Cyber Resilience News April 3, 2018

Attacks on local governments made headlines this week from Atlanta and Baltimore. And states like South Dakota are stepping up their data breach laws.  With the GDPR clock ticking down to the May 25th deadline, Google and Facebook are racing to the finish line to make sure they are ready.

1. You’ve got malware! Email remains the greatest data breach concern so what should you do? Via HealthcareIT
   • There’s a global trend to enact laws compelling organisations to own up when data they possess is compromised by a cyberattack. Under Australia’s Notifiable Data Breaches scheme, which came into effect in February, applicable healthcare providers must notify the public and the Office of the Australian Information Commissioner if they experience a data breach that is likely to result in serious harm to any individuals whose personal information is involved in the breach.
2. Atlanta officials still 'working around the clock' to resolve ransomware attack Via CSO Online
   • Federal officials, Microsoft and Cisco are working with the city of Atlanta to resolve the attack, but Atlanta's mayor won't say if the city paid the $51,000 ransom.
3. South Dakota Enacts Data Breach Notification Law Via NatLawReview
   • South Dakota has become the 49th State to enact a data breach notification law.  South Dakota Governor Dennis Daugaard signed SB 62 into law on March 21, 2018.  The law will take effect on July 1, 2018.
4. Google updates user consent policies for publishers ahead of GDPR Via CIODive
   • On Thursday, Google updated its ad policies for advertisers and publishes in preparation for GDPR, refining the user consent requirements for parties using its advertising services. Google will work with IAB Europe and other industry groups on consent solutions and plans to roll out a tool for web publishers to put out non-personalized ads for users who object to their personal data being used for ad-targeting.
5. Watch out, Facebook: how new EU data rules may reach the U.S. Via CBS News
   • Facebook CEO Mark Zuckerberg is promising to do a better job protecting user data following reports that a political consultant misused the personal data of millions of the company's consumers. The fact is, European regulators are already forcing him to do so.
6. Hack disrupted Baltimore 911 dispatch system for 17 hours, mayor says Via CBS News
   • The city of Baltimore says part of its 911 dispatch system was hacked over the weekend by an unknown actor. The breach lasted 17 hours. Mayor Catherine Pugh's office says the system supports 911 and 311 emergency systems.