cyber security (57)

13174368075?profile=RESIZE_400xEfforts by the US DHS, Transportation Security Administration (TSA) to address cybersecurity issues faced significant criticism this week from government watchdogs, members of Congress and regulated companies.  A US Government Accountability Office (GAO) report last week said four of the six cybersecurity recommendations made to TSA since 2018 have still not been addressed, including one centered around the agency’s efforts to protect companies from ransomware.  “For example, in January 2024, GA

13085818868?profile=RESIZE_400xA subtle shift in rhetoric has seen IMO secretary-general Arsenio Dominguez turn the tables on industry demands for regulatory clarity and highlight the reciprocal requirement for private partnership and proactive engagement.  Dominguez, ‘It’s now [every single actor’s] turn to take actions in how they define their own goals in decarbonizing.’  Regulation alone will not be sufficient to decarbonize the maritime sector; it requires more proactive engagement from industry stakeholders across the s

13023981683?profile=RESIZE_400xIt is not the federal government that’s responsible for the cyber defense of critical infrastructure.  The responsibility falls on the critical infrastructure operators themselves and most aren’t equipped for the fight.  Cyber threats to the United States' critical infrastructure are on the rise.  On 31 January 2024, FBI Director Christopher Wray testified before Congress, highlighting how Chinese government hackers are attempting “‘to find and prepare to destroy or degrade the civilian critical

13003752263?profile=RESIZE_400xWith new rules on Cyber Security coming down from the US Coast Guard, Angeliki Zisimatou, Director Cybersecurity, ABS, is uniquely positioned to discuss maritime cyber security in the round, with insights on what she’s seen and heard from the draft rules, with advice on what it could mean for vessel owners.  Cyber security and all that it entails is quickly climbing the priority ladder in maritime, as increasing dependance on connectivity is a double edge sword of promise and peril.  While the l

12975188261?profile=RESIZE_400xProfessional sporting events have been prime targets for violent attacks and terrorism, because of their large audiences.  In recent years, these events have become targets of cyberattacks as adversaries exploit venue operations to disrupt events, abuse payment systems for fraud, breach networks to steal data, and take advantage of how athletes interact with fans.

While game time is pivotal, sports franchise operators and event organizers must also allocate resources to address many other vulner

12931370277?profile=RESIZE_400xThe US Department of Homeland Security has outlined plans to enhance cyber security through the Maritime Transport System (MTS).  The department’s aim is to protect the system and infrastructure used to ensure safe and free navigation of US waterways.  Ports are a vital part of the US economy, contributing $649 to GDP and generating 13 million jobs.  The request for information will be used to help develop research to test the vulnerabilities of the port infrastructure.  The study will help to d

12633192892?profile=RESIZE_400xOn 1 May 2024 the CEO of United Health Group was invited to Washington, DC to spend the day getting raked over the coals by US Senator Ron Wyden (D-Oregon) Chairman of the Senate Finance Committee and others at a meeting titled “Hacking America’s Health Care: Assessing the Change Healthcare Cyber Attack and What’s Next.”  Wyden set the tone early when he described the UNH cyber incident this way, “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to heal

12630083477?profile=RESIZE_400xAmid an onslaught of high-profile cyberattacks showing how companies often neglect basic security measures, the Department of Justice is trying to use a law passed during the Civil War to put businesses on notice that these failures are unacceptable.  Under the umbrella of DOJ’s Civil Cyber-Fraud Initiative, US government attorneys have since early 2022 deployed the pointedly named False Claims Act to punish contractors that mislead the government about their cybersecurity defenses, hoping to se

12543851483?profile=RESIZE_400xMicrosoft has recently declared that security will now be the company's topmost priority "above all else," even taking precedence over shipping new product features and capabilities.  This commitment to making security job #1 comes on the heels of a string of incidents, including a major breach disclosed just two months ago, where Russian state-sponsored hackers tracked as Midnight Blizzard or Nobelium gained disturbing levels of access to Microsoft's internal systems and source code repositorie

12428766264?profile=RESIZE_400xThe UN Security Council’s (UNSC) most recent Arria-formula meeting on a cyber-related topic occurred on 4 April 2024.  Organized by the Republic of Korea (ROK) and co-hosted by Japan and the United States (US), the session focused on the “Evolving Cyber Threat Landscape and Its Implications for The Maintenance of International Peace And Security.”  The informal meeting included interventions from more than 30 delegations preceded by technical briefings from Deputy to the High Representative for

