Industry News: ESG5

2025-07-16

Dark Reading: Last year, breaches resulting from exploited vulnerabilities increased 180%, while the average cost of a data breach the US topped nearly $5 million. 

Read more...

2025-07-14

TechCrunch: The Trump administration, through the Department of Defense, plans to spend $1 billion over the next four years on what it calls “offensive cyber operations.” 

Read more...

The Target:​ Crypto ATM operator Bitcoin Depot

The Take: Bitcoin Depot said in its notice to customers that the breach involved their name, phone number, driver’s license number and could have also included addresses, birth dates and emails.

The Vector: On July 18, 2024, the cybersecurity firm finished its investigation and “confirmed that an unauthorized party accessed files containing personal information of certain customers,” according to a spokesperson and the customer notice.

This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2025-07-09

Business Wire: Cyberstarts, the leading early-stage cybersecurity venture firm, announced the launch of a $300 million Employee Liquidity Fund.

Read more...

2025-07-09

CSO Online: Donald Trump's sprawling tax bill, which he signed on July 4, contained a few noteworthy cyber funding items, including $250 million for US Cyber Command to spend on “artificial intelligence lines of effort.”

Read more...

2025-07-08

Investing.com: HgCapital Trust plc announced it will invest approximately £48 million in A-LIGN, a provider of cyber compliance services, as part of a larger acquisition by Hg.

Read more...

2025-07-07

Private Equity Wire: Cyber security consulting firm S-RM’s latest study, based on a survey of 100 PE professionals across the UK, Europe, and the US, reveals that 72% of respondents have experienced a serious cyber incident across their portfolios in the past three years – highlighting cyber attacks as systemic risks that span entire investment ecosystems.

Read more...

2025-07-07

Cybersecurity Dive: The Securities and Exchange Commission has reached a settlement with SolarWinds and the company’s chief information security officer, Timothy Brown, to resolve charges stemming from the Russian-backed cyberattack on the company’s systems.

Read more...

The Target:​ Kelly Benefits is a provider of benefits consulting, enrollment technology, payroll administration, HRIS, compliance support, and carrier management.

The Take: The data breach notice sent to impacted individuals informs recipients of the specific data types impacted by the breach, which vary per person. However, the general notice published on the site says that the compromised info may contain full names, Social Security number, tax ID number, date of birth, medical information, health insurance information, and financial account information.

The Vector: The Maryland-based health and life insurance agency has issued an update on a security incident it suffered last year between December 12-17, when unauthorized actors breached its IT systems and stole files. On April 9, 2025, the company stated that the incident impacted 32,234 individuals. The figure was revised multiple times until the final tally shared with authorities in the U.S. counted 553,660 individuals.

This breach is a stark reminder of how strong authentication controls are in an overall robust cybersecurity posture, and that good password hygiene plays a pivotal role in protection.

Read more...

2025-07-02

Cybersecurity Dive: As commercial spyware proliferates and hackers linked to U.S. adversaries step up their attempts to breach high-profile American targets, one U.S. senator says the FBI isn’t doing enough to help lawmakers protect themselves.

Read more...