Security News

The number of breaches may have fallen, but the number of exposed records hit a high not seen since 2005, says Risk Based Security. The volume of publicly disclosed data breaches fell by 48% in 2020 compared with the previous year, leading to 3,932 in total.

United Kingdom's Information Commissioner's Office has warned organizations that fell victim to the SolarWinds hack that they are required to report data breaches within three days after their discovery. The UK independent authority urged organizations using compromised versions of the SolarWinds Orion IT management platform to check for evidence of attackers infiltrating their network and gaining access to personal information.

Generali Global Assistance released the findings of its survey which examines consumer sentiment on retail data breaches and the identity theft risks holiday shopping poses. 2 in 3 are concerned about data breaches during holiday shopping season; nearly 4 in 5 will think twice before doing business with a breached retailer.

With the healthcare industry estimated to spend $134 billion on cybersecurity from 2021 to 2026, $18 billion in 2021, increasing 20% each year to nearly $37 billion in 2026, 82% of CIOs and CISOs in health systems in Q3 2020 agree that the dollars spent currently have not been allocated prior to their tenure effectively, often only spent after breaches, and without a full gap assessment of capabilities led by senior management outside of IT. Talent shortage for cybersecurity pros continues. "The talent shortage for cybersecurity experts with healthcare expertise is nearing a very perilous position," said Brian Locastro, lead researcher on the 2020 State of the Healthcare Cybersecurity Industry study by Black Book Research.

Threat actors found success infecting businesses with ransomware and stealing company data, turning those ransomware attacks into data breaches. "The seemingly crazy predictions of the past around the cost of ransomware attacks on the healthcare industry stand to be proven true in 2021. We've seen a substantial rise in ransomware since the onset of COVID, and as the space race 2.0 continues, so will the prevalence of attacks," said John Ford, IronNet cyber strategist and former healthcare CISO. With countries all around the world hunting for a COVID vaccine there will be more nation-state attacks leveraging ransomware and an increase in cloud-based ransomware attacks as healthcare systems expedite their transition to meet the growing remote needs, Ford predicts.

Mastercard announced Cyber Secure, an AI-powered suite of tools that allows banks to assess cyber risk across their ecosystem and prevent potential breaches. Acquiring banks can help merchants understand their own cyber risk, preventing hundreds of millions of dollars in potential fraud.

There were 2,935 publicly reported breaches in the first three quarters of 2020, with the three months of Q3 adding an additional 8.3 billion records to what was already the "Worst year on record," Risk Based Security reveals. Factors contributing to the decline in publicly reported breaches.

Professor says companies shouldn't wait until they're breached before adding tight security. Students are rising to the challenge.

COVID-19 has put a renewed spotlight on the importance of defending against cyberattacks and data breaches as more users are accessing data from remote or non-traditional locations. The frequency and sophistication of ransomware, phishing schemes, and data breaches have the potential to destroy both brand health and financial viability.

A pair of healthcare-related data breaches at high-profile government agencies has impacted tens of thousands of people. "Because this is just one of multiple breaches effecting veteran data, the VA needs to ensure they are taking every security step necessary to not only protect financial data, but also the sensitive personal and healthcare data for the veterans it serves."