Business resilience programs may not generate revenue for organizations, but will most certainly create awareness, change a responsiveness culture into a preparedness culture, cut expenditure, save time and minimize reputational impact – not if, but when improbable circumstances become reality.
The SolarWinds hack is a strong reminder why third-party risk management is so important. Not only was SolarWinds breached, but the hack is now believed to have affected upward of 250 federal agencies and businesses. Here, we speak to Jonathan Ehret, Vice President of Strategy & Risk at RiskRecon, who believes organizations should be asking their vendors about the third-party risk management and cybersecurity policies they have in place to protect against a breach and leak of critical data.
These are the terrible uncertainties and costs organizations like yours face as ransomware rages around the cybersphere. As you deliberate on the best strategy and tactics for defending your organization from ransomware, understand that the total cost of recovering from such an attack more than outweighs the cost of being prepared to defend against it.
Though filling the cybersecurity talent pipeline has often been thought of as a longer-term goal for the United States, there is renewed urgency to address the tremendous workforce shortage – and quickly. Recent cyberattacks on U.S. infrastructure continue to serve as warning signs that the cadence of threats has increased tremendously and requires immediate action by both industry and government partners. Solving the cybersecurity workforce and talent shortage requires taking action, starting with the youngest learners in the K-12 educational system.
There has been an significant increase in PYSA ransomware targeting education institutions in 12 U.S. states and the U.K., according to a joint Federal Bureau of Investigation (FBI) and Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) flash industry alert.
The SolarWinds supply chain attack has, to date, impacted nine government agencies and as many as 100 private sector companies, according to some reports. By the time the full extent of the hack is known, it may be the most widespread security breach on record. But what does this mean for the organizations impacted and is it potentially insurable? In light of the massive cyberattack, we spoke to Seth Rachlin, Executive Vice President and Insurance Lead at Capgemini, to discuss the implications of this attack and the fast-growing cyber insurance market.
It’s simple: If you are using a legacy ecosystem, your compliance is at risk. The fact that your security hasn’t yet been compromised is no evidence of your safety; it really is a case of it being quiet, too quiet. When it comes to security breaches, it’s not a question of if, but when. Whether your household or institutional architecture, the full value of security is only appreciated after disaster has already struck.
Nearly daily we see new stories of cybercriminals breaching security walls, stealing valuable data, and then holding it hostage in return for money. Companies risk exposing valued customer data as well as their own reputations, placing their credibility in disarray.