The SEC’s Office of Compliance Inspections and Examinations (“OCIE”) recently issued a Risk Alert (the “Alert”) discussing cybersecurity observations from its examinations over time. The Alert did not state the time period of examinations included; however, OCIE has conducted several cybersecurity targeted exams over recent years.

In fact, HIPAA penalties do distinguish degrees of “not knowing,” yet that doesn’t mean - like the traffic violation above - that a hefty fine still won’t land in your lap. Can your company deal with even a $50,000 (per violation) hit to the pocket book? Here’s the breakdown of potential penalties per OCR (Office of Civil Rights) discretion, as noted in the HIPAA Journal.

Seven in every ten CISOs (71%) believe cyberwarfare is a threat to their organization, and yet just over a fifth (22%) admit to not having a strategy in place to mitigate this risk. This is especially alarming during a period of unprecedented global disruption, as half of infosec professionals (50%) agree that the increase of cyberwarfare will be detrimental to the economy in the next 12 months.

Sandi J. Davies, executive director of the International Foundation for Protection Officers, recently announced the appointment of Charles “Chuck” Andrews, CPP as Chief Strategic Officer for the IFPO.

Keren Elazari, CISSP, Security Analyst, Researcher, and Public Speaker, kicked off GSX+’s fourth day with a keynote address on the future of cybersecurity. Elazari, a former hacker turned cybersecurity expert, is an internationally celebrated speaker, researcher, and author on all matters of cybersecurity. Her 2014 TED talk, viewed by millions, helped shape the global conversation about the role of hackers and the evolution of cybersecurity in the information age.

Previously, school districts dealt with securing their systems at both the district and school level. But now, teaching, learning and working are all happening at home simultaneously. It’s messy, far more complicated, and gives our cyber and IT teams significantly less control over networks and security than there was when traditional in-school learning was the norm. It’s especially crucial we keep our security measures tight, even if it feels like an uphill battle.

To get buy in from the entire organization on your role as a security professional, share these basic elements of an effective cybersecurity strategy with the rest of the C-suite.

Using memes as propaganda, employing sophisticated communication networks for both planning and recruiting, making use of both fringe and private online forums and organizing militias to inspire lone wolf actors for violent action have proven to become tried-and-true tactics by extremist online communities seeking to expand their influence in recent years. According to the Network Contagion Research Institute (NCRI) report, presented by the Rutgers Miller Center for Community Protection and Resilience, Network-Enabled Anarchy: How Militant Anarcho-Socialist Networks Use Social Media to Spread Violence Against Political Opponents and Law Enforcement, militant and extremist groups have taken to social media and online forums to plant hateful, anti-Semitic and/or revolutionary ideas in the public eye, which are often disguised with humor or through using coded language.

Government organization Enterprise Ireland put on a cybersecurity panel discussion yesterday tackling a wide range of subjects as it relates to cybersecurity, private and public sector roles and responsibilities, and even managing cybersecurity for organizations with a huge global reach operating in multiple countries.