“There are only two types of companies: those that have been hacked, and those that will be.” When former FBI Director Robert Mueller spoke those words in 2012, he sounded hyperbolic. Almost a decade later, it seems prophetic.
Due to COVID-19 concerns, many United States Government (USG) personnel must now operate from home while continuing to perform critical national functions and support continuity of government services.
In early June, the California Attorney General filed final CCPA regulations with the California Office of Administrative Law. The final regulations were accompanied by a 59-page Final Statement of Reasons along with six appendices containing over 500 pages of comments on the regulations and the Attorney General’s responses to those comments. One of the many topics that the Attorney General’s office discussed was the final regulation’s requirements for drafting privacy policies. Given that the drafting of a privacy policy is a necessary part of CCPA compliance, it is worth analyzing those comments.
Organizations need to enhance current technical security controls to mitigate against the threat of deepfakes to the business. Training and awareness will also need revamping with special attention paid to this highly believable threat.
Expect the COVID-19 coronavirus pandemic to bring lasting changes to our lives, from the way we authenticate identity to how we open doors – and even use public restrooms. If there’s a theme among these changes, it’s that they will favor contactless solutions. The use of biometrics to authenticate employees and customers has snowballed over the last decade. Expect demand from public and private organizations to grow even faster as they require accurate identification of workers, students, patients and many more people in response to new challenges resulting from the virus.
Hospitals are where people go to seek treatment, recover, and address critical injuries. It is the place where doctors, nurses, and other healthcare providers devote themselves to helping people who need medical attention. In addition to this critical focus, a hospital also has to protect against unauthorized access, theft of medications or sensitive patient information, and guard against workplace violence, which affects hospitals more than other industries. At the same time, they must maintain a level of accessibility and openness, which presents difficulties as it relates to security.
Hackers will always exploit a crisis, and the coronavirus outbreak is no different. Since January, cybercriminals have leveraged the COVID-19 pandemic to stage all manner of cyberattacks, from ransomware take-overs of hospital systems to private network hacking. But the latest cybercrime scheme exploits the greatest cybersecurity vulnerability of all: human emotion.
Threat actors launched a cyberattack against the Texas Office of Court Administration, the IT provider for many Texas courts, and encrypted their computer systems with ransomware, leaving those systems useless. Cognizant, which has a large presence in Dallas-Fort Worth and is one of the world’s largest and most sophisticated providers of information technology services for other companies, was hit with ransomware with losses currently estimated between $50 million and $70 million.
MITRE’s Center for Technology & National Security (CTNS), created to enhance MITRE’s engagement with senior government leadership, named five highly esteemed national security officials to its newly established advisory board.
There is a trade-off between technology innovation and security. The adoption of emerging technologies like 5G will fuel the proliferation of Internet of Things (IoT) which are often built with basic security controls, creating a larger attack surface. At the same time, reliance on data means that data breaches can cause greater damage.