Catch up on the past week's cybersecurity news. 

This past week saw headlines centered around the HIMSS conference in Las Vegas, GDPR, WannaCry, and organizations' low level of confidence in their own cybersecurity.  

  1. HIMSS18 Focusing on Holistic Healthcare Cybersecurity Via Health IT Security
    • The annual conference shows why HIPAA compliance, medical device security, and employee training at all levels create a holistic healthcare cybersecurity approach.
  2. WannaCry hits 12 Connecticut state agencies  Via SC Magazine
    • The fact that companies and organizations are still being susceptible to WannaCry should come as no surprise Steven Malone, Mimecast's director of security product management told SC Media. “Although we've likely hit the peak of the initial infections, the repercussions of WannaCry will be with us for the foreseeable future…,” he said.
  3. How hard will the GDPR right to be forgotten be to get right?  Via Search Security
    • Marc French, senior vice president, chief trust officer and data protection officer for GDPR compliance at Mimecast UK Ltd., a cloud email security company headquartered in Lexington, Mass., explained how one of the approaches to forgetting data subjects who request it -- anonymization of all data -- is not quite the panacea that some make it out to be.
  4. U.S. cybersecurity threat risk remains high -- no signs of lessening Via CSO Online
    • The U.S. Director National Intelligence says the public and private sectors in the U.S. are at continual risk and the country should expect cyber attacks from nation-state and non-state actors.
  5. Cybersecurity pros don’t feel equipped to stop insider attacks Via Help Net Security
    • Based on interviews with nearly 1,500 cybersecurity professionals over three years, Haystax Technology released a study that makes it clear that organizations are feeling the pressure from insider threats and are ramping up detection, prevention, and remediation.
  6. You Dumped Facebook. So Why Does It Keep Sending You Emails? Via The NY Times
    • Last year I opened a Facebook account, and as I entered my information I soon decided I didn’t want to continue. I deleted the app on my phone and tablet. Occasionally, I receive a “Welcome back to Facebook” message and realize I’ve not cut the cord. Is there way to sever this connection for good? Completely?
  7. KnowBe4 Issues 2018 Threat Impact and Endpoint Protection Report Via PR Web
    • KnowBe4, the world’s largest provider of security awareness training and simulated phishing, today released its “2018 Threat Impact and Endpoint Protection Report.” In 2017, ransomware was a multi-billion dollar business with the number of new ransomware variants continuing to grow quarter-over-quarter. Despite the many security offerings available, organizations continue to fall victim to attacks with an average of 13% of organizations surveyed experiencing a ransomware attack and 25% of organizations experiencing an external malware attack. Knowing these factors, KnowBe4 sought to understand the overall impact ransomware has on an organization.
  8. F-Secure: Email Still the Weakest Link Via InfoSecurity Magazine
    • Email continues to be the biggest threat vector for attackers looking to compromise organizations, with phishing attempts and malicious attachments comprising over a third of attacks, according to F-Secure.
  9. Half of UK Firms Hit by Cyber-Related Fraud in Past Two Years Via InfoSecurity Magazine
    • Nearly half of UK organizations (49%) have suffered from cyber-related fraud in the past two years, according to the latest research from PwC.  The global consulting firm polled over 7200 business decision makers to compile its Global Economic Crime & Fraud Survey.  The research is slightly unusual in that it approaches cybercrime in the context of it being a source of fraud. As such, it ranks highest, above others in the top five: asset misappropriation (32%), procurement fraud (23%), bribery and corruption (23%) and business misconduct (21%).
  10. Which phishing messages have a near 100% click rate? Via Help Net Security
    • Training employees to spot phishing emails, messages and phone calls can’t be done just once or once a year if the organization wants to see click rates decrease.  For one thing, employees come and go (and change roles) with regularity. Secondly, threats change over time. Thirdly, knowledge and practices that aren’t regularly reinforced will be lost. And, finally, awareness isn’t the same as knowledge.

Want more great articles like this?Subscribe to our blog.

Get all the latest news, tips and articles delivered right to your inbox

You may also like:

The GDPR Fallout from a Breach

There’s much more to worry about than ju…

There’s much more to worry about than just fines with a GDPR… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Mar 01, 2018

GDPR Violations – Can you afford 4% of global revenue?

No matter what size organization, a fine…

No matter what size organization, a fine of 4% of your total… Read More >

Dan Sloshberg

by Dan Sloshberg

Product Marketing Director

Posted Feb 22, 2018

Email Security Dos and Don’ts for Employees

What employees should and should not do …

What employees should and should not do to avoid targeted em… Read More >

Margot Carmichael Lester

by Margot Carmichael Lester

Mimecast Contributing Writer

Posted Feb 22, 2018