Cyber Resilience News May 29, 2018

Well, we made it.  May 25th was Friday and GDPR is now in effect, and we’re already seeing headlines about violations. Google and Facebook are already on the radar.  That didn’t take long. News of healthcare breaches also made a lot of noise last week. And the IRS is issuing new warnings for tax professionals.

1. Skills shortage a major cyber security risk Via Computer Weekly
   • Skill shortages remain a major risk to long-term information security capability and business is still struggling to defend against cyber breaches – but it is getting better at dealing with them, an IISP survey shows
2. Older healthcare OSes open to cybersecurity vulnerabilities, Via HealthITSecurity
   • The healthcare industry is the slowest industry in upgrading to Windows 10, meaning that many in healthcare are running older versions of Windows more susceptible to cybersecurity vulnerabilities, according to the latest data from Duo Security.
3. Mobile fraud soars as social sites help scammers, Via Infosecurity Magazine
   • Phishing continues to dominate the fraud landscape, but mobile fraud has jumped 650 percent over the past three years, according to RSA Security. The report uncovered a decline in use of traditional web browsers to conduct fraud, 62 percent in 2015 to 35 percent today, whilst the mobile app’s share has risen from 5 percent to 39 percent over the same period.
4. Why data breaches are becoming more frequent and what you need to do, Via Forbes
   • The more we digitize and automate, the more rights we give up, whether we realize it today, or three months from now when a news story breaks about a massive data breach. But, without proper cyber-hygiene, the speed and efficiency that can be gained in preventative measures can become a nightmare.
5. One in three healthcare organizations have suffered a cyberattack, one in 10 paid ransom: Six things to know, Via Becker’s Hospital Review
   • The vast majority (77 percent) of healthcare IT professionals are very concerned about a cyberattack striking their organization, according to a recent survey commissioned by Imperva, a cybersecurity firm.
6. Facebook and Google accused of violating GDPR on first day of the new european privacy law, Via Gizmodo
   • When Mark Zuckerberg testified in front of members of the European Parliament on Tuesday, he insisted that Facebook was ready for Friday, the day when the European Unions’s strict new data privacy law went into effect. But users in Europe have already filed complaints against Facebook and others today saying the tech companies are in violation of GDPR.
7. About $1.2 billion in cryptocurrency stolen since 2017: cybercrime group, Via Reuters
   • Criminals have stolen about $1.2 billion in cryptocurrencies since the beginning of 2017, as bitcoin’s popularity and the emergence of more than 1,500 digital tokens have put the spotlight on the unregulated sector, according to estimates from the Anti-Phishing Working Group released on Thursday.
8. IRS warns about new scam targeting tax professionals, Via Forbes
   • The IRS has received reports from tax professionals who received fake emails by scammers who were trying to trick them into disclosing their email usernames and passwords. So far, the IRS says that tax professionals in Iowa, Illinois, New Jersey, North Carolina, and Canada (yes, Canada).