Information Week: Despite all the conversations about diversity initiatives and efforts in the past few years to get more women in STEM careers, it often seems the needle is moving slowly. Too often, these conversations are just that -- talking points that sound good but aren’t connected to action-oriented strategies.
BNN Bloomberg: Ransomware gangs didn’t come out with any big new innovations last year, but “what 2022 lacked in innovation it made up for in volume,” according to a report by a financial services group.
Global Newswire: FS-ISAC, the member-driven, not-for-profit organization that advances cybersecurity and resilience in the global financial system, announced the findings of its annual Global Intelligence Office report, Navigating Cyber 2023.
Financial Post: A mere 9% of organizations in Canada have the ‘Mature’ level of readiness needed to be resilient against today’s modern cybersecurity risks, according to Cisco’s NASDAQ: CSCO first-ever Cybersecurity Readiness Index released.
Dark Reading: Companies continue to value cybersecurity skills, but many have moved their focus from hiring cybersecurity professionals to training up in-house staff on needed cybersecurity skills.
BNN Bloomberg: Coalition Inc., a cyber-insurance provider that tries to curb digital risk, has designed technology that simulates large-scale attacks to help insurers identify potential weaknesses in their portfolios and prevent widespread losses.
The Target: Latitude Financial, an Australian-based consumer finance service company.
The Take: Documents and records belonging to 328,000 customers including Personally Identifiable Information such as Driver’s License details which have name, addresses, and dates-of-birth.
The Vector: An employee’s credentials were compromised, allowing the attacker pivot access to two different third-party vendors which contained the customer data.
This breach is a stark reminder of how important authentication controls are in an overall robust cybersecurity posture. Regular social engineering, phishing awareness training, and in this case, tightly enforced password and identity management are effective strategies to mitigate these kinds of breaches to protect a firm’s customer base.
Cybersecurity Dive: The banking crisis and nagging suspicion that hardship will spread, even to companies not directly linked to the failed banks, could have an ancillary effect on the cybersecurity market.
SEC: The Securities and Exchange Commission proposed requirements for broker-dealers, clearing agencies, major security-based swap participants, the Municipal Securities Rulemaking Board, national securities associations, national securities exchanges, security-based swap data repositories, security-based swap dealers, and transfer agents (collectively, “Market Entities”) to address their cybersecurity risks.
Financial Post: The former chief executive of Bulletproof, a cybersecurity firm with headquarters in Fredericton, New Brunswick, points to the rash of cyberattacks against organizations around the world that have been hacked and whose IT systems have been held for ransom by online bandits, including the attack on the City of Saint John, just an hour down the road.