Category: Uncategorized

A career in cybersecurity necessitates a diverse skill set, including problem-solving talents, technical understanding of security across many platforms, excellent communication skills, and the ability to think creatively and outside the box, among other things.
Download The Economic Times News App to get Daily Market Updates & Live Business News.
More
Read Complete Print Edition

source

DUBLIN–(BUSINESS WIRE)–The “Cyber Security for Medical Devices Training Course” conference has been added to ResearchAndMarkets.com’s offering.

This seminar will provide you with an understanding of cybersecurity and its increasing regulatory focus and how to embed and apply state-of-the-art security in your existing processes to deliver safe and secure products and solutions.
The impact of Cyber Security incidents on society is high, and in critical infrastructures such as healthcare, it impacts the ability for hospitals to provide care. Cybersecurity for medical devices is not just about safety, it should also protect the confidentiality, integrity and availability of systems and data.
Benefits in Attending
Who Should Attend:
Key Topics Covered:
Introduction and Welcome
What is Cybersecurity?
Cybersecurity Regulatory Overview
Security Management Considerations
Security Standards
Security by Design
Security Risk Management
Further Security Considerations
Interactive Discussion Q & A
Speakers
Ben Kokx
Philips
Ben Kokx joined Philips in 2001 as a software designer. He quickly moved into a new role as a product security and privacy officer and worked as such in several business and market positions. As Director Product Security within the central Philips Product Security Office, he is responsible for security related standards and regulations next for the Philips Product Security Policy and Process Framework since 2013.
Ben is a healthcare and IoT security expert who leads and participates in several industry associations and standard development organizations like ISO/IEC JTC 1/SC 27, IEC ACSEC, IEC TC62/ISO TC 215, IEC TC65, ETSI TC-CYBER and others. He is the convenor of CEN/CENELEC JTC 13/WG 6 on product security. Ben is an ENISA eHealth cybersecurity expert, chairs the COCIR Cybersecurity focus group and through DITTA, participates in several public-private organizations such as the IMDRF cybersecurity workgroup.
For more information about this conference visit https://www.researchandmarkets.com/r/5b8gv0
ResearchAndMarkets.com
Laura Wood, Senior Press Manager
press@researchandmarkets.com

For E.S.T Office Hours Call 1-917-300-0470
For U.S./ CAN Toll Free Call 1-800-526-8630
For GMT Office Hours Call +353-1-416-8900
ResearchAndMarkets.com
Laura Wood, Senior Press Manager
press@researchandmarkets.com

For E.S.T Office Hours Call 1-917-300-0470
For U.S./ CAN Toll Free Call 1-800-526-8630
For GMT Office Hours Call +353-1-416-8900

source

Photo: John M Lund Photography Inc./Getty Images
Training is one of the main components of protecting against cyberattacks. And this goes not just for healthcare provider organization employees but also the security managers and staff – especially those looking to get ahead.
This is the topic of “In-house Career Development: Hiring from Within,” an educational session at the HIMSS Healthcare Cybersecurity Forum, December 5-6 in Boston.
The session is a fresh look at cybersecurity training within healthcare organizations and how security leaders and staff also can improve their knowledge, skills and abilities. Cybersecurity training of clinicians is different from that of administrators. Effective, meaningful training is essential not only for the wellbeing of the organization, but also for the employees within.
Notwithstanding this, cybersecurity professionals within organizations also need continuing education. A roadmap will be provided in the session to outline training and educational resources for individuals, organizations, contractors and others.
Melissa Elza, cofounder of GRC for Intelligent Ecosystems, a training and education organization where she serves as the chief people officer and head of the NextCISO Academy, is one of three panelists speaking during the session. She sat down with Healthcare IT News to offer a preview of the Healthcare Cybersecurity Forum session.
Q. How is cybersecurity training for administrators different from training for doctors and nurses?
A. Administrators are the gatekeepers of our private health information. Yes, all staff have to know about HIPAA and the precautions needed to keep that data safe. But the administrators are the ones transmitting our sensitive health data and other PII to the insurance companies, to other doctors, etc.
Administrators especially need role-based training to make sure they understand the types of attackers and what tactics they might use to come after this data. I recently read a statistic that something like 95% of cybersecurity breaches are caused by human error. That’s a staggering number.
Melissa Elza, GRC for Intelligent Ecosystems
That means we could have prevented most breaches through training. It’s incredibly important.
Q. Cybersecurity training that works obviously is good for a healthcare organization. How is it also good for employees, including cybersecurity professionals?
A. The healthcare sector has suffered more than 337 breaches already this year, according to Fortified Health Security’s midyear report. This was reported in September, so that number is absolutely higher now.
More than 19 million records were compromised in those breaches. Healthcare is already a stressful job, especially after the start of the pandemic. If patients are worried about their personal health information getting exposed, that only adds to the pressure of an already tough job.
Figuring out how to reduce these breaches and keep attackers out of our systems benefits everyone. Spending time training people can hopefully also lessen the burden on the triage and forensics teams in those organizations.
Q. What kinds of continuing education do healthcare cybersecurity professionals really need?
A. In cybersecurity, you’re always learning. You have to be. Attackers are figuring out new ways to get into our systems every day, and we have to understand those new threats.
IBM releases a report every year called the “Cost of a Data Breach.” This year’s report said the average cost of a healthcare data breach is now $10.1 million per incident, which was a 9.4% increase from its 2021 report. That number will only keep increasing.
Education never really stops for us. It can’t.
Q. What is an example or two of educational resources for cybersecurity professionals, and where can they find them?
A. At GRCIE, we strongly believe that community is what gets our students across the finish line. I don’t think that changes once they get into the industry.
There are many excellent community organizations that have tremendous reach, like Cloud Security Alliance (CSA), ISACA, ISC2 and Information Systems Security Association (ISSA), which have local chapters in a lot of cities.
If you’re a woman in cyber looking for other women, WiCyS is another wonderful organization supporting other like-minded women. Cyversity is yet another fantastic organization that supports women, minorities and underrepresented individuals.
All of these organizations offer continuing education to their communities. These community organizations bring professionals together so they learn how to protect us from these new threats together. If you’re looking for ongoing learning opportunities, please check these organizations out.
 The HIMSS 2022 Healthcare Cybersecurity Forum takes place December 5 and 6 at the Renaissance Boston Waterfront Hotel. Register here. 
Twitter: @SiwickiHealthIT
Email the writer: bsiwicki@himss.org
Healthcare IT News is a HIMSS Media publication.
More Whitepapers
More Webinars

