Cybersecurity must always start with a risk assessment | Forever 21 breach may have exposed customer credit card data | Survey: Employee shortages increase risk of breaches, attacks
November 16, 2017
Data Security & Privacy SmartBrief
SIGN UP ⋅   FORWARD ⋅   ARCHIVE
Top Story
Defense Department security vulnerabilities found by volunteer hackers
Reports by good Samaritan hackers participating in the Department of Defense's voluntary reporting program have led to the mitigation of more than 2,800 security issues as the program approaches its one-year anniversary. More than 50 countries are represented among approximately 650 individuals who participated.
The Hill (11/10) 
LinkedIn Twitter Facebook Google+ Email
Data Security & Privacy
Cybersecurity must always start with a risk assessment
Cybersecurity must always start with a risk assessment
(cristianrodri17/Pixabay)
Twenty-eight percent of 9,000 respondents to a PricewaterhouseCoopers survey said they didn't know how many cyberattacks had affected their organizations, writes Michael Aminzade of Trustwave. Conducting a comprehensive risk assessment is critical to organizational cybersecurity, he advises.
Help Net Security (11/13) 
LinkedIn Twitter Facebook Google+ Email
 
Forever 21 breach may have exposed customer credit card data
Forever 21 announced Tuesday that its payment system may have been compromised, potentially putting its customers' credit card data at risk. The company says that an investigation into transactions that occurred between March and October is ongoing.
The Wall Street Journal (tiered subscription model) (11/14) 
LinkedIn Twitter Facebook Google+ Email
Cyber Risk
Survey: Employee shortages increase risk of breaches, attacks
Understaffing of cybersecurity professionals is not just an inconvenience; it also increases a company's risk of facing a cyberattack or a data breach, reveals a survey from Life and Times of Cyber Security Professionals. Seventy percent of respondents said the shortage had affected their organizations, while 22% said the shortage had contributed to an attack or breach at their company within the past two years.
Dark Reading (11/9) 
LinkedIn Twitter Facebook Google+ Email
More states buy cyberinsurance as hacker attacks increase
More than 12 states have purchased cyberinsurance to pay for credit monitoring, legal fees and security assessments of state servers in case of a network hack. Fitch Ratings reports that insurance companies saw a 35% increase to $1.35 billion in premiums for such policies in 2016.
Stateline (11/10) 
LinkedIn Twitter Facebook Google+ Email
By the Numbers
Millions in cryptocurrency erased in breach
A security breach involving Parity Technologies has erased between $150 million and $350 million in cryptocurrency, owned mostly by small businesses. There is no word on whether the money is recoverable.
American Banker online (free content) (11/13) 
LinkedIn Twitter Facebook Google+ Email
 
Focus on impact, not size, of health data breaches, researchers say
A study published in JAMA Internal Medicine claiming that larger health care facilities have an increased data breach risk "neglects inherent biases in data collection and reporting practices," Vanderbilt University researchers wrote in a letter to the editor in the same journal. Researchers noted that treating data breaches based on their size rather than on their impact could negatively affect perceived privacy and security risks, and they raised concerns about the gap between detected and unreported breaches.
Health IT Security (11/8) 
LinkedIn Twitter Facebook Google+ Email
 
Practice & Policy
House committee requests details on departures of HHS cybersecurity execs
Acting HHS Secretary Eric Hargan received a letter from the House Committee on Energy and Commerce asking for details about the departures and employment appointments of HHS Deputy CISO Leo Scanlon and Margaret Amato, former director of the Healthcare Cybersecurity Communications and Integration Center, both of whom were displaced from their positions on Sept. 6. "It is ... important to understand what led HHS to temporarily remove two key HHS cybersecurity officials from their positions, while possibly making structural changes to [HHS'] role, thus creating new uncertainty as to who is in charge," the letter stated.
Becker's Hospital Review (11/15) 
LinkedIn Twitter Facebook Google+ Email
  
  
The risk is the challenge.
Mario Andretti,
auto racer
LinkedIn Twitter Facebook Google+ Email
  
  
Learn more about AllClear ID:
About AllClear ID | AllClear ID Breach Response
AllClear ID Resources
Sign Up
SmartBrief offers 200+ newsletters
Subscriber Tools:
Contact Us:
Editor  -  Susan Rush
Mailing Address:
SmartBrief, Inc.®, 555 11th ST NW, Suite 600, Washington, DC 20004
© 1999-2017 SmartBrief, Inc.®
Privacy policy |  Legal Information