The Cybersecurity and Infrastructure Security Agency (CISA) released core guidance documentation for the Trusted Internet Connections (TIC) program, developed to assist agencies in protecting modern information technology architectures and services.
Security fears linger around the wildly popular, Chinese-owned social media platform TikTok, and discussions are in the works for the platform to potentially be acquired by Microsoft. Should users be concerned in the interim? Will a change of ownership to a U.S.-based company allay security and privacy fears?
The Cybersecurity and Infrastructure Security Agency (CISA) released the Guide to Vulnerability Reporting for America’s Election Administrators. The guide walks election officials through the steps of establishing a vulnerability disclosure program.
The Photon Research Team of Digital Shadows has published new research highlighting a popular dark web marketplace called BitBazaar that got called out for attempted manipulation of subscriber numbers on the popular dark web platform, Dread.
US corporate travel management firm Carlson Wagonlit Travel has suffered an intrusion, and it is believed the company paid a $4.5m ransom to get its data back.
Days after US President Donald Trump said he would ban TikTok from operating in the United States, Microsoft has announced it might purchase the popular short-form video app.
Twitter has released additional information on their investigation into the compromise that occurred on July 15, 2020. The attack, says the company, started with a spear phishing attack on a select group of employees that "relied on a significant and concerted attempt to mislead certain employees and exploit human vulnerabilities to gain access to [Twitter's] internal systems."
In recent years, Enterprise Risk Management has become increasingly focused on cybersecurity risks. While this focus on cyber is understandable, the current COVID crisis has demonstrated that the unpredictable nature of cascading risks requires viewing risk through a much wider risk aperture. One way forward to successfully navigate this new risk frontier is the establishment of a Risk Operations Center (ROC). The ROC enables enterprise and technology leaders to have the continuous monitoring they require to proactively mitigate all cyber issues. Additionally, it fully supports the CISO/cybersecurity leader's principal responsibilities identified by the HBR survey.
COVID-19 has completely changed our world from six months ago, as we continue to battle the grave health implications, face extended stay at home orders, and grapple with the insurmountable ramifications on our economy. The pandemic has also forever changed the cyber threat landscape, with our workforce becoming more dispersed, and potentially more vulnerable, than ever as organizations switch out of the confines of their offices and move entire data streams to their laptops and home offices. On top of this, Salesforce has announced it is ending its Data Recovery service on July 31st, which is putting all of the data protection responsibilities, and the dire consequences that comes along with it, on the backs of the customer.