© 2023 Healthcare IT News is a publication of HIMSS Media

source

The White House
1600 Pennsylvania Ave NW
Washington, DC 20500
Read the full strategy here
Today, the Biden-Harris Administration released the National Cybersecurity Strategy to secure the full benefits of a safe and secure digital ecosystem for all Americans. In this decisive decade, the United States will reimagine cyberspace as a tool to achieve our goals in a way that reflects our values: economic security and prosperity; respect for human rights and fundamental freedoms; trust in our democracy and democratic institutions; and an equitable and diverse society. To realize this vision, we must make fundamental shifts in how the United States allocates roles, responsibilities, and resources in cyberspace.
The Strategy recognizes that government must use all tools of national power in a coordinated manner to protect our national security, public safety, and economic prosperity.

VISION
Our rapidly evolving world demands a more intentional, more coordinated, and more well-resourced approach to cyber defense. We face a complex threat environment, with state and non-state actors developing and executing novel campaigns to threaten our interests. At the same time, next-generation technologies are reaching maturity at an accelerating pace, creating new pathways for innovation while increasing digital interdependencies.
This Strategy sets out a path to address these threats and secure the promise of our digital future. Its implementation will protect our investments in rebuilding America’s infrastructure, developing our clean energy sector, and re-shoring America’s technology and manufacturing base. Together with our allies and partners, the United States will make our digital ecosystem:
The Administration has already taken steps to secure cyberspace and our digital ecosystem, including the National Security Strategy, Executive Order 14028 (Improving the Nation’s Cybersecurity), National Security Memorandum 5 (Improving Cybersecurity for Critical Infrastructure Control Systems), M-22-09 (Moving the U.S. Government Toward Zero-Trust Cybersecurity Principles), and National Security Memorandum 10 (Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems). Expanding on these efforts, the Strategy recognizes that cyberspace does not exist for its own end but as a tool to pursue our highest aspirations.
APPROACH
This Strategy seeks to build and enhance collaboration around five pillars:
1. Defend Critical Infrastructure – We will give the American people confidence in the availability and resilience of our critical infrastructure and the essential services it provides, including by:
2. Disrupt and Dismantle Threat Actors – Using all instruments of national power, we will make malicious cyber actors incapable of threatening the national security or public safety of the United States, including by:
3. Shape Market Forces to Drive Security and Resilience – We will place responsibility on those within our digital ecosystem that are best positioned to reduce risk and shift the consequences of poor cybersecurity away from the most vulnerable in order to make our digital ecosystem more trustworthy, including by:
4. Invest in a Resilient Future – Through strategic investments and coordinated, collaborative action, the United States will continue to lead the world in the innovation of secure and resilient next-generation technologies and infrastructure, including by:
5. Forge International Partnerships to Pursue Shared Goals – The United States seeks a world where responsible state behavior in cyberspace is expected and reinforced and where irresponsible behavior is isolating and costly, including by:
Coordinated by the Office of the National Cyber Director, the Administration’s implementation of this Strategy is already underway.
###
We’ll be in touch with the latest information on how President Biden and his administration are working for the American people, as well as ways you can get involved and help our country build back better.
Opt in to send and receive text messages from President Biden.
The White House
1600 Pennsylvania Ave NW
Washington, DC 20500

