Summary: The Institute for Security and Technology’s Ransomware Task Force (RTF) rejects the idea of a ransom payment ban, citing concerns about reporting, driving payments underground, and critical infrastructure exemptions. Instead, the RTF proposes 16 milestones to effectively reduce ransomware p…
Tag: GOVERNANCE
Summary: The Federal Trade Commission (FTC) has proposed a settlement with mental telehealth service firm Cerebral Inc., restricting the company from sharing consumer data and requiring it to pay a $7 million penalty for unlawfully disclosing sensitive health information to third-party advertisers w…
Summary: Security researchers have detected a suspicious email campaign targeting the OpenJS Foundation, similar to the recent XZ Utils backdoor incident, highlighting the need to address vulnerabilities in open source software management. Threat Actor: Jia Tan | Jia Tan Victim: OpenJS Foundation |…
Summary: Global cybersecurity services provider Cyderes has acquired Ipseity Security, a Canadian company specializing in identity and access management (IAM). Threat Actor: N/A Victim: N/A Key Point : Cyderes has acquired Ipseity Security, a Canadian company specializing in identity and access mana…
Summary: The role of CISOs and other cybersecurity executives is gaining more influence and importance as companies recognize the need for strong cyber governance and oversight. Threat Actor: N/A Victim: N/A Key Point : About 90% of cybersecurity managers now report to a top-level company executive,…
____________________ Advanced cybersecurity strategies boost shareholder returns – Help Net Security Key Point : * Companies with advanced cybersecurity performance generate a shareholder return that is 372% higher than their peers with basic cybersecurity performance. * Boards are under pressure to…
____________________ Summary : The OMB has issued the first governmentwide AI risk mitigation rules, requiring federal agencies to implement safeguards for responsible AI use by December. Key Point : โญ Agencies must appoint chief AI officers and set up AI governance boards. โญ Agencies should add mor…
This video provides an in-depth overview of Governance, Risk, and Compliance (GRC), emphasizing its crucial role in cybersecurity and offering practical advice on its implementation. The presenter, an expert with extensive experience in the field, including roles at Grand Thorton in Australia and KP…
Summary : Only 5% of Boards Have Cybersecurity Expertise Key Point ๐ก๏ธ: – Just 5% of businesses have a cyber expert on the board – Companies with cyber experts on specialized risk committees have higher security performance scores – Stronger cybersecurity correlates with better financial performance…
Article Summary : ๐น BlueFlag Security platform redefines software development lifecycle security with a focus on identity security. ๐น $11.5 million seed funding round announced to develop BlueFlagโs SDLC security and governance platform. ๐น BlueFlag addresses the critical threat vector of developer i…
PRESS RELEASEHERNDON, Va., March 13, 2024 โ (BUSINESS WIRE) โ Expel, the leading managed detection and response (MDR) provider, today unveiled the updated version of its National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) Getting Started toolkit. The kit, which includ…
The realm of cybersecurity, particularly within the Microsoft 365 environment, is in a constant state of evolution. Recent events involving major tech firms and cybersecurity entities underscore a crucial truth: grasping security best practices for Microsoft 365 isn’t synonymous with effectively put…
PRESS RELEASEWashington, D.C. โ U.S. Senator Ron Wyden, D-Ore., with Sens. John Fetterman, D-Penn., and Bill Cassidy, R-La., today introduced the Enhanced Cybersecurity for SNAP Act to upgrade the security of electronic benefit cards and protect families in need from thieves that have stolen mi…
In a recent eye-opening report from cybersecurity experts at Perception Point, a major spike in sneaky online attacks has been uncovered. These attacks, called Business Email Compromise (BEC), zoomed up by a whopping 1,760% in 2023. The bad actors behind these attacks are using fancy tech called gen…
Twenty-seven cybersecurity-related merger and acquisition (M&A) deals were announced in February 2024. An analysis conducted by SecurityWeek shows that more than 400 cybersecurity M&A deals were announced in 2023, with a drop seen in both volume and disclosed deal value. Here is…