About three dozen major health data breaches have been added to the federal tally in recent weeks, including a mix of hacking and unauthorized access/disclosure incidents. Here's an analysis of the latest statistics and the reasons behind the trends.
The U.S. Department of Justice has charged a former CIA officer, 29-year-old Joshua A. Schulte, with providing 8,000 documents that describe the agency's offensive malware tools and practices to WikiLeaks, which published them in 2017 as the "Vault 7" archive.
Human resources software developer PageUp says it doesn't appear that personal data exposed in a malware attack was actually removed from its systems. But it has also found authentication error logs that recorded incorrect login attempts from before 2007.
As organizations detect more breaches, incident responders are increasingly overloaded, says Darktrace's Dave Palmer, who recommends organizations adopt strategies for "surgically interrupting the bad" while maintaining normal business processes and productivity.
Cyber extortion group Rex Mundi has been shut down following the arrest of seven suspects in France and a French national in Thailand, police say. Investigators began pursuing the group last year after it stole customer data from a British firm and demanded $770,000 to not publicly release it.
Incident response challenge: How to deliver actionable information to security analysts to enable them to better triage? "The quicker you can detect and respond to an incident, the more you're likely to be able to contain and minimize the risk associate with it," says IBM's Mike Spradbery.
Quantum computing, blockchain, crypto, internet of things: There's a lot of hype around these technology areas, says Jon Geater, CTO of Thales e-Security. So it's essential to pierce the hype and see what's useful and applicable for practitioners.
Running a security operations center today remains a "challenging operation," not only when it comes to the required technology, but also people and processes, says Cyberproof's Adrian Bisaz, who describes how SOCs must evolve.
There's data breach good news and bad news for organizations in Europe, the Middle East and Africa, says Mike Trevett of FireEye's Mandiant. In general, attackers are dwelling in networks for less time before being discovered, except for some particularly long-lasting breaches in EMEA.
The explosion in the growth and diversity of devices linked to networks as a result of the internet of things and BYOD makes it more challenging to manage network security, says Wallace Sann of ForeScout.
Addressing an important privacy issue, federal regulators have issued guidance to clarify details about how patients should authorize the use or disclosure of their protected health information for future research - and their right to revoke that authorization.