source

Sign in
A newsletter briefing on cybersecurity news and policy.
with research by Vanessa Montalbano
A newsletter briefing on cybersecurity news and policy.
Welcome to The Cybersecurity 202! If you want to hear the funniest sequence of noises perhaps in the history of the world, watch this video. Do not worry. No frog is actually harmed in the video so far as I can tell, despite its title. I daresay the frog is quite happy at the conclusion of the video.
Reading this online? Sign up for The Cybersecurity 202 to get scoops and sharp analysis in your inbox each morning.
Below: The FBI says it contained a cyberattack, and GoDaddy reveals it was the target of a multiyear hacking operation. First: 
In recent days, Twitter — and to a lesser extent Facebook parent company Meta — has debuted features that gate off stronger security features for those who pay for them.
It’s a development that seemingly goes against a movement by some U.S. government officials and cyber pros for products to offer strong security to everyone at the outset without additional cost.
And while the Twitter Blue feature and the Meta Verified test initiative could improve security in certain ways, both developments sparked concern, to varying degrees, among cyber observers.
“The thing that strikes me is that security should be baked into everything we do, not a paid-for service,” Charles Henderson, global head of IBM’s X-Force threat management division, told me. “It should be on by default.”
Last week, Twitter published a blog post announcing that as of March 20, only Twitter Blue paid users will be able to use a form of two-factor authentication (2FA) that sends text message codes to users to verify their identities after they enter their passwords. 
“While historically a popular form of 2FA, unfortunately we have seen phone-number based 2FA be used — and abused — by bad actors,” the blog post read.
Separately, over the weekend, Meta — which owns both Facebook and Instagram — said it would begin testing Meta Verified, a paid program that offers enhanced impersonation protections, access to account support and more. 
Twitter last year allowed Twitter Blue subscribers to get blue check marks, which have historically represented “verified” users on the platform. However, the company didn’t require users to provide ID to verify that they were who they said they were, and users impersonated brands like Eli Lilly and Co. The company briefly paused the feature, with Musk saying users would be authenticated. But our colleague Geoffrey A. Fowler was still able to get an account impersonating Sen. Edward J. Markey (D-Mass.) verified.
The Twitter move, in particular, prompted a lot of worry that popped up on … well, Twitter, naturally.
Here’s Dakota Cary, a consultant with the Krebs Stamos Group, in one typical response:
“Pay us or we will remove this security feature” 🙄 pic.twitter.com/5Wq9eVBiFs
Twitter’s announcement comes amid a push by federal cybersecurity officials for tech companies to offer security to customers from the start. Earlier this month, Cybersecurity and Infrastructure Security Agency Director Jen Easterly co-wrote an essay with Eric Goldstein, her agency’s executive assistant director for cybersecurity, making their biggest plea to date about putting security features in the base product rather than charging extra for them.
“Secure-by-default products have strong security features — akin to seat belts and air bags — at the time of purchase, without additional costs. Strong security should be a standard feature of virtually every technology product, particularly those that underpin critical infrastructure such as energy, water, transportation, communications, and emergency services,” the pair wrote.
Easterly herself tweeted out her concern on Twitter’s move, but said she was encouraged about the attention it gave to multifactor authentication (MFA), often an interchangeable term with two-factor authentication:
So yeah, I'll admit I wasn’t (at all) super psyched to read about this change, but I was excited to see more talk about MFA. So, let’s keep it going & get as many @Twitter users on MFA as possible–using an authenticator app or a security key. Start today & help your friends!
One of the most thorough breakdowns of the security worries triggered by the Twitter and Meta moves came from Rachel Tobac, a hacker and CEO of SocialProof Security.
This Twitter 2FA change is nerve-racking because:
1. Only ~2.6% of Twitter users have 2FA on at all (it’s essential for preventing easy account takeover)
Of those 2.6%, 74% use text message based 2FA (https://t.co/WXuFydZk17)
If they don’t pay for Blue they auto lose 2FA on 3/20. https://t.co/LneQojvjbi pic.twitter.com/PgySF3Qyag
Do I think paid verification is the best idea in the world? I don't.
But I'm not a Product Manager so I'll focus on the cybersecurity elements of this roll out.
ID is *essential* in pay-to-play verification, otherwise impersonation goes wild (like we saw in the Twitter roll out) pic.twitter.com/buoE5JEnso
Summarized, Tobac is concerned that forcing people to pay for text-based (also known as SMS) two-factor authentication will push them away from using multifactor authentication altogether. And she’s got questions about whether Meta expanding account support will give cybercriminals a venue to trick customer support employees, as well as how the enhanced impersonation protections will work.
Cybersecurity experts say text message-based forms of two-factor authentication are among the weakest forms, since hackers can intercept them with tactics like sim-swapping, where they trick mobile phone carriers into activating a SIM card in their possession that scammers can then use to take over a victim’s phone number.
But “SMS is vastly better than using a static password” with no two-factor authentication, Bill Malik, vice president of infrastructure strategies at cybersecurity firm Trend Micro, told me.
Still, if text-based two-factor authentication is costing Twitter so much money, one might ask why it’s offering it at all, especially to paying users. Henderson offered the theory that paying users who are using text-based two-factor authentication would be the ones reimbursing its costs.
For Meta, some observers have pointed out that the paid service also requires a government ID to verify a user’s identity, which could make Meta a more tempting hacker target and make a breach worse if criminals obtained those sensitive documents.
Twitter notably isn’t taking away the ability to use multifactor authentication entirely. Users will still be able to employ methods such as Google or Microsoft authentication apps. Here’s security journalist Kim Zetter: 
People tweeting that Twitter is eliminating two-factor authentication are spreading misinfo. It’s just limiting one way to get 2FA codes – getting them sent to yr phone via SMS. You can use other ways to get codes. They even say this in announcement, but everyone is ignoring this https://t.co/6xqzT2O9aa
Meta, for its part, isn’t taking away any existing security features for nonpaying users, like Twitter is doing. And it already has some capabilities for taking down fake accounts and offering customer support chats.
Meta also securely stores IDs for 30 days before deleting them, Meta spokesperson Gabby Curtis told me. And by better protecting creator accounts that have large followings against impersonation, Curtis explained, that could better protect users who might fall victim to scams from fraudsters pretending to be popular creators.
Twitter did not respond to a request for comment Monday.
The FBI has in recent days been working to contain a malicious cyber incident on part of its computer network that has been involved in investigations of child sexual exploitation material, according to people briefed on the matter, CNN’s Evan Perez and Sean Lyngaas report. 
“The FBI is aware of the incident and is working to gain additional information,” the bureau said in a statement to CNN. “This is an isolated incident that has been contained. As this is an ongoing investigation the FBI does not have further comment to provide at this time.”
The people said that the attack likely targeted the FBI’s New York field office — one of its largest and most prominent offices. The bureau has yet to name a suspect. 
Web hosting giant GoDaddy said last week that hackers had access to its computer software for at least the past three years, allowing them to steal company source code and customer and employee data, Sergiu Gatlan reports for Bleeping Computer. 
In a filing Thursday with the Securities and Exchange Commission, the firm also said that over that period the cybercriminals installed malware onto its systems that redirected customer websites to malicious ones. 
GoDaddy, one of the largest domain registrars, first discovered the breach following customer reports early last December, but later linked it to previous incidents in November 2021 and March 2020. 
In those cases, bad actors “gained access to the email addresses of all [1.2 million] impacted customers, their WordPress Admin passwords, sFTP and database credentials, and SSL private keys of a subset of active clients,” and “used their [28,000 customers] web hosting account credentials in October 2019 to connect to their hosting account via SSH,” Gatlan writes. 
“Based on our investigation, we believe these incidents are part of a multiyear campaign by a sophisticated threat actor group that, among other things, installed malware on our systems and obtained pieces of code related to some services within GoDaddy,” the hosting site said in the filing. 
GoDaddy said it is working with law enforcement agencies and external cybersecurity experts to investigate the cause of the breach. 
Spain’s National Court on Friday agreed to a request to extradite a British citizen to the United States over the alleged July 2020 hack of more than 130 Twitter accounts, including those of President Biden, former president Barack Obama, Bill Gates and Elon Musk, the BBC’s Shiona McCallum reports. 
Joseph James O’Connor is wanted by courts in the Northern District of California and the Southern District of New York on 14 charges, including illegal access to computer systems, internet fraud, money laundering and extortion. 
U.S. officials have accused him of hijacking the high-profile Twitter accounts and asking their followers to send bitcoin to an account, promising to double their money.
A court statement said the “necessary conditions” were met for Spain to hand over O’Connor, 23, who was arrested in 2021 in Estepona. The Spanish court also said that he is suspected of hacking the Snapchat account of an anonymous public figure and threatening to publish their nude photos unless he was paid a ransom. 
Spain’s cabinet must first approve the extradition before it is finalized, and his defense team will also have the opportunity to appeal the decision. 
Russian state TV website goes down during Putin speech (Reuters)
Researching North Korea online? You could be victim of a malware attack (Tech Radar)
Russia targets Netherlands’ North Sea infrastructure, says Dutch intelligence agency (Reuters)
Norway seizes $5.84 million in cryptocurrency stolen by Lazarus hackers (The Hacker News)
Guardian staff forced to work out of former brewery after ransomware attack (The Telegraph )
Lehigh Valley Health Network reports cyberattack from suspected Russian ransomware group (The Morning Call)
Major hack at Virgin Media Television in Ireland ‘contained and terminated’ (The Independent)
Semiconductor industry giant says ransomware attack on supplier will cost it $250 million (The Record )
AI is starting to pick who gets laid off ( Pranshu Verma)
🐈🐾💨 Bobcats can run at up to 30 miles per hour. They place their back feet in the same spots where their front feet have stepped to reduce noise when hunting. 🤫
. . .
👋 Visit the Zoo's bobcats Ollie, Yoda and Cheese at the Claws and Paws Pathway exhibit! pic.twitter.com/xNMst8GC15
Thanks for reading. See you tomorrow.

