The Department of Homeland Security has released a 35-page strategy concerning cybersecurity threats from foreign nations and malicious hackers. The strategy focuses on assessing current threats, reducing "systemic vulnerabilities" in government networks, supporting legislation to protect cybersecurity, limiting the impact of cyberattacks and working to prevent them.
States including Delaware and Missouri are using white-hat companies to simulate threats to government systems. States are also considering using bug bounties to identify potential vulnerabilities and further secure their networks.
Cybersecurity researchers say they have uncovered vulnerabilities in certain email encryption tools. These flaws could expose the "plaintext" that encryption is meant to hide, one of the researchers said.
The National Guard is participating in a cybersecurity exercise alongside civilian technology experts to boost the country's defenses. "Cyber Shield truly is a crucible where industry cyber talent merges with our military forces, and the result is a more polished, tuned, and stronger response capability," said Lt. Col. Teri Williams of the Ohio National Guard.
Lincare, the largest respiratory therapy provider in the US, has agreed to pay $875,000 in a class-action lawsuit after employee information was leaked in a breach during 2017. The incident occurred after an employee responded to a phishing scam asking for W-2 information.
South Carolina Gov. Henry McMaster has signed legislation that requires insurers to create programs to protect companies and consumers against data breaches. The state is the first to pass an insurance law addressing data security, the state's insurance director said in a statement.