The Office of Inadequate Security
Richard Holmes reports: UK ambulance services have been targeted by Russian hackers, risking disruption to their communication systems, with the potential to severely hamper Britain’s emergency services. Intelligence material seen by i shows that over the past 12 months, a Kremlin-protected hacking network has targeted key suppliers to The UK Ambulance Services and Ministry of Defence (MoD)….
A report by Evan Schuman about recent Marriott settlements with the FTC and state attorneys general suggests that the settlements leave much to be desired. Both settlements have cybersecurity requirements, and the state settlement has a monetary component, but neither is strong enough as far as some experts are concerned. Here’s a snippet or two…
Dave Muoio reports: Reports of recent cyberattacks and disruptions in patient care have ticked up among healthcare organizations since 2023, with the average attack bringing just under $1.5 million in operational disruptions, according to a new survey analysis. Among 648 IT and security practitioners polled this spring, 92% said their organization had faced at least…
Jonathan Greig reports: One of the top cybersecurity officials in the U.S. said Wednesday that he was especially concerned with Chinese infiltration of the country’s critical infrastructure, as well as software supply chain risks and the continued expansion of ransomware. Although there have been several recent disclosures about Beijing-linked hacking campaigns, National Cyber Director Harry…
Issued Date: September 26, 2024 Agency/Authority: State Education Department Full Report (.pdf) Objective To determine the extent of implementation of the three recommendations included in our initial audit report, Privacy and Security of Student Data (Report 2021-S-29). About the Program The State Education Department (SED) is part of the University of the State of New York, one of…
From the Federal Trade Commission: The Federal Trade Commission will require Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC to implement a robust information security program to settle charges that the companies’ failure to implement reasonable data security led to three large data breaches from 2014 to 2020 impacting more than 344…