source

What It Takes To Earn A Master’s In Cybersecurity  Forbes
source

Be’er Sheva, Israel – February 20, 2023 – Today, Lenovo^™ (HKSE: 992) (ADR: LNVGY) established the Lenovo Cybersecurity Innovation Center (LCIC) in cooperation with Ben-Gurion University of the Negev, a leading Israel-based cyber security research institution. The center will focus on zero-trust architecture innovation in hardware and below-OS security, as well as serve as a hub for the development of next-generation security solutions. The LCIC offers Lenovo customers an attestation lab and access to industry insights and information exchange through an on-site briefing center.
The variety and severity of cyber threats are increasing as criminal hackers employ more sophisticated tools to an ever-growing threat surface of computing solutions run by businesses, governments, and consumers.
According to Lenovo’s global “Data For Humanity” report in November 2022, IT security is the top consideration when deciding to invest in digital transformation solutions across small, medium, and large businesses. Monitoring and assessing threats combined with research and reporting by LCIC cybersecurity professionals will empower more strategic and effective responses.
Israel is internationally recognized for being a center of the cybersecurity industry, and Be’er Sheva is home to cybersecurity R&D centers for several global technology companies. The LCIC will be staffed and managed in coordination by cybersecurity experts from Lenovo and Ben-Gurion University.
“Cybersecurity is one of the top priorities of CIOs today,” said Nima Baiati, Executive Director & GM, Commercial Cybersecurity Solutions, Lenovo. “Lenovo opening the new security innovation center with Ben-Gurion University gives us access to a global nexus of security innovation, our customers’ access to world-leading experts, and will help us create even stronger products across our portfolio.”
Solutions developed at LCIC will be incorporated into ThinkShield, Lenovo’s portfolio of hardware, software, and services with enhanced security features. The portfolio for comprehensive end-to-end security provides advanced solutions in the forms of built-in platform security and device protection, threat and data protection, and security management tools that help protect critical business information.
“Ben-Gurion University is committed to maintaining its cybersecurity research leadership not just in Israel, but also globally, and to apply the most recent academic knowledge and research to real-world issues,” said Prof. Yuval Elovici, Head of Ben-Gurion University Cyber Security Research Center. “As part of this vision, we are eager to team-up with industry leaders who share our values and aspire to serve as a model for the industry by actively pursuing cybersecurity excellence and innovation. Therefore, we would like to welcome Lenovo as our new partner in this digital battle against cyber threats. We are excited to work together in our jointly established center for new cybersecurity technologies with a particular emphasis on zero trust architecture and next-generation security innovation. The center’s work will become part of Lenovo’s cybersecurity portfolio and help further drive security innovation for Lenovo’s customers.”
“The dedication of the Lenovo Cybersecurity Innovation Center at Ben-Gurion University of the Negev demonstrates our ongoing success in collaborating with key industry partners. The University’s collaborations with industry are key for developing technologies and capabilities, as well as critical to the strengthening the Negev region. One of our greatest assets as a University – one might say, our expertise – is forging strong relationships with our global partners in industry,” said Ben-Gurion University President Prof. Daniel Chamovitz.
About Lenovo
Lenovo (HKSE: 992) (ADR: LNVGY) is a US$70 billion revenue global technology powerhouse, ranked #171 in the Fortune Global 500, employing 82,000 people around the world, and serving millions of customers every day in 180 markets. Focused on a bold vision to deliver smarter technology for all, Lenovo has built on its success as the world’s largest PC company by further expanding into key growth areas including server, storage, mobile, solutions and services. This transformation together with Lenovo’s world-changing innovation is building a more inclusive, trustworthy, and sustainable digital society for everyone, everywhere. To find out more visit https://www.lenovo.com, and read about the latest news via our StoryHub.
LENOVO and THINKSHIELD are trademarks of Lenovo. All other trademarks are the property of their respective owners. ©2022 Lenovo
At the new Lenovo factory in Budapest, Hungary, teams use the latest innovation to advance Lenovo’s efforts against climate change.
For Cybersecurity Awareness Month, Doug Fisher explores how we need more qualified, talented people to consider cybersecurity as a career.
SentinelOne delivers real-time prevention, ActiveEDR, IoT security, and cloud workload protection powered by patented Behavioral AI to Lenovo customers.

