Security News

In that way, a new reality in which everyone is working from home isn't all that different from other imagined scenarios. When you have a workforce spread out as they are now, there are some new risks to consider.

The Internet Security Alliance and the European Confederation of Directors' Associations released Cyber-Risk Oversight 2020, a handbook on cyber-risk management for corporate boards of directors in Europe. The new handbook, is co-branded by ISA, AIG and ecoDa, will be based on the Cyber Risk Handbooks ISA has previously developed for the US National Association of Corporate Directors.

Not unexpectedly, enterprise VPN use has also greatly increased, and so has the use of the Remote Desktop Protocol, a popular and common means for remotely managing a computer over a network connection. The number of devices exposing RDP to the internet on standard ports has grown by 41.5 percent over the past month.

As cyberattacks surge during the COVID-19 crisis and information security teams at healthcare providers and their vendors work to manage new vulnerabilities and threats borne from the rapid transition to a remote workforce, Clearwater's IRM|Analysis software is helping more than 400 healthcare customers rapidly identify, prioritize, and respond to cyber risks on an enterprise scale. Designed to facilitate a consistent, information system-focused risk analysis, the software provides the means to assess risk scenarios presented in a work-from-home environment.

If there is one work-related New Year's resolution I'd like CISOs to make as we enter 2020, it's to give the challenge of third-party cyber risk the attention it needs. If CISOs continue to focus cybersecurity tools and resources within the company perimeter, they are fighting the wrong battle in an increasingly multi-front cybersecurity war.

The U.S. Treasury Department is proposing to collect more information from banks and financial markets about the cybersecurity risks they face, according to notices posted in the Federal Register. In a notice published in the Federal Register on Wednesday, the Office of Cybersecurity and Critical Infrastructure Protection, which is a part of the Treasury Department and has responsibility for protecting the country's financial infrastructure from attacks, proposes to collect more information from the private sector to understand the potential cyber risks to U.S. financial services.

Cyber risk analytics company CyberCube, has signed an agreement with global specialist insurer Hiscox, for the use of CyberCube's ground-breaking technology to generate better insight into potential systemic cyber risk. "Pascal Millaire, Chief Executive Officer of CyberCube, said:"As cyber risk becomes more prevalent within the insurance market - and indeed the wider world - analytics tools like those offered by CyberCube are becoming a core part of an insurer's toolkit.

Here are five cyber risks that will endanger company data in 2020. To be sure, this threat category is uniquely nuanced, as things like intentional data theft, accidental sharing, and other data disclosure methodologies combine to create a robust threat that companies will need to address in 2020.

Their lack of voice is then compounded by the fact that most boards and C suites assume their IT and security teams have their cybersecurity covered. With the increasing incidence of cyber breaches and cyber regulations, this assumption is going to put the board and c suite in hot water.

Cyber-disclosure statements noting how long a company can go without a breach can help customers understand the reality of cyber-incidents and their exposure to loss.