity of the financial sector.”

Cyber Attacks

Cyber Attacks Banking Marketing Penetration Testing

9 Ways to Prevent Third-Party Data Breaches

CyberSecurity Insiders

MARCH 7, 2021

For example, a 2019 eSentire survey found that 44% of all firms surveyed had experienced a significant data breach caused by a third-party vendor. Incorporate risk management into your contracts. Make a practice of incorporating cyber risk into your vendor risk management program and vendor contracts.

Data breaches

Data breaches Penetration Testing Risk Cyber Risk

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

The Last Watchdog

MARCH 17, 2021

NTT Research opened its doors in Silicon Valley in July 2019 to help nurture basic research in three subject areas that happen to be at the core of digital transformation: quantum physics, medical informatics and cryptography. Along the way, of course, cybersecurity must get addressed.

Digital transformation

Digital transformation Encryption Technology Mobile

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Vicarius Vulnerability management 2022 Private Dragos ICS and OT security 2021 Private Safeguard Cyber Risk management 2021 Private CyberGRX Risk management 2019 Private Signifyd Fraud protection 2018 Private RedOwl Security analytics 2015 Acquired: Forcepoint. Accel Investments.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

The RSA Conference USA 2019 held in San Francisco — which is the world’s largest cybersecurity event with more than 40,000 people and 740 speakers — is a decent measuring stick for representation of women in this field. Either way, the 20 percent figure is still way too low, and our industry needs to continue pushing for more women in cyber.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

The Last Watchdog

OCTOBER 16, 2019

We had a chance to meet again at Black Hat 2019. They’ve been quick to recognize that all too many organizations have a limited understanding about these fresh cyber risks. For a full drill down of our wide-ranging discussion please give a listen to the accompanying podcast.

Digital transformation

Digital transformation Firmware Authentication IoT

US Bill Would Require Vulnerability Disclosure for Federal Contractors

SecureWorld News

AUGUST 30, 2023

In 2019, white-hat hackers detected 54 vulnerabilities in the Air Force's Amazon Web Services and Microsoft Azure which was hosting the Air Force portal. The DoD and its federal defense contractors face the same escalating cyber threats that every industry faces daily. Mittal will be presenting on "How Deep Are We in These Fakes?

Cyber Risk

Cyber Risk Small Business Government Cybersecurity

Forrester Recognizes Cisco Secure Endpoint Advancements – Promotes to Strong Performer

Cisco Security

MAY 14, 2021

At the publishing of the previous Q3 2019 Forrester Wave report for Endpoint Security Suites, Secure Endpoint was lauded as one of the least obtrusive security products to end-user productivity. Secure Endpoint offers more as shown in new Forrester Wave report.

Marketing

Marketing Cyber Risk Risk

The top 5 cybersecurity threats to OT security

IT Security Guru

NOVEMBER 11, 2021

It’s mostly problems from the IT world, says Andy Norton, European Cyber Risk Officer at Armis. The Guru decided to ask Armis’ European cyber risk officer, Andy Norton for his thoughts. Armis’ own white paper on the topic mentions these for starters: July 2019: URGENT/11 affects billions of industrial and medical devices.

Cybersecurity

Cybersecurity Wireless Cyber Risk Risk

Policy debate: the pros and cons of cybersecurity insurance

BH Consulting

JUNE 22, 2021

Also known as cyber risk insurance, it’s now a prerequisite in some public sector tenders. Insurers know this and will say it’s a significant business risk not to have cover if a breach happens. That may be true, but the danger is, some companies could think a cyber risk policy by itself is enough.

Insurance

Insurance Cybersecurity Cyber Insurance Cyber Risk

How to Stop Local Governments From Being Attractive Cyber Attack Targets

CyberSecurity Insiders

AUGUST 17, 2022

A coordinated attack in the fall of 2019 hit 22 smaller Texas communities at once for a combined ransom of $2.5 2019 was called the worst year on record for breaches , and then came 2020, and new breaches are being reported all the time. The prevalence of portable devices again exacerbates cyber risks. 1 and June 4.

Government

Government Cyber Attacks Backups Risk

G Suite Backup and G Suite Security Guide 2019

Spinone

JANUARY 3, 2019

7 Key Insights on Cyber Risk Management There are several key insights and best practice that CEOs and management teams today must be aware of to effectively mitigate cybersecurity threats. Learn How To Mitigate Cyber Risks 8. Security is ultimately your responsibility. G Suite for Education.

Backups

Backups Education Ransomware Risk

Can smart cities be secured and trusted?

Thales Cloud Protection & Licensing

OCTOBER 15, 2019

A report by US cyber-security firm Recorded Future published last May highlighted a spike in ransomware attacks targeting US cities. In June 2019, Riviera Beach in FL paid $600,000 to hackers to restore its email system and public records. The potential security failure of a smart city initiative could have grave consequences.

Technology

Technology Encryption Government System Administration

New York SHIELD Act: Everything You Need to Know for Compliance

Centraleyes

MARCH 3, 2025

Passed in 2019, the NY SHIELD Act requirement modernized breach notification rules and introduced a flexible framework for data security, ensuring it remains relevant in a rapidly changing digital landscape. It introduces more stringent requirements for protecting private information and expands the definition of a data breach.

Data breaches

Data breaches Risk Financial Services Data privacy

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

In September 2019, former FCC chairman Tom Wheeler and retired Rear Admiral David Simpson, USN, wrote Why 5G requires new approaches to cybersecurity for the Brookings Institute. Incentivizing a Cyber Duty of Care. How 5G Goes Beyond 4G. Objectives for 5G Implementation.