source

November 22, 2022 – Globally, there is a severe talent shortage in the cybersecurity job market. The World Economic Forum (WEF) recently reported a shortage of 3 million cybersecurity professionals around the globe. Furthermore, Cybersecurity Magazine, recently revealed that there will be 3.5 million open positions in cybersecurity by 2025 due to the global workforce shortage. The lack of cybersecurity experts has left many businesses in a tight spot, according to new report from TriSearch’s Travis Thomas. The National Center for Education Statistics (NCES) says that companies now see cybersecurity as a mission-critical task, so the demand for cybersecurity professionals is growing faster.
In the wake of the digital transformation, cyber attacks have become more prevalent. “Consequently, there is a high demand for cybersecurity professionals in the job market due to a lack of qualified individuals to manage and secure the online world,” said Mr. Thomas. “An acute shortage of cybersecurity workers in the United States is hurting organizations irrespective of their size.”  According to a recent IBM report, cyber security job postings currently account for 13 percent of all IT jobs.

What are the causes of the cybersecurity workforce shortage? Mr. Thomas says that it is difficult to attract and retain qualified cybersecurity professionals without the help of an external search firm specializing in the network security and cybersecurity market. He also offers up some of the main causes for the shortage:
“The lack of cybersecurity professionals has led to various issues, such as an increase in malicious breaches and the theft of personal and financial information.,” said Mr. Thomas.. “The nation’s digital and cyberinfrastructure, including its economic, utility, and transportation networks, is under threat, and the situation appears to worsen by the day. Cloud security, application security, and security assessment/investigations are the top three technological domains most impacted by a cybersecurity skills shortage. When there aren’t enough people with these skills, employers must pay more for them.”

Source: Tech Target
Everyone Is at Risk from Cybercrime
From high-profile multinational corporations, SMEs, to start-ups, and government agencies, no one is immune to cybercrime threats. According to IBM, SMEs are hit by 62 percent of all cyber attacks, about 4,000 per day. Cybercrime in a Pandemic World: The Impact of COVID-19 Findings, a report released in 2021 by McAfee Enterprise and FireEye, emphasized the urgent need for enterprises to prioritize and upgrade their cybersecurity infrastructure. On average, cybersecurity jobs are currently more lucrative than others in IT. According to the statistics, 81 percent of enterprises saw elevated cyber attacks during the pandemic. In May 2020, the chief of UN Disarmament said that even though the COVID-19 pandemic has led to more technological innovation and online collaboration, it has also led to more cybercrime. During the current crisis, the number of malware emails has gone up by 600 percent.

