As many employees transfer back to a more traditional business setting from remote work environments, adjustments to cybersecurity protocols are going to be necessary. Organizations will need to evaluate any temporary provisions that were put into place during the COVID-19 pandemic, including any shortcuts that were taken and processes that were circumvented, and whether such protocols should be reversed or enhanced.
We speak to Saad Gul, Co-Chair of the Poyner Spruill, LLP, privacy and cybersecurity team, and learn about the Lifespan HHS investigation, what it means for data security professionals and why the HSS ruling should be a warning to all companies with HIPPA information.
The U.S. Department of State’s Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who works with or for a foreign government for the purpose of interfering with U.S. elections through certain illegal cyber activities.
The U.S. Department of Energy (DOE) announced $37 million in funding for research and development in artificial intelligence and machine learning methods to handle data and operations at DOE scientific user facilities.
Beginning in M86, Chrome will warn users when they try to complete forms on secure (HTTPS) pages that are submitted insecurely. These “mixed forms” (forms on HTTPS sites that do not submit on HTTPS) are a risk to users’ security and privacy. Information submitted on these forms can be visible to eavesdroppers, allowing malicious parties to read or change sensitive form data, says Google.
The FBI and local police have made tens of arrests across the tri-state area this week as part of a crackdown against multiple criminal gangs who exploited a glitch in the software of Santander ATMs to cash-out more money than was stored on cards, according to ZDNet.
Attackers are looking beyond network systems and devices to target organizations via public-facing platforms and SaaS resources. An effective DRP service will identify threats across an organization’s digital footprint, analyze the credibility of these threats and remediate malicious activity on third-party platforms to minimize system and reputational damage.
NIST unveiled the final version of its Zero Trust Architecture publication, which gives private sector organizations a road map for deploying the cybersecurity concept across the organization.
The Cybersecurity and Infrastructure Security Agency (CISA) released an update to its Essential Critical Infrastructure Workers Guidance. Version 4.0 provides guidance on how jurisdictions and critical infrastructure owners can use the list to assist in prioritizing the ability of essential workers to work safely while supporting ongoing infrastructure operations across the nation.
RSS