12369378465?profile=RESIZE_400xIn the realm of cyber security, the objective is to shield systems, networks, and software applications from digital assaults. These digital threats typically have the intentions of either evaluating, altering, or compromising confidential data, extracting money from users, or disrupting regular business operations. The task of establishing robust cyber security defenses presents a formidable challenge in the contemporary landscape, chiefly due to the proliferation of devices surpassing the huma

12337597673?profile=RESIZE_400xA look back - All has not been quiet on the malicious cybersecurity front over the past 12 months.  Innovation, cyberattacks and cyberespionage, and data breaches, malicious or inadvertent, have remained a constant.  At the same time, defenders have scored notable victories, including in Ukraine as well as by disrupting some big-name ransomware players.[1]  GovInforSecurity provides 12 notable incidents and trends of 2023 and their implications for the bigger cybersecurity picture:

Clop's MOVEit

12310669452?profile=RESIZE_400xTerrorism, both foreign and domestic, remains a top threat to the Homeland, but other threats are increasingly crowding the threat space.  During the next year, we assess that the threat of violence from individuals radicalized in the United States will remain high, but largely unchanged, marked by lone offenders or small group attacks that occur with little warning.  Foreign terrorist groups like al-Qa’ida and ISIS are seeking to rebuild overseas, and they maintain worldwide networks of support

12309911896?profile=RESIZE_400xStaying Connected - Cruise company Carnival Corporation has agreed a partnership with Neuron, formerly ESpace Networks, to implement Neuron’s vendor-neutral connectivity management platform to optimize internet access on its ships.  The move is part of Carnival Corporation’s wider connectivity optimization strategy, which is focused on providing the best available connection at sea.  The Neuron 360 platform provides an end-to-end view of connectivity operations and real-time data to proactively

12304214882?profile=RESIZE_400xAccording to researchers, despite industries best efforts, 67% of businesses say they need to improve security and compliance measures with 24% rating their organization’s security and compliance strategy as reactive.  The expansion of attack surfaces in a post-pandemic hybrid world, combined with shrinking teams and budgets and the rapid rise of generative AI, are fueling an urgent need for companies to improve and prove their security posture.

For companies of all sizes, limited risk visibilit

12281682657?profile=RESIZE_400xThe attack surface widens by the day, with new threats being posed by artificial intelligence (AI) and increasingly cunning social engineering exploits.  And, while the global cybersecurity workforce has grown to help defend against mounting threats, the gap of required workers remains at an all-time high, according to ISC2’s annual Cybersecurity Workforce Study out today.  To adapt to that reality, the nonprofit member association emphasizes, organizations must move beyond legacy practices.

Yes

12271506890?profile=RESIZE_400xThe cybersecurity landscape is full of threats and new ones are emerging.  This makes it increasingly difficult for businesses to protect themselves and their supply chains from cyberattacks.  One way to mitigate supply chain risk is to implement a global cybersecurity rating system.  This would allow businesses to assess the security posture of their suppliers and identify any potential risks.

Could there be a service/system where businesses could simply check a rating to see how secure their s

12269272496?profile=RESIZE_400xAs October is winding down, we turn our focus to Training.  October 2023 marks the 20th annual Cybersecurity Awareness Month.  While it was initially founded as a national movement in the US, Cybersecurity Awareness Month has since grown into a global initiative.  And for good reason.  Today's cybersecurity market is suffering from a skills gap of 3.4 million trained professionals, with security practitioners being overwhelmed by a continuous onslaught of increasingly sophisticated attacks while

12239558474?profile=RESIZE_400xTo celebrate the 20th Cybersecurity Awareness Month, CISA has launched a new program, meant to promote four critical actions that businesses and individuals can take to improve cybersecurity.  Since 2004, October has been dedicated to raising awareness on the importance of cybersecurity for both private and public sectors, as part of a collaborative effort between government and industry.  This year, CISA is introducing Secure Our World, an initiative to deliver an “enduring message” to be integ

12160815262?profile=RESIZE_400xProtecting your online safety has never been more crucial in today’s digital age, where cybercriminals and hackers lurk around every virtual corner.  The reality of cybersecurity threats, ranging from identity theft to malicious software attacks, can leave us feeling vulnerable and exposed.  However, there is hope! In this blog post, we will explore some of the common cyber threats you may encounter and delve into the crucial role that online security consultants play in safeguarding your digita