Source: Palo Alto Exam
“Furthermore, small businesses are an easy target for cybercriminals,” Mr. Thomas said. “They steal data in order to hijack bank accounts, submit false tax returns, and even obtain customers’ personal identification information to perpetrate health insurance fraud.”
The Demand for Seasoned Cybersecurity Professionals is Surging Substantially
As technology becomes more digitally connected, the need for cybersecurity specialists will increase in the coming years, according to Mr. Thomas. “Security threats will grow in parallel with the Internet of Things and cloud computing,” he said. “As a result, the demand for expertise to tackle these issues will also surge. Managing cybersecurity is important, and employers need to look for people with experience and a good track record.”
The Best Solution to Tackle the Issue of the Cybersecurity Skills Gap
Mr. Thomas notes that the best way to tackle the skills shortage problem is to hire cybersecurity professionals you cannot afford. “Regardless of how crazy it sounds, hiring even one seasoned cybersecurity professional instead of five average cybersecurity professionals can make a big difference,” he said. “A beginner will not provide the same level of quality work as a seasoned cybersecurity professional.
Hiring seasoned cybersecurity professionals is not as expensive as you might assume. You need to find the right candidate.”
Travis Thomas ,VP, U.S. technology practice at TriSearch, has spent two decades unlocking hidden value for his clients at the intersection of talent, leadership, culture, strategy, and innovation. He is an experienced strategic leader and active listener with experience working in executive search, professional services, account management, and knowledge management. 
“To encourage seasoned cybersecurity professionals, you can provide them with enticing benefits such as competitive compensation packages, free lunches, healthcare coverage, flexibility, bonuses, and even stock options,” Mr. Thomas said. “It would be best if you made them aware of what you could offer now and in the future. Only lucrative opportunities can help retain good employees and make them loyal and committed to their employer. Simultaneously, you must take steps to limit burnout by reducing the burden of cybersecurity teams so that the staff does not feel intimidated by dealing with various challenges.”
Related: Retaining Your Employees During the Great Resignation
The longer an employee continues working with the company, the less it costs in terms of recruitment, replacements, and training. Consequently, this helps employers save a lot of money in the long run. Mr. Thomas offers a few reasons why hiring an expert you think you probably couldn’t afford in the competitive cybersecurity market makes sense:
These solutions can help organizations attract competent security personnel and confidently address their cybersecurity demands, according to Mr. Thomas. “As more people enter the cybersecurity industry with suitable degrees and reduce the existing gap, the talent shortage will not last forever,” he said. “Until then, businesses must implement strategies to mitigate the impact of the ongoing skills shortage by building a happy and content cybersecurity staff of seasoned individuals. If you choose the wrong candidate, you will end up exposing your company to more cyber threats and having to start back at the drawing board to search for the right talent. If you hire the right talent, you will be well-positioned to fend off attacks, safeguard your organization, and outperform your competitors in all business aspects.”
Mr. Thomas also notes that choosing the right candidate implies that you have made a substantial investment that is likely to pay off in the long run. “Again, once you are used to employing the best, you will soon learn to identify top-notch talents,” Mr. Thomas said. “Last but not least, well versed and brighter professionals will not only benefit your organization; they will also challenge you to be a better version of yourself with their enthusiasm, ideas, and commitment. Hire the professionals you think you can’t afford, and you will soon realize how valuable and affordable they prove to your company in the long run.”
Related: Hiring Top Talent in Unprecedented Times
Contributed by Scott A. Scanlon, Editor-in-Chief; Dale M. Zupsansky, Managing Editor; and Stephen Sawicki, Managing Editor – Hunt Scanlon Media
Bespoke Partners Launches Strategic Resourcing Group to Serve PE Outfits
Building the Best PE and VC Leadership Teams in 2023
Reasons New Hires Don’t Always Work

