CEOs Will Be Personally Liable for Cyber-Physical Security Incidents by 2024
Gartner predicts that the financial impact of attacks against Cyber-Physical Systems will will reach $50 billion by 2023 in compensation, regulatory fines, and reputation loss, and liability for CPS attacks will extend to 75% of CEOs by 2024.
CRL Report Identifies Ecological Disruption as the 21st Century’s Most Underappreciated Security Threat
The Converging Risks Lab of the Council on Strategic Risks (CSR) released a landmark report today, The Security Threat That Binds Us, that identifies ecological disruption as a major and underappreciated security threat and calls on the United States to reboot its national security architecture and doctrine to better respond to this evolving threat landscape.
Business associates were largely to blame for 2020 (HHS) breaches
A new report shows that almost three-quarters of the breaches reported to HHS in the last six months of 2020 were tied to third-party business associates.
A Hacker Tried to Poison a Florida City's Water Supply, Officials Say
"We want to make sure that everyone realizes these kind of bad actors are out there. It's happening," Oldmar mayor Eric Seidel said in a press conference. "So really take a hard look at what you have in place."
How to Set Up an Ethics Advisory Board
In the face of an ever-growing array of ethical dilemmas, many organizations may benefit from establishing an Ethics Advisory Board, or EAB. While EABs are still a new concept (and they don’t always work out), they can provide very real value, offering crucial perspectives from diverse, external stakeholders on ethically fraught decisions pertaining to anything from a new product launch to a pandemic response plan.
Companies Examine Capitol Riot for Security Lessons
“If I’m a CEO today, I’d better have my corporate security officer in my office,” said Mark Beasley, director of the Enterprise Risk Management Initiative at North Carolina State University, which examines corporate risk strategies.
10 Conflicts to Watch in 2021
The world in 2021 will be haunted by the legacies of 2020: an ongoing pandemic, an economic crisis, Donald Trump’s divisive presidency—and new threats emanating from wars and climate change.
Top Risks for 2021
Just as 2020 was overwhelmingly about healthcare responses to Covid-19 (and how much many governments got wrong), 2021 will overwhelmingly be about economic responses to Covid-19's lingering symptoms and scar tissue (debt burdens and misaligned politics).
Why Nashville Bomb Investigators Feared Copycat Attacks by 5G Conspiracists
"We assess conspiracy theories linking the spread of COVID-19 to the expansion of the 5G cellular network are inciting attacks against the communications infrastructure," the DHS Counterterrorism Mission Center reported in a "for official use only" report on May 13, predicting that such threats "probably will increase as the disease continues to spread, including calls for violence against telecommunications workers."
How to use publicly available information to support enterprise security
Searching for relevant data across the open and dark webs requires investments in tools as well as training.
Why the US government hack is literally keeping security experts awake at night
Security experts say this is merely the beginning. In the coming days, we may learn that many more companies and agencies have been compromised than we initially suspected. And we still don't know what information may have been lost or stolen.
CyberArk State of Remote Work Study: Poor Security Habits Raise Questions About the Future of Remote Work
Sixty-seven percent admit to finding workarounds to corporate security policies in order to be more productive including sending work documents to personal email addresses, sharing passwords, and installing rogue applications.
Surge in Physical Threats During Pandemic Complicates Employee Security Efforts
High-profile executives and rank-and-file staff have faced increased physical threats this year from inside and outside their companies, leading corporate security teams to search for ways to better protect employees—particularly those working from home, security executives say.
As COVID-19 Vaccine Nears, Employers Consider Making It Mandatory
While it may be legal for employers to compel their workers to get the COVID-19 vaccine, doing so would be a huge, difficult undertaking.
Stealing to survive: More Americans are shoplifting food as aid runs out during the pandemic
Shoplifting is up markedly since the pandemic began in the spring and at higher levels than in past economic downturns, according to interviews with more than a dozen retailers, security experts and police departments across the country. But what’s distinctive about this trend, experts say, is what’s being taken — more staples like bread, pasta and baby formula.
Hospitals being hit in coordinated, targeted ransomware attack from Russian-speaking criminals
In the space of 24 hours beginning Monday, six hospitals from California to New York have been hit by the Ryuk ransomware, which encrypts data on computer systems, forcing the hospitals in some cases to disrupt patient care and cancel noncritical surgeries, analysts said.
Here's Where The Threat Of Militia Activity Around The Elections Is The Highest
A new report by ACLED, a crisis-mapping project, and the research group MilitiaWatch maps out potential hot spots for militia-style activities around the elections.
Defining the Security Metrics that Matter
Security trainer Tanya Janca lays out the types of metrics that are critical for cybersecurity.
NIST guidance tackles how to integrate cyber-security with ERM
New guidance from the National Institute of Standards and Technology (NIST) aims to demystify a process with which many companies across all industries have long struggled: how to seamlessly integrate cyber-security risk into an overall enterprise risk management program.
Re.Think Talks/Building business resilience: what has Covid-19 taught us?
Economies around the world have been shaken by the COVID-19 pandemic and revealed serious vulnerabilities and weaknesses. What can we learn from today’s crisis to build more resilience into our systems?
Internet-Connected Systems May Prompt Converged Security Models
Bob Hayes and other leaders discuss models for converging security.
Survey Shows Increased Collaboration Between Cyber and Corporate Security
The survey, conducted in collaboration with SEC strategic alliance partner ISC2, identified emerging issues of joint interest as the most frequent drivers for the increase.