New York State Cybersecurity Regulations for Financial Institutions Could Be Model for Other States The first phase of the New York state cybersecurity regulations, which apply to insurance companies, banks, and other financial institutions operating within the state, went into effect on March 1. While the insurance and finance industries are already highly regulated, New… Read More
As compliance costs skyrocket, standards grow increasingly complex, and the cyber threat environment evolves, organizations are turning to RegTech solutions to automate their compliance processes and improve their overall cybersecurity posture. Compliance with regulatory and industry standards, such as HIPAA, PCI DSS, FedRAMP, and SSAE 16 SOC reporting, are a burdensome yet necessary part of… Read More
Consumers love shopping online and are abandoning malls for mobile shopping apps in droves. However, online shopping environments offer multiple opportunities for hackers to steal payment card data. Even worse, as more brick-and-mortar stores implement card chip technology to defeat skimmers and other forms of POS system fraud, thieves are gravitating toward card-not-present (CNP) ecommerce… Read More
For Years, Yahoo Put Usability Ahead of Cybersecurity The massive Yahoo data breach, which compromised 500 million user accounts and has put its planned acquisition by Verizon at risk, happened because the company repeatedly put product user experience ahead of security, the New York Times reports: Six years ago, Yahoo’s computer systems and customer email… Read More
If IoT cybersecurity concerns aren’t addressed, consumers will reject self-driving cars and other smart devices Shortly after rideshare company Uber launched a pilot test of self-driving cars in Pittsburgh, competitor Lyft made the bold prediction that most of its cars would be self-driving within five years. While it can be argued that Lyft’s proclamation is… Read More
A Proactive Approach Could Have Prevented the DNC Email Hack The NSA isn’t the only Washington organization being embarrassed by a data breach. The sorry state of cybersecurity in America has taken center stage in this year’s presidential election. In June, it was discovered that Russian cyber criminals had managed to hack the Democratic National… Read More
Doping allegations, illegal gambling, and other attempts to game the system and give a player or a team an edge have long plagued the professional sports world. Now, the cheating has gone cyber. Chris Correa, a former executive with the Saint Louis Cardinals MLB team, has been sentenced to nearly four years in prison for… Read More
Human hacking, also known as social engineering, has surpassed hardware and software vulnerabilities and is now the top cybersecurity threat, Computer Weekly reports: [A]ttackers shifted away from automated exploits in 2015. Instead, attackers engaged people through email, social media and mobile apps to do the dirty work of infecting systems, stealing credentials and transferring funds.… Read More
Hackers Hold Hollywood Healthcare Hostage Hollywood Presbyterian Medical Center paid a $17,000 ransom in bitcoin to hackers who seized control of the hospital’s computer systems holding them a healthcare hostage. The cyber assault on Hollywood Presbyterian occurred Feb. 5, 2016, when hackers using malware infected the institution’s computers, preventing hospital staff from being able to… Read More
Defeating Cyber Security Deficits with a 1-2 Punch Steve Morgan, a professional acquaintance who writes about cybersecurity for Forbes, published One Million Cybersecurity Job Openings In 2016 and revealed some jaw-dropping statistics concerning the growing deficit in hiring qualified cybersecurity employees. To make matters worse, this chasm is exacerbated by the explosion of corporate breaches… Read More
The following standard definitions of Personal Information and Breach of Security (based on the definition commonly used by most states) are used for ease of reference, and any variations from the common definition are noted: Personal Information: An individual’s first name or first initial and last name plus one or more of the following data… Read More
The stunning reality is that the majority of retailers accepting credit cards are still vulnerable to the newest threat to accepting credit cards from consumers. Lazarus Alliance has been years ahead with proactive cybersecurity services. Researchers from the Cisco Security Solutions team have dubbed the latest malware to attack point-of-sales (POS) systems PoSeidon. Compromised POS… Read More