source

Following on from our alert in relation to technology, data privacy, cybersecurity and IP legal developments to look out for in 2023, this update outlines some of the potential developments and trends in the UK cyber incident response landscape for 2023. 
Increased litigation risk for cyber breach victims – the Information Commissioner’s Office begins naming and shaming data breach victims
At some point in summer 2022¹, the UK Information Commissioner’s Office (the “ICO“) quietly began publishing the names of organisations who have notified them of a data breach or cyber incident. Historically, the ICO would keep such notifications confidential in an effort to promote prompt and transparent notifications from such companies.
However, since as early as 2019, the ICO have publicly committed to an open and transparent approach to its work and in particular in relation to the organisations which it regulates and the data breaches suffered by such organisations. This shift was further emphasised in a November 2022 speech by the Information Commissioner himself, John Edwards, and the move towards the publication of breach data appears to be related to this commitment to an open and transparent approach. It is unclear why the ICO have only moved to implement such an approach now, however.
In his speech, Mr Edwards sought to redirect the emphasis of the ICO’s enforcement activity away from the use of fines and private reprimands (for those breaches those deemed to be the most serious in nature) as the ICO’s primary method of enforcement towards one in which all reprimands in relation to cyber breaches would be made public, subject to there not being a good reason not to publish such reprimand.
This approach, Mr Edwards argued, is necessary not just because it is in line in with the ICO’s commitment to open and transparent regulation but also to act, in and of itself, as a form of enforcement and/or deterrent by way of public ‘naming and shaming’. In relation to public authorities in particular, Mr Edwards argued that fines alone were not enough as such fines simply passed between government authorities and ultimately into the consolidated account at the Treasury and thereby did not act as an effective deterrent.
In relation to private organisations, the levels of fines seen to date (although at times significant) may not, in the view of the ICO, act as sufficient deterrent. In introducing the publication of data breach reprimands, the ICO therefore hopes to introduce deterrent through making such organisations publicly accountable for their failures in relation to the data breach in question.
What data does the ICO publish?
The details in relation to breach and cyber incidents are now published in three datasets relating to the following, and are available in relation to incidents from Q4 2021 onwards:
The datasets published by ICO are high-level and do not contain detailed information beyond the name of the victim, the categorisation of the incident and the outcome of the ICO information. Detailed information in relation to the nature, extent or method of attack or of the nature of the affected data is not included in any public ICO datasets.
What does this mean for litigation risk?
The success of such measures in meeting the ICO’s stated aims (i.e. deterring poor behaviour or encouraging good practices in relation to cybersecurity) remains to be seen. However, the effect on organisations named in the data published by the ICO may have a profound effect on the litigation risk landscape for such companies.
In particular, it is likely that claimant law firms may begin monitoring ICO publications for the details of such data breaches and, depending on the nature of the breach, the organisation in question and the potential pool of claimants, may look to bring collective actions. It is likely that ‘repeat offender’ organisations will be the particular target of such claimant law firms, given the fact that repeated incidents are likely to increase the viability and/or quantum of potential claims. Similarly, individuals who are customers, employees or other potential data subjects of victim organisations may make data subject access requests or bring their own individual actions against such companies.
In addition to the development of a robust incident response plan in case of a cyber incident, companies should be aware that any report made to the ICO may now become public information. Victim organisations should therefore consider engaging outside legal counsel at the earliest possible stage of any incident in order that the increased litigation risk arising from the potential ICO publication of the fact of the incident can be considered alongside the other legal and business factors arising in the course of any incident.
Cyber-risk and insurability – companies facing increased premiums and cyber-related requirements from insurance providers
In the wake of an increase in the frequency and severity of cyber-related incidents, several insurers have warned of the risk that cyber incidents could become uninsurable, particularly in the case of ransomware attacks and for organisations whose cyber architecture relates to or is connected to critical national infrastructure.
This increased risk is being reflected in significantly increased premiums and, in many cases, increasing cyber insurance exclusions related to certain types of software or known vulnerabilities. Lloyd’s of London forecast in December 2022 that the global cyber insurance market is likely to grow from US$12 billion in annual premiums today to over US$60 billion in the next five to 10 years. Similarly, Lloyd’s announced in September 2022 that all standalone cyber policies would have an exemption for state-backed cyber-attacks.
Companies are likely to face increased pressure from insurance providers to develop and demonstrate a documented strategy to mitigate their cyber threat in order to ensure that they are able to renew or enter into cyber-related insurance policies, without facing unacceptably high premiums. Such measures are likely to include a detailed consideration of IT-related measures in addition to a cyber response plan developed and tested in conjunction with external counsel, where appropriate.
Ransomware attacks continue to proliferate – the preservation of evidence in anticipation of litigation during cyber incident response
The first high-profile UK ransomware-related cyber incident of the year occurred just 12 days into 2023. The attack on Royal Mail on 12 January 2023 which, according to reports was carried out by an affiliate of the LockBit ransomware group². The incident led to Royal Mail suspending international shipping services for five days and is thought to have had a significant indirect impact on UK-based businesses that rely on international orders.
The cyber incident at Royal Mail comes just weeks after The Guardian suffered a similar ransomware incident, impacting all areas of its IT infrastructure and forcing staff to work from home until at least the end of February 2023. There have also been several other high profile cyberattacks in the opening weeks of 2023.
These are just the attacks that are made public. As explored in our November 2022 update, such attacks are likely to continue to increase in frequency and scale, and companies should therefore be prepared, both in relation to increasing cybersecurity measures by way of defence against such attacks, and in relation to its cyber incident response should the worst happen. A study by Gartner in 2022, predicted that by the end of 2023, modern data privacy law will cover 75% of the world’s population. Given the increased applicability and scope of such legislation, the possibility of cyber incident related litigation has only increased.
The litigation risk arising out of such cyber incidents is potentially significant, and organisations that are impacted by such attacks should be mindful in particular of the importance of preserving evidence in relation to such attacks. The preservation of evidence has a two-fold benefit: i) to obtain a full incident overview and to establish a basis for threat containment and/or eradication, and ii) to fulfil the evidentiary requirements for possible litigation at a later date. The latter consideration is often neglected during the development of a cyber incident response plan and should be carefully considered at the outset of any response. Similarly, whilst a resumption of normal operations is always a priority, care should be taken to avoid the inadvertent destruction of evidence during the rebuild or remediation phases of an incident. 
The applicability and scope of whether a litigation-related duty to preserve evidence arises is highly dependent on the facts of the individual incident in question, and includes complicated considerations of the applicable legal framework arising out of the jurisdictions involved in the incident. Organisations should, in conjunction with external counsel, adopt a risk-based approach to the preservation of evidence which in any event should involve steps to preserve key information in relation to any incident including (but not limited to) metadata, a forensic image of the affected systems, security logs and other relevant incident-related data.
The UK Ransomware Enquiry – potential for significant regulatory changes in relation to cyber incident response for UK companies
In the UK, there are a number of cyber-related regulatory changes recently implemented or in the works. In particular, the UK Ransomware Enquiry was launched by the Joint Committee on the National Security Strategy in October 2022 (the “Enquiry“), in conjunction with UK National Cyber Security Centre (“NCSC”). The Enquiry closed for written evidence on 16 December 2022. The purpose of the Enquiry is to explore the increasing trend of ransomware attacks and the impact on organisations in the UK. It is primarily aimed at understanding the threat posed by ransomware attacks, the impact on victims, and the measures organisations can take to prevent or respond to these attacks.
It is difficult to predict the exact outcome of the Enquiry, as it is still ongoing and the findings have not yet been released. However, the NCSC is likely to make recommendations for improving the security of organisations in the UK in the face of increasing ransomware attacks. Some potential outcomes of the Enquiry may include:
Ultimately, the outcome of the Enquiry is expected to assist organisations in the UK better understand the threat posed by ransomware attacks and take steps to improve their security posture. Mayer Brown will issue a further update in relation to the findings of the Enquiry after the committee has published its findings but companies should be aware that the changes arising out of the Enquiry, and the actions required by in-scope companies, could be significant.
A number of other significant technology, data privacy, cybersecurity and IP legal developments are also expected in 2023 and are explored in detail in our January 2023 update, Looking Ahead – Technology, Data Privacy, Cybersecurity and IP developments in 2023.
Next steps for organisations
Organisations should take steps now to ensure they have a robust cyber incident response plan in place, developed in conjunction with external legal counsel. Such a plan should be thoroughly tested and periodically updated to ensure it captures and responds to changes in best practice (including any new applicable government guidance) as well as developments in the organisational or technological infrastructure of the organisation. The plan should be developed by reference to the relevant cyber insurance policy, ensuring that any specific policy requirements or exclusions are considered and the incident response plan developed accordingly.
¹ The ICO made no public announcement about the introduction of cyber breach victim lists but data from archived webpages suggests they were introduced at some point in July or August 2022.
² See: ‘LockBit ransomware gang claims Royal Mail cyberattack’ https://www.bleepingcomputer.com/news/security/lockbit-ransomware-gang-claims-royal-mail-cyberattack/
European Data Protection Board Issues Opinion on EU-US Data Transfers
White House Releases National Cybersecurity Strategy
Illinois Supreme Court’s Most Recent BIPA Decision Exponentially Increases Potential Exposure for Businesses
Mayer Brown is a global services provider comprising associated legal practices that are separate entities, including Mayer Brown LLP (Illinois, USA), Mayer Brown International LLP (England & Wales), Mayer Brown (a Hong Kong partnership) and Tauil & Chequer Advogados (a Brazilian law partnership) and non-legal service providers, which provide consultancy services (collectively, the “Mayer Brown Practices”). The Mayer Brown Practices are established in various jurisdictions and may be a legal person or a partnership. PK Wong & Nair LLC (“PKWN”) is the constituent Singapore law practice of our licensed joint law venture in Singapore, Mayer Brown PK Wong & Nair Pte. Ltd. Details of the individual Mayer Brown Practices and PKWN can be found in the Legal Notices section of our website.
“Mayer Brown” and the Mayer Brown logo are trademarks of Mayer Brown.
Attorney Advertising. Prior results do not guarantee a similar outcome.

