Security News > 2020 > December

The United States Department of Homeland Security has published a guide to the terrifying risks that businesses will expose themselves to if they use tech created in the Peoples' Republic of China or engage in any business activity with the Middle Kingdom. The fifteen-page "Data Security Business Advisory" [PDF] opens by warning "Businesses expose themselves and their customers to heightened risk when they share sensitive data with firms located in the PRC, or use equipment and software developed by firms with an ownership nexus in the PRC.".

While the transition has forced many schools to implement innovative solutions, it has also revealed stark vulnerabilities in their cybersecurity strategies, which is especially concerning given that schools have become a new target for cyber criminals. It's worth noting that all these duties should be scaled according to the impact of the pandemic: if the school system is supporting three times its usual capacity, all cybersecurity measures need to perform at the same level.

The prospect of bigger players digitizing the distribution of pharmaceuticals would spark excitement in an alternate business reality, but you're likely more nervous about the additional security measures or protocols that might be necessary to pursue new partners. As the COVID-19 vaccine nears distribution - and with hackers already trying to undermine the process - the steps you take now to shore up security can pay dividends later as more major new players enter the market.

Few companies prepared to secure and support a shift to remote work. The report also found that only 30% of companies surveyed were fully prepared to secure and support a complete shift to remote work and 50% reported their company will continue to support work from home capabilities due to increased productivity and business benefit.

Several U.S. government organizations have issued warnings regarding various types of fraud and phishing schemes that use COVID-19 vaccine-related topics to lure potential victims. The alert from the FBI, HHS-OIG, and CMS reads, could take the form of ads that claim to offer early access to vaccines in exchange for a deposit or fee, requests to pay for the vaccine or enter personal information on a so-called waiting list, or offers to undergo medical testing to obtain the vaccine.

The cybersecurity challenges of securing PACS. Medical imaging is a critical component in providing patient care and PACS is where these images and accompanying clinical information are stored and delivered from when needed. PACS is part of a highly complex healthcare delivery organization environment that includes back-office systems, electronic health record systems, pharmacy and laboratory systems, an array of electronic medical devices, and often cloud storage for medical images.

Arista Networks announced an Attack Surface Assessment, an advanced security service delivered through the recent acquisition of Awake Security. "To make matters worse, sponsored groups can steal intellectual property and attack resources that are now in the wild. Big companies and banks are still getting hacked and technologies like IoT are huge threats. We need to reboot security and make it simple to manage. I believe Arista Networks is simplifying security."

The audit, conducted by Coalfire, found that Sysdig meets the SOC 2 standards for security and availability. "As a SaaS-first company that delivers a security and visibility platform for many of the largest organizations, Sysdig takes the protection of its customers' data extremely seriously. Successfully navigating SOC 2 Type II compliance further validates our commitment and the robust controls in place to ensure the secure and confidential management of customer data," said Stefan Reicheneder, head of security and compliance at Sysdig.

As if the exponential rise in phishing scams and malware attacks in the last five years wasn't enough, the COVID-19 crisis has worsened it further. Many scammers have rolled out campaigns offering COVID-19 vaccines, free medical tests and testing kits, tax rebates for donation to pandemic relief funds, information on COVID-19 cases, and new job opportunities due to the economic downturn.

Teradata announced the appointment of Todd Cione as Chief Revenue Officer, effective January 4, 2021. Cione brings to Teradata more than 25 years of experience in global sales, marketing, channel and operations at large multi-national technology organizations, including most recently at Apple, and previously with Oracle, Rackspace and Microsoft.