Security News

Between October and December 2021, an independent research company surveyed over 3,000 IT decision makers and IT professionals about their IT and data protection strategies, challenges and drivers. Almost all the respondents were from organizations with more than 1,000 employees - from 28 different countries.

Between October and December 2021, an independent research company surveyed over 3,000 IT decision makers and IT professionals about their IT and data protection strategies, challenges and drivers. Almost all the respondents were from organizations with more than 1,000 employees - from 28 different countries.

The US Securities and Exchange Commission has proposed rule amendments to require publicly traded companies to report data breaches and other cybersecurity incidents within four days after they're discovered. According to newly proposed amendments to current rules, listed companies would have to provide information in periodic report filings on policies, implemented procedures, and the measures taken to identify and manage cybersecurity risks on Form 8-K. The amended rules would also instruct companies to provide updates regarding previously reported security breaches.

A new rule proposed by the US Securities and Exchange Commission would force public companies to disclose cyberattacks within four days along with periodic reports about their cyber-risk management plans. Specifically, the proposed rule would amend the Form 8-K reporting requirements to include cybersecurity incident disclosure "Within four business days after the registrant determines that it has experienced a material cybersecurity incident." The 8-K is the form that the SEC requires public companies file to publicly announce corporate changes or big events that may be material to shareholders.

An analysis of data crowdsourced from more than 200,000 network-connected infusion pumps used in hospitals and healthcare entities has revealed that 75% of those medical devices contain security weaknesses that could put them at risk of potential exploitation. "These shortcomings included exposure to one or more of some 40 known cybersecurity vulnerabilities and/or alerts that they had one or more of some 70 other types of known security shortcomings for IoT devices," Unit 42 security researcher Aveek Das said in a report published Wednesday.

Help Net Security: Healthcare Cybersecurity Report has been releasedOur newest report takes a closer look at one of the most targeted industries today - healthcare. Cyber attacks on Ukraine: DDoS, new data wiper, cloned websites, and Cyclops BlinkRussia started its invasion on Ukraine and, as predicted, the attacks in the physical world have been preceded and accompanied by cyber attacks.

The US Federal Trade Commission said today that Americans reported losses of more than $5.8 billion to fraud during last year, a massive total increase of over 70% compared to the losses reported in 2020. The FTC added a total of roughly 5.7 million consumer reports to its Consumer Sentinel Network secure online database in 2021.

Our newest report takes a closer look at one of the most targeted industries today - healthcare. As exhausted healthcare professionals struggle with an extraordinary situation, their IT departments face critical skills and staffing shortages.

A Data Protection Impact Assessment has been published by a Dutch ministry, noting that Microsoft still has work to do if the country's institutions are to use the company's products without all manner of mitigations. The DPIA - issued by the Netherland's department of Justice and Security - focused on Teams, OneDrive, Sharepoint and Azure Active Directory and was conducted by SLM Rijk, the central negotiator for Microsoft, Google and AWS for Dutch government organisations, and by SURF, the central IT procurement organisation for Dutch universities.

Findings from the Annual Data Exposure Report found that cybersecurity teams are facing unprecedented challenges when it comes to protecting sensitive corporate data. Continued adoption of cloud technologies, the role those technologies play in data exposure and security's lack of visibility into them.