Catch up on the past week's cybersecurity news. 

News this week centered around security with cyberthreats like ransomware and phishing making headlines. We also saw news covering the cost of a breach as well as the trend upward in cybersecurity spending even though many organizations still lack proper incident response plans.

  1. Making data protection a top priority Via Intelligent CIO
    • In recent years huge strides have been made in effective cloud-based Disaster Recovery systems. Intelligent CIO spoke to Nick Saunders, a cyber-resilience expert at Mimecast, to discuss the impact of a disaster and the best way to avoid one.  If disaster strikes and a company loses its data, what impact can this have on it?
  2. Cybercriminals trained up for March Madness Via SC Magazine
    • If breathlessly watching the best college basketball players in the country vie for the national championship in a breathless whirlwind of games this month and worrying over brackets, aren't enough, fans must now consider the prowess of cybercriminals who likely will bring a little March Madness of their own to bear.
  3. Binance cryptocurrency sell-off disaster blamed on mass phishing campaign Via ZDNet
    • A long-term phishing campaign and a timed attack appear to be at the heart of unauthorized cryptocurrency trading.  Binance has rejected rumors of a security breach after users reported that their funds were being sold off without consent.
  4. 77 percent of businesses lack proper incident response plans Via Dark Reading
    • In "The Third Annual Study on the Cyber Resilient Organization," Ponemon researchers surveyed more than 2,848 IT and IT security pros from around the world. Nearly half (48 percent) of respondents rate their "cyber resilience" as high or very high, an increase from 32 percent one year prior. However, 77 percent of respondents admit they don't have a formal incident response plan.
  5. Executives argue compliance case for cybersecurity Via The Wall Street Journal
    • Training and communication can reinforce the idea of mitigating risks, and can be done through an organization’s code of conduct, values statement and other policies, she said. “It just takes one answered phishing email to sink the ship,” said Lynn Haaland, global chief compliance and ethics officer and chief counsel for cybersecurity at PepsiCo Inc.
  6. Breach costs rise, but few organizations are ready to prevent them Via Health Data Management
    • The average cost of recovering from a breach now stands at $3.62 million, the Ponemon research organization found. Many are still are not ready to handle a breach; 51 percent of respondents to a survey do not rate their breach response plans as effective and only 19 percent of respondents said their organization’s data breach response plan is highly effective.
  7. Sofacy targets government agency with new spear-phishing campaign ViaInfosecurity Magazine
    • The Sofacy group, also known as APT28 and Fancy Bear, has carried out an attack on an unnamed European government agency using an updated variant of DealersChoice. The attacks that took place on March 12 and 14 used a different variation of the spear-phishing attack, something not seen from Sofacy before.
  8. Why botnets, ransomware, and phishing attacks are the biggest cyberthreats to your business Via TechRepublic
    • Botnets, ransomware, and phishing attacks dominate the current cyberthreat landscape, according to a Thursday security report from Microsoft. As cybersecurity attacks grow more sophisticated and cause more damage, businesses must be aware of the top threats and vectors for attacks to best protect their assets.
  9. Global business spend on cybersecurity to grow 33 percent over the next 4 years Via Help Net Security
    • Juniper anticipates that the cumulative cost of data breaches between 2017 and 2022 will reach $8 trillion, with variable per-business losses depending on the nature and scale of the attack. Juniper argued that, as a result, stakeholders must plan in terms of risk mitigation rather than prevention.
  10. Sigma ransomware being distributed using fake Craigslist malspam Via Bleeping Computer
    • The emails pretend to be responses to short-term job postings on Craigslist called Gigs. Similar to a previous Sigma malspam campaign that pretended to be resumes, these emails contain malicious password protected Word or RTF documents that supposedly contain the information regarding the respondent.
  11. Weighing privacy vs. security for the internet’s address book  Via Wired
    • If you head over to a Whois service and search for a site, you'll see where it’s registered and in what city. If you have your own domain name, you’ll find your name and home address on, unless you pay for a proxy service to hide that information. With GDPR taking effect on May 25, the regulation forbids companies from sharing their European customers' personal data without explicit permission.
  12. Universities lag in DMARC adoption Via Infosecurity Magazine/
    • An analysis of the 3,614 domains operated by the top accredited colleges and universities in the US has revealed that 88.8 percent of their root domains lack protections against phishing attacks that spoof the institution’s email nomenclature. In fact, only 11.2 percent have fully implemented DMARC, the industry standard for email validation.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

GDPR: 3 Steps to Building a Trust Strategy

May 25th, 2018: Your relationship with d…

May 25th, 2018: Your relationship with data security & p… Read More >

Marc French

by Marc French

Senior Vice President & Chief Trust Officer

Posted Mar 16, 2018

What is Cyber Resilience and Why Should I Care? Part 2

Completing your cyber resilience strateg…

Completing your cyber resilience strategy with Durability an… Read More >

Bob Adams

by Bob Adams

Product Marketing Manager - Security

Posted Mar 09, 2018

How Quickly Will You Recover from A Cyber Attack?

Cyber resilience shifts focus from just …

Cyber resilience shifts focus from just preventing an attack… Read More >

Garrett O'Hara

by Garrett O'Hara

Principal Technical Consultant

Posted Mar 01, 2018