Risk

Risk Cybersecurity IoT Wireless

The Financial Impact of Cyberthreats: Secure Your Site to Prevent these Top Expenses

SiteLock

AUGUST 27, 2021

There were more than 151 million ransomware attacks in 2019. That leads us to the next costly cyber risk to your business – unplanned downtime. The average enterprise-level business spends 10% of its company revenue on marketing, according to Gartner’s CMO Spend Survey 2019–2020. What’s the financial impact?

Data breaches

Data breaches DDOS Ransomware Marketing

Encore Edition: Veracode CEO Sam King on Infosec’s Leaky Talent Pipeline

The Security Ledger

MARCH 12, 2021

In this encore podcast in honor of Women’s History Month, we revisit a 2019 interview with Veracode CEO Sam King to talk about cybersecurity’s leaky talent pipeline. In this conversation recorded at the RSA Conference in 2019, I speak with Sam King , the CEO of the security firm Veracode about infosec’s leaky talent pipeline.

Information Security

Information Security Hacking Cyber Risk Accountability

Why CISOs at gaming companies need to reimagine security

SC Magazine

APRIL 21, 2021

The hack of Words with Friends in 2019 was high-profile, but today’s columnist, Yuval Elddad of CYE, says CISOs at all gaming companies have to take a closer look at the growing threats to online gaming platforms. In 2019, Zynga’s popular online game, Words with Friends , was hacked, resulting in the breach of 218 million user accounts.

CISO

CISO Marketing Accountability Passwords

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

The Last Watchdog

OCTOBER 16, 2019

Related: Cyber risks spinning out of IoT Credential stuffing and account takeovers – which take full advantage of Big Data, high-velocity software, and automation – inundated the internet in massive surges in 2018 and the first half of 2019, according to multiple reports.

Big data

Big data Accountability Passwords Digital transformation

Report: Cyberattacks drive 185% spike in health care data breaches in 2021

SC Magazine

JULY 13, 2021

Credential harvesting attempts account for 54% of all phishing attacks, an increase of nearly 15% when compared with data from 2019. The data showed impersonation and credential harvesting attempts remain the leading phishing vectors. Another 20.7% of all phishing attacks were business email compromise attempts, and just 2.2%

Data breaches

Data breaches Insurance Healthcare Education

NEW TECH: CyberGRX seeks to streamline morass of third-party cyber risk assessments

Seeds of Destruction: Cyber Risk Is Growing in Agriculture

Trending Sources

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

6 steps for third-party cyber risk management

Public companies may not grasp responsibility to investors in sharing info on cyber risk

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

RiskLens Fast Facts on Cyber Risk for Retailing – Wawa Data Breach

MY TAKE: Iran’s cyber retaliation for Soleimani assassination continues to ramp up

Last Watchdog’s IoT and ‘zero trust’ coverage win MVP awards from Information Management Today

Apple Phone Phishing Scams Getting Better

NASA Audit: Cyber Risk Skyrockets with 'Work from Home'

MY TAKE: New ‘cyberthreat index’ shows SMBs cognizant of big risks, ill-prepared to deal with them

Pearson agreed to pay $1 million for 2018 Data Theft

Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy

Cybersecurity Snapshot: WEF Offers AI Security Best Practices, as DORA Regulation Places Strict Cyber Rules on Banks

Zurich chief warned that cyber attacks will become uninsurable

Russian cyber attack on US mobile customers

What Are the Cyber Security Trends Around the World?

REvil ransomware operators breached healthcare org Valley Health Systems

MY TAKE: CASBs help companies meet ‘shared responsibility’ for complex, rising cloud risks

NEW TECH: Human operatives maintain personas, prowl the Dark Net for intel to help companies

NEW TECH: Brinqa takes a ‘graph database’ approach to vulnerability management, app security

Cloudflare Helps Businesses Manage Their Cyber Risk; Announces Partnerships with Leading Cyber Insurers and Incident Response Providers

SolarWinds-Like Supply Chain Attacks will Peak in 2022, Apiiro Security Chief Predicts

A cyber-attack on major banks could trigger a liquidity crisis, ECB President Christine Lagarde warns

9 Ways to Prevent Third-Party Data Breaches

MY TAKE: Why ‘basic research’ is so vital to bringing digital transformation to full fruition

Top VC Firms in Cybersecurity of 2022

SPOTLIGHT: Women in Cybersecurity

SHARING INTEL: Why full ‘digital transformation’ requires locking down ‘machine identities’

US Bill Would Require Vulnerability Disclosure for Federal Contractors

Forrester Recognizes Cisco Secure Endpoint Advancements – Promotes to Strong Performer

The top 5 cybersecurity threats to OT security

Policy debate: the pros and cons of cybersecurity insurance

How to Stop Local Governments From Being Attractive Cyber Attack Targets

G Suite Backup and G Suite Security Guide 2019

Can smart cities be secured and trusted?

New York SHIELD Act: Everything You Need to Know for Compliance

Cybersecurity Risks of 5G – And How to Control Them

The Financial Impact of Cyberthreats: Secure Your Site to Prevent these Top Expenses

Encore Edition: Veracode CEO Sam King on Infosec’s Leaky Talent Pipeline

Why CISOs at gaming companies need to reimagine security

MY TAKE: How ‘credential stuffing’ and ‘account takeovers’ are leveraging Big Data, automation

Report: Cyberattacks drive 185% spike in health care data breaches in 2021

Stay Connected