The New York State Department of Financial Services (DFS) filed charges against First American Title Insurance Company for exposing customer bank account numbers, mortgage and tax records, Social Security Numbers, wire transaction receipts, and drivers’ license images.
Druva, Inc. announced the appointment of Andrew Daniels as the company’s new Chief Information Officer (CIO) and Chief Information Security Officer (CISO). Daniels will be responsible for enhancing and scaling out Druva’s security operations, incident response and global IT infrastructure.
Though organizations have changed their IT environments to accommodate remote workers, 39 percent of respondents have not changed their security programs as a result of COVID-19, potentially exposing their organizations to cyber risks from new and more sophisticated attacks, reveals a new Crowdstrike report.
The US Senate passed a bipartisan amendment to the FY 2021 National Defense Authorization Act (NDAA) to require the Department of Homeland Security to establish a Cybersecurity State Coordinator position in every state.
Zero Trust model creator John Kindervag puts it like this: “The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.” He came up with the model in 2010, at a time when many businesses were just beginning to put foundational cybersecurity controls in place and over-relied on the assumed security inside their enterprise-owned network boundaries.
Lawmakers of the state of New York have passed legislation to pause the use of facial recognition technology in schools until 2022. The moratorium was introduced by State Senator Brian Kavanagh (D-Manhattan and Brooklyn) and Assemblymember Monica Wallace (D-Lancaster).
Navy Vice Adm. Nancy A. Norton, the director of Defense Information Systems Agency (DISA) and commander of Joint Force Headquarters-Department of Defense Information Network, outlined the way ahead for a cybersecurity paradigm shift that will help the U.S. military maintain information superiority on the digital battlefield.
A new Rapid7 research found that the security of the internet overall is improving. The number of insecure services such as SMB, Telnet, rsync, and the core email protocols, decreased from the levels seen in 2019. However, vulnerabilities and exposures still plague the modern internet even with the increasing adoption of more secure alternatives to insecure protocols, like Secure Shell (SSH) and DNS-over-TLS (DoT).
The Cybersecurity and Infrastructure Agency (CISA) and the National Security Agency (NSA) have issued an activity alert due to the recent malicious cyber activity against critical infrastructure (CI) by exploiting internet-accessible operational technology (OT) assets.
