Podcast - Cybersecurity Roundup: Analyzing New and Proposed Rules for Contractors
The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more
On August 28, 2024, the U.S. Cybersecurity & Infrastructure Security Agency (CISA), together with the FBI and Department of Defense Cyber Crime Center, issued an advisory to U.S. organizations, including healthcare...more
Recently, the US Department of Homeland Security’s (DHS) Cybersecurity & Infrastructure Security Agency (CISA) issued a notice of proposed rulemaking (NPRM) which, if adopted, would require “covered entities” of critical...more
Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more
The Cybersecurity and Infrastructure Security Agency (CISA), a division of the Department of Homeland Security, has proposed a rule that would govern whether, when, and how companies in critical infrastructure sectors report...more
On April 4, 2024, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) officially published its Notice of Proposed Rulemaking (NPRM) detailing significant new cybersecurity...more
Just over a year ago, the White House issued its long-awaited National Cybersecurity Strategy, with an emphasis on defending Critical Infrastructure, promoting public and private collaboration, and safeguarding...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) within the US Department of Homeland Security released a much-anticipated notice of proposed rulemaking (NPRM) to implement the Cyber Incident...more
CYBERSECURITY - CISA, FBI + MS-ISAC Issue Warning on Phobos Ransomware - To help organizations protect against ransomware, CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a...more
Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more
Reported in the November 3rd, 2023, FLASH Update - In what appears to be a continuation of the North Korean strategy to finance the nation using international organized crime rings, cybersecurity researchers established a...more
Malicious Android Apps Used to Target Iranian Banks - An ongoing Android malware campaign targeting users of Iranian financial institutions has expanded to include new abilities to target an even greater number of people...more
On Oct. 25, 2023, in light of a “significant rise in the number and severity of cyber-attacks against hospitals and health systems in the last few years,” the U.S. Department of Homeland Security Cybersecurity and...more
The Cybersecurity & Infrastructure Security Agency, FBI, and MS-ISAC recently released an urgent Joint Advisory on the Atlassian Confluence Vulnerability CVE-2023-22515. According to the Alert, “this critical vulnerability...more
Cybersecurity vulnerability is emerging as a top-of-mind issue for transportation and logistics service providers, regulators, and criminals alike. Recent years have yielded headline-worthy ransomware attacks on domestic...more
The Cybersecurity & Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released a Joint Cybersecurity Advisory on October 11, 2023, urging companies (particularly those in the critical...more
The FBI and CISA issued a Joint Cybersecurity Advisory “#StopRansomware: Snatch Ransomware” on September 20, 2023. The Advisory outlines the indicators of compromise and observed tactics, techniques, and procedures of Snatch...more
CISA and FBI have issued a joint advisory on the MOVEit transfer vulnerability that should be on the radar of CISOs and IT professionals. The CLOP ransomware organization has been reportedly exploiting an SQL injection...more
Cybersecurity research agencies around the world are warning organizations using VMware ESXi servers to patch an almost two (2) year old vulnerability to prevent being compromised by threat actors in the "ESXiArgs" ransomware...more
The rise of cyberattacks has led to a significant increase in the demand for cyber insurance policies. However, the insurance industry is struggling to keep pace with the ever-evolving threat landscape, which has resulted in...more
Third parties have posed significant risks to companies for years, but perhaps more so now than ever before. Cyber threats, Russia sanctions, and a new wave of child labor in the United States are just a few risks making...more
The FBI, CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) recently released a joint cybersecurity advisory, warning organizations about indicators of compromise, and tactics, techniques, and...more
In 2022, threat actors and hacker groups made their mark on the digital world by causing unprecedented data breaches that left organizations of all sizes and sectors vulnerable. Even with improved cybersecurity measures in...more
The Cybersecurity & Infrastructure Security Agency, the FBI and the U.S. Department of Health & Human Services released a Joint Advisory last week warning organizations, particularly those in the health care and public health...more
In March 2022, President Joseph Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022, which tasked the Cybersecurity and Infrastructure Security Agency (CISA) with developing and...more