John Hyde reports: A Hampshire law firm has been reprimanded by the data watchdog after hackers were able to access client details because of insufficient security measures. Levales Solicitors LLP, which specialised in criminal and military law, was found by the Information Commissioner’s Office to have failed to ensure the confidentiality of its processing systems….
Category: Commentaries and Analyses
UK Ambulance Services targeted by Kremlin-protected Russian hackers
Richard Holmes reports: UK ambulance services have been targeted by Russian hackers, risking disruption to their communication systems, with the potential to severely hamper Britain’s emergency services. Intelligence material seen by i shows that over the past 12 months, a Kremlin-protected hacking network has targeted key suppliers to The UK Ambulance Services and Ministry of Defence (MoD)….
Do the Marriott cybersecurity settlements send the wrong message to CISOs, CFOs?
A report by Evan Schuman about recent Marriott settlements with the FTC and state attorneys general suggests that the settlements leave much to be desired. Both settlements have cybersecurity requirements, and the state settlement has a monetary component, but neither is strong enough as far as some experts are concerned. Here’s a snippet or two…
Disruptive cyberattacks against healthcare on the rise, with increasing impacts to patient care, survey finds
Dave Muoio reports: Reports of recent cyberattacks and disruptions in patient care have ticked up among healthcare organizations since 2023, with the average attack bringing just under $1.5 million in operational disruptions, according to a new survey analysis. Among 648 IT and security practitioners polled this spring, 92% said their organization had faced at least…
National cyber director warns of ransomware, Chinese infrastructure attacks and cyber supply chain concerns
Jonathan Greig reports: One of the top cybersecurity officials in the U.S. said Wednesday that he was especially concerned with Chinese infiltration of the country’s critical infrastructure, as well as software supply chain risks and the continued expansion of ransomware. Although there have been several recent disclosures about Beijing-linked hacking campaigns, National Cyber Director Harry…
Privacy and Security of Student Data (Follow-Up of Audit of NY State Education Department)
Issued Date: September 26, 2024 Agency/Authority: State Education Department Full Report (.pdf) Objective To determine the extent of implementation of the three recommendations included in our initial audit report, Privacy and Security of Student Data (Report 2021-S-29). About the Program The State Education Department (SED) is part of the University of the State of New York, one of…