Developments in Delaware’s Caremark doctrine for breaches of fiduciary duty have paved a narrow path for plaintiffs to hold directors liable for failing to adequately address and oversee their company’s cybersecurity and data privacy risks.
Newly uncovered cyber espionage scheme shows Iranian hackers using unpatched VPN vulnerabilities as a point of entrance into the networks of government and private sector organizations.
According to Tripwire's State of Cyber Hygiene report, many organizations are simply not getting their cyber security basics right. And there is a distinct lack of focus on the proper maintenance and basic protection organizations need to put in place for cyber defense.
Setting the direction towards leading standards in authentication, encryption and data compliance will yield great benefits as these approaches begin to be increasingly implemented across public and private areas.
A recent audit of websites by the well-known Online Trust Alliance has revealed something that many consumers have long suspected. Financial institutions are the least trusted when it comes to cybersecurity. Although the results are no doubt coloured by the inherent fear that many consumers have when it comes to the security of their money, it should still be a worry for banks which have long struggled with issues around online trust.
Lazarus APT targets the employees of blockchain companies with fake job offers, tricking them into downloading trojanized apps that steal security keys and make fraudulent transactions.
Tripwire report finds that IoT security is a major issue at nearly every company; 99% of respondents have security challenges, and over 75% report problems fitting these devices into their present security approach.
Report from Mandiant mapped out recent cyber attacks against FTA and finds it likely that more organizations have been compromised. CISA has issued a joint advisory with Australia, New Zealand, Singapore and the UK.
The New York Department of Financial Services (NYDFS) Cybersecurity Regulation blazed a trail in 2017, forming the basis for similar laws for other industries in other states. Currently, the regulation serves as a useful model for managing cybersecurity risks, regardless of industry.
Report found that organizations faced cybersecurity risks while transitioning to the hybrid workplace because of the bad behaviors picked up by employees during remote working.