NSA, CISA Warn of Threats to US Critical Infrastructure

Internet-accessible OT assets are becoming more prevalent across the 16 U.S. critical infrastructure sectors as companies increase remote operations and monitoring, accommodate a decentralized workforce, and expand outsourcing of key skill areas such as instrumentation and control, OT asset management/maintenance. OT and IT Discovery & Mgt. plus secure remote access will remain hot areas. Full article here…

RSA 2020: In the Wake of a Major Breach, Equifax Makes Ambitious Changes

Great presentation by Jamil at RSA which outlined their staggering cyber spend commitment, 1.25b to be a leader in this space and focus improvement areas including organizational culture; compliance with regulations and certification requirements; its relationship with customers; and its specific cybersecurity controls, especially its tools and policies. Full article here

Every voter in Israel just had their data leaked in ‘grave’ security breach

Another story about lost PII, exposing gaps in cyber controls. All 6.5 million voters in Israel have just had their personal data leaked, reports the New York Times. The full names, addresses, and identity card numbers are among the information that was leaked about every eligible voter in the country. In some cases, phone numbers were also[…]

US Conflict With Iran Sparks Cybersecurity Concerns

After an Iranian general was killed in a U.S. drone strike in Baghdad late Thursday night, security experts and the Department of Homeland Security warned of possible retaliatory cyber strikes from Iran that could target critical infrastructure, government agencies as well as private businesses. No doubt, tension in Middle East will spark more attacks and[…]

First American Financial website leaked 885 million documents

Yikes, major exposure!   About 885 million documents, including bank account numbers, mortgage records, Social Security numbers, drivers’ license images and tax records, have been leaked by First American Financial Corp.’s website. Anyone with a web browser and a URL for a legitimate document could access the real estate title company’s records. Full article here…