Category Archives: resilience

A Journey in Organizational Resilience: Insider Threats

Posted on by

Very much like privacy concerns, insider threats may not be the first issue to come to mind when building an enterprise cyber resilience plan. However, they should be. Here is why: because as we noted in the first piece of this series, you want to be able to bend while others break. An insider threat […]

The post A Journey in Organizational Resilience: Insider Threats appeared first on Security Intelligence.

Continue reading A Journey in Organizational Resilience: Insider Threats

2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

Posted on by

“How many millions did you pay threat actors in a ransomware attack?” “Which investments most significantly improved cyber resiliency for your organization?” “Do you have a cybersecurity incident response plan that’s applied consistently across your enterprise?” The answers to these and other key questions produced several notable findings in the latest 2021 Cyber Resilient Organization […]

The post 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR appeared first on Security Intelligence.

Continue reading 2021 Cyber Resilient Organization Study: Rise of Ransomware Shows the Need for Zero Trust and XDR

Hackers disrupt networks at San Diego medical provider, Kansas organ transplant facilitator

Posted on by

A pair of hacks at health care organizations revealed in recent days highlights the enduring cybercriminal threat to the sector as the U.S. makes progress in fighting the coronavirus pandemic. Scripps Health, a San Diego-based nonprofit system with five hospital campuses, on May 1 said that it had suspended access to IT applications that support its health care facilities following a “security incident.” The incident forced Scripps to reschedule some patient appointments for Saturday and Monday, but “patient care continues to be delivered safely and effectively at our facilities,” the nonprofit said in a statement on its Facebook page. (Scripps’ website was still down by press time on Tuesday morning.) Meanwhile, Midwest Transplant Network, a Kansas-based organization that connects organ donors with recipients, said it had been working to determine if patients’ personal health data had been affected by a recent breach. NPR affiliate KCUR reported that some 17,000 people […]

The post Hackers disrupt networks at San Diego medical provider, Kansas organ transplant facilitator appeared first on CyberScoop.

Continue reading Hackers disrupt networks at San Diego medical provider, Kansas organ transplant facilitator

Building resilience for Government and Defence organisations in 2021

Posted on by

The past 12 months have been a challenging year for security professionals everywhere. But in particular for government and defence organisations battling the growing intensity and sophistication of cyber threats in a year heavily influenced by th… Continue reading Building resilience for Government and Defence organisations in 2021

Biden says US will ‘raise the cost’ for Russian hackers after espionage campaign

Posted on by

President Joe Biden on Thursday said the days of the U.S. “rolling over in the face of Russia’s aggressive actions” in cyberspace were over as he pledged to make the U.S. government more resilient in the face of hacking. “We’re launching an urgent initiative to improve our capability, readiness and resilience in cyberspace,” Biden said in his first major foreign policy address as president. “We’ve elevated the status of cyber issues within our government,” Biden added, citing his appointment of National Security Agency veteran Anne Neuberger as deputy national security adviser for cyber and emerging technology.   Biden has made responding to a suspected Russian hacking operation against multiple U.S. government agencies a priority in the early days of his presidency. He has tasked U.S. intelligence agencies with assessing the damage from computer intrusions in which suspected Russian attackers exploited key technology providers to breach numerous Fortune 500 firms and […]

The post Biden says US will ‘raise the cost’ for Russian hackers after espionage campaign appeared first on CyberScoop.

Continue reading Biden says US will ‘raise the cost’ for Russian hackers after espionage campaign

Cyberattack disrupts services at crane manufacturer Palfinger

Posted on by

Palfinger, an Austrian firm that makes cranes and other machinery, said Monday that an “ongoing global cyberattack” had disrupted the company’s ability to process orders and shipments of its equipment. Email services across the company were down in an incident that was causing “massive effects on its IT infrastructure,” Palfinger said in a statement greeting visitors to its website. The possible suspects, the malicious software used and the possible length of the recovery process all remained unclear at the time of publication. Palfinger has much at stake in keeping the IT supporting its logistics functioning. The company has 33 manufacturing and assembly sites in Asia, Europe and North and South America, according to its website, and reported more than $2 billion in revenue in 2019. “In the manufacturing business, time is money, so the disruption of Palfinger’s IT services, as well as order processing and shipment delays, translates to lost […]

The post Cyberattack disrupts services at crane manufacturer Palfinger appeared first on CyberScoop.

