Because most successful cyberattacks exploit human error, heavy investment in cybersecurity technology has not bolstered the confidence of security leaders, finds a survey. The proliferation of detected vulnerabilities and lack of insight into root causes are ongoing challenges for security teams, at the same time the pandemic has forced many companies to shift focus to business continuity at the expense of security.
Banks are seeking clarification of a requirement of notification to regulators within 36 hours of learning of a cybersecurity incident. Banks say the rule does not mention how much detail of the incident should be reported or what regulators do with information gathered.
The White House is preparing to release a plan to make US water systems more resistant to cyberattacks. The plan will identify opportunities for the water sector, the Environmental Protection Agency and the Cybersecurity and Infrastructure Security Agency to work together to help protect US water supplies, according to an EPA spokesperson.
The US government is investing $1 billion in cyberprotection infrastructure and system modernization while establishing the Office of the National Cyber Director, steps that show the federal government is taking cyberthreats seriously. "It is incumbent upon private sector entities and enterprises, which are no less vulnerable to digital threats than their public sector and government counterparts, to take the initiative and improve their enterprise privacy risk posture against such threats," writes Tom Kelly, president and CEO of IDX, a provider of data breach and consumer privacy services.
The National Security Agency has granted $2 million to the Regional Coalition for Critical Infrastructure Protection, Education and Practice, a group that includes Iowa State University and the University of Illinois at Urbana-Champaign. The goal is to recruit and train new cybersecurity professionals in the Midwest.
Registration Now Open for ISACA Conference North America 2022 Explore new ideas, expand your knowledge, connect with industry leaders and find your inspiration at the ISACA Conference North America from 4-6 May 2022 in New Orleans, Louisiana, or join virtually. Register to attend in person by 1 March 2022 and save US$200!REGISTER NOW
Sponsored Content from 1440 Media
Tired of being told how to think?
Check out 1440 - The fastest way to an impartial point-of-view. The team at 1440 scours over 100+ sources so you don't have to. Culture, science, sports, politics, business and everything in between - in a 5-minute read each morning, 100% free. Sign up now!
Ransom payments in excess of $43.9 million have been collected via Cuba ransomware, which has targeted 49 critical infrastructure businesses through Windows-focused deployments of a malware loader, the FBI reports. The agency says hackers have tapped multiple techniques, including phishing emails, stolen credentials and Microsoft Exchange bugs, to access networks, while also using legitimate Windows services to deploy ransomware remotely.
As CEO of Veritas, Greg Hughes has closely monitored the increasing frequency and sophistication of ransomware attacks and how they can devastate companies. He advises businesses to "make sure that your backup application, like all your other applications, is upgraded to the latest version" to limit ransomware-caused disruption.