Security News
API security firm 42Crunch has raised $17 million in a Series A funding round led by Energy Impact Partners and joined by Adara Ventures. In 2019, Gartner stated, "By 2022, API abuses will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications." Its proposed solution was, "Use a Combination of API Management and Web Application Firewalls to Protect APIs, in Conjunction with Identity Infrastructure."
American Express has been fined 0.009 per cent of its annual profits by the Information Commissioner's Office after spamming people who opted out of its marketing emails with 4.1 million unwanted messages. "Between 1 June 2018 and 21 May 2019, 4,098,841 of those emails were marketing emails, designed to encourage customers to make purchases on their cards which would benefit Amex financially. It was a deliberate action for financial gain by the organisation. Amex also did not review its marketing model following customer complaints," said the ICO in a statement.
These recent advancements are enabling Sourcepoint to better serve its new and existing customers across Europe, the UK and North America. Rubash, Chief Privacy Counsel, has more than 15 years of legal and privacy experience, which will be integral to this foundationally important position at Sourcepoint.
The British government has vowed to create a legally binding cybersecurity framework for managed service providers - and if you want to tell gov. Targeted at managed service providers and firms outsourcing their digital infrastructure services alike, the review is described by the government as helping build evidence for "Additional government intervention" to force businesses into formally assessing cyber risks to their supply chains.
Today, the UK government has announced a call for advice on defending against software supply-chain attacks and ways to strengthen IT Managed Service Providers across the country. The move comes after last week when President Biden had issued an executive order to increase cybersecurity defenses across the U.S. The government's invitation to provide feedback that will be open for almost two months comes at a time of prominent cyberattacks such as, the Colonial Pipeline incident, the Codecov supply-chain attack, and ransomware attacks on mission-critical organizations [1, 2] that continue to grow.
British infosec accreditation body CREST has declared that it will not be publishing its full report into last year's exam-cheating scandal after all, triggering anger from the cybersecurity community. "The Report of the Independent Investigator contains information that was obtained in confidence and in line with both the terms of the Process and CREST's Complaints and Resolution Measures, the Report is confidential and cannot be made public," said CREST in an update published on its website late on 10 May, right before the CyberUK conference began.
In response to government plans to start collecting patient data held by GPs into a central database, NHS Digital said it would "Not approve requests for data where the purpose is for marketing... including promoting or selling products or services, market research or advertising." The Data Access Request Service, or DARS, already releases data under data-sharing agreements.
U.K. Foreign Secretary Dominic Raab on Wednesday urged global cooperation to combat cyberattacks by "Hostile state actors" and criminal gangs. Raab also pledged 22 million pounds in support to "Vulnerable" countries in Africa and the Indo-Pacific to improve their digital defense capacity.
UK's National Cyber Security Centre highlights the success of its Active Cyber Defence program. The UK's National Cyber Security Center Active Cyber Defense program is an ambitious project designed to improve the security posture of an entire nation.
Priti Patel has promised a government review of the UK's 30-year-old Computer Misuse Act "This year" as well as condemning companies that buy off ransomware criminals. "As part of ensuring that we have the right tools and mechanisms to detect, disrupt and deter our adversaries, I believe now is the right time to undertake a formal review of the Computer Misuse Act," said Patel.