Continue reading Cyberattack disrupts services at crane manufacturer Palfinger

Building Cognitive Resilience for Crisis Response

Posted on by

Despite the rapidly growing threat landscape and increasingly sophisticated cyberattacks, organizations are still using traditional tabletop exercises for crisis response prep. Companies across all industries are being dragged onto the front lines by … Continue reading Building Cognitive Resilience for Crisis Response

How the US military used a creepy island to test cyberattacks on the grid — in the middle of a pandemic

Posted on by

The U.S. government officials trying to test the country’s ability to respond to a major cyberattack thought they had pulled out all the stops. Engineers had planned to simulate the kind of security incident that would cause an electrical blackout, after all, and had even planned to hold the event on an isolated island off the coast of New York. Even with all that preparation, a once-in-a-century pandemic still wasn’t in the script. Until this year, National Guard personnel, Pentagon contractors and engineers at big U.S. utilities would typically gather in person to run through exercises involving dire scenarios, from a weeks-long power outage to a mock attack on utility computers that appeared to delete data. In October, though, COVID-19 forced planners from the departments of Defense and Energy to figure out how to run the event virtually, with participants plugged in from around the country. And they used the […]

The post How the US military used a creepy island to test cyberattacks on the grid — in the middle of a pandemic appeared first on CyberScoop.

Continue reading How the US military used a creepy island to test cyberattacks on the grid — in the middle of a pandemic

GAO criticizes rollout of two key Trump administration cyber initiatives

Posted on by

In September 2018, the White House announced a new federal cybersecurity strategy to make critical infrastructure more resilient to hacking, shore up supply chains and “identify, counter, disrupt, degrade and deter behavior in cyberspace.” The ambitious document, which the White House described as the United States’ “first fully articulated cyber strategy” in 15 years, aimed to reduce the occurrence of damaging cyberattacks on U.S. interests. Two years later, a review of the strategy by the Government Accountability Office, a nonpartisan congressional agency, has found key gaps in the way the White House is trying to execute that plan. In the face of persistent cyber-threats from foreign powers, the Trump administration’s effort to mobilize resources to fix important U.S. security weaknesses risks coming up short without a better plan to execute the strategy, GAO said in a report published Tuesday. The National Security Council’s implementation plan for the strategy does not include […]

The post GAO criticizes rollout of two key Trump administration cyber initiatives appeared first on CyberScoop.

Continue reading GAO criticizes rollout of two key Trump administration cyber initiatives

Senior Department of Energy cyber official to step down

Posted on by

Bruce Walker, who has served as a senior Department of Energy official focused on cybersecurity since 2017, is leaving his post later this month to work at a security nonprofit, CyberScoop has learned. As an assistant Energy secretary, Walker has been a key player in the department’s efforts to protect U.S. utilities from state-sponsored hacking threats. He also has helped implement a White House executive order in May that keeps federal agencies and companies from installing risky foreign-owned equipment in the electric sector. Walker confirmed to CyberScoop that he will continue some of this work in the nonprofit sector by joining a new resiliency organization — dubbed the Analysis & Resilience Center — that helps financial and energy companies protect themselves from cyberthreats. Walker previous spent nearly two decades at New York utility Con Edison. At the Department of Energy, Walker has worked closely with Alexander Gates, a National Security Agency veteran who was […]

The post Senior Department of Energy cyber official to step down appeared first on CyberScoop.

Continue reading Senior Department of Energy cyber official to step down