Catch up on the past week's cybersecurity news. 

Security and compliance were hot topics this week.  A malware attack hit government computers in Pennsylvania, Snapchat disclosed a phishing attack that exposed more than 55,000 users, while the SEC and the state of Colorado are moving to make cyberattacks more transparent. Risk management and cyber liability also made headlines with topics ranging from GDPR, cloud storage, and Australia’s NDB scheme.

  1. The hottest GRC topic in 2018 via ITWeb
    • The hottest topic in GRC this year is likely to be risk management within the IT field, and not compliance or the Protection of Personal Information Act (POPIA), as many may anticipate.  Read more. 
  2. Cloud storage strengthens biz via Gadget
    • Archiving records has been considered an uphill battle for organizations for decades. While the format of these records have changed from paper to pixels, the battle is far from over.  Read more. 
  3. GDPR beyond EU via SecurityMEA
    • It is almost here. May 25, 2018 – this is the impending date when the European Union will start enforcing its General Data Protection Regulation or GDPR standardized across all 28 EU countries. This data protection law imposes strict new rules on controlling and processing personal data by significantly improving transparency and giving control back to EU residents. However, the impact of enforcing this regulation is far and wide, beyond the EU geography.  Read more. 
  4. New data breach notification laws mean you're no longer in the dark Via CNET
    • Going into effect on Thursday, Australia's new data breach notification laws will show exactly how secure -- or insecure -- your information is. Read more. 
  5. Security Liability in an 'Assume Breach' World Via DarkReading
    • Cybersecurity today is more than an IT issue. It's a product quality issue, a customer service issue, an operational issue, and an executive issue. Read more. 
  6. GDPR for small businesses: Ten easy steps all organizations should follow Via Alphr
    • The GDPR compliance effective date is fast approaching. Here's what you need to know. Read more. 
  7. #TEISS18: Phishing Trends and their Impact on Future Risks Via InfoSecurity Magazine
    • At The European Information Security Summit (TEISS) 2018 Lesley Marjoribanks, head of ethical phishing, Royal Bank of Scotland, reflected on the key phishing trends observed in the last year and their impact on phishing risks for the future. Read more. 
  8. The SEC says companies must disclose more information about cybersecurity risks Via TechCrunch
    • The U.S. Securities and Exchange Commission issued new guidance calling on public companies to be more forthcoming when disclosing cybersecurity risks, even before a breach or attack happens. The statement, which expands on previous guidance issued in 2011, also warns that corporate insiders must not trade shares when they have information about cybersecurity issues that isn’t public yet.  Read more. 
  9. Malware infection poised to cost $1 million to Allentown, Pa.: Mayor Via The Washington Times
    • The city of Allentown, Pennsylvania, is expected to spend $1 million reeling from a recent malware infection that has caused the city to stop operating certain computer systems, its mayor said Tuesday.  Read more. 
  10. Colorado proposes requiring data breaches to be reported in 30 days Via Healthcare IT News
    • The amended bill that would cut breach reporting time in half for healthcare providers, unanimously passed a State House committee meeting last week. The Colorado legislature is considering a bill to drastically improve the state’s privacy and data security law, including giving organizations just 30 days to report a breach.  Read more. 
  11. A phishing attack scored credentials for more than 50,000 Snapchat users Via The Verge
    • In late July, Snap’s director of engineering emailed the company’s team in response to an unfolding privacy threat. A government official from Dorset in the United Kingdom had provided Snap with information about a recent attack on the company’s users: a publicly available list, embedded in a phishing website named klkviral.org, that listed 55,851 Snapchat accounts, along with their usernames and passwords.  Read more. 

February Resource Roundup

Looking for more information on email security, e-discovery, and compliance, or gdpr? We’ve rounded up this month’s best webinars, ebooks, infographics and more to help you learn more and improve your cyber resilience strategy.

Healthcare

GDPR

E-Discovery and Compliance

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

Email Security Dos and Don’ts for Employees

What employees should and should not do …

What employees should and should not do to avoid targeted em… Read More >

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Feb 22, 2018

Healthcare Data Breaches due to Email Attacks Continue to Increase

By the Numbers – Breaking Down the HHS B…

By the Numbers – Breaking Down the HHS Breach Database Alth… Read More >

David Hood

by David Hood

Director, Technology Marketing, Mimecast

Posted Feb 14, 2018

What You Need to Know about GDPR

Breaking Down GDPR: What it means for yo…

Breaking Down GDPR: What it means for your business GDPR, t… Read More >

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Feb 13, 2018