source

An official website of the United States government
Here’s how you know
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
JavaScript appears to be disabled on this computer. Please click here to see any active alerts.

March 3, 2023
WASHINGTON – Today, the U.S. Environmental Protection Agency (EPA) is releasing a memorandum stressing the need for states to assess cybersecurity risk at drinking water systems to protect our public drinking water. While some public water systems (PWSs) have taken important steps to improve their cybersecurity, a recent survey and reports of cyber-attacks show that many have not adopted basic cybersecurity best practices and are at risk of cyber-attacks — whether from an individual, criminal collective, or a sophisticated state or state-sponsored actor. This memorandum requires states to survey cyber security best practices at PWSs.
“Cyber-attacks against critical infrastructure facilities, including drinking water systems, are increasing, and public water systems are vulnerable. Cyber-attacks have the potential to contaminate drinking water, which threatens public health,” said EPA Assistant Administrator for Water Radhika Fox. “EPA is taking action to protect our public water systems by issuing this memorandum requiring states to audit the cybersecurity practices of local water systems.”
“Americans deserve to have confidence in their water systems resilience to cyber attackers. The EPA’s new action requires water systems to implement adequate cybersecurity to provide that confidence. EPA used a flexible approach to enable water systems to craft the most effective ways to protect water services. The EPA’s action is another step in the Administration’s relentless focus on improving the cybersecurity of critical infrastructure by setting minimum cybersecurity measures for owners and operators of the water, pipelines rail other critical services Americans rely on,” said Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technologies.
The memorandum conveys EPA’s interpretation that states must include cybersecurity when they conduct periodic audits of water systems (called “sanitary surveys”) and highlights different approaches for states to fulfill this responsibility.
EPA is providing technical assistance and resources to assist states and water systems as they work towards implementation of a robust cybersecurity program. EPA’s guidance entitled “Evaluating Cybersecurity During Public Water Sanitary Surveys” is intended to assist states with building cybersecurity into sanitary surveys. It includes key information on options for evaluating and improving the cybersecurity of operational technology used for safe drinking water. While this guidance is designed to be used right away, EPA is also requesting public comment on Sections 4-8 of the guidance and all Appendices until May 31, 2023. To submit comments, please email wicrd-outreach@epa.gov. EPA plans to revise and update this document as appropriate based on public comment and new information.
EPA’s robust technical assistance program has already proven effective in aiding systems with their cybersecurity and EPA looks forward to working with other entities in the future.
“The Minnesota Department of Health Drinking Water Protection program is looking forward to EPA’s release of guidance related to cybersecurity at public water supplies,” said Kim Larsen, Minnesota Department of Health Regional Supervisor. “This guidance will help to support our programs overall mission to protect public health.”
“EPA’s cybersecurity technical assistance program provided a wonderful jumping-off point to work on improving the cybersecurity of the water and sewer systems,” said Amy Rusiecki, Assistant Superintendent of Operations, Town of Amherst Public Works, Massachusetts. “The program armed us with the tools to have the appropriate conversations with the Town’s IT staff and our water/sewer staff to take small steps towards improvement. The roadmap for how to correct the Town’s vulnerabilities is still driving decisions today.”
“With the help of the EPA’s cybersecurity technical assistance program’s free cybersecurity assessments and technical assistance, [we] were able to submit our cybersecurity program to the New Jersey Cybersecurity and Communications Integration Cell (NJCCIC) with a Security Scorecard of 83 out of 100,” said Martin O. Hawlet, Superintendent, Atlantic Highlands Water Department, New Jersey.
“While cybersecurity can be a bit overwhelming for Operators in the water sector, it is comforting to know that we can engage with EPA’s cybersecurity technical assistance program to assist with a comprehensive assessment of risk and vulnerability for our community’s water system,” said Jason C. Randall, Superintendent, Plymouth Village Water & Sewer, New Hampshire. “The Cyber Action Plan deliverable is now our roadmap to implement recommended best practices, improving our cyber incident preparation, response, and recovery. These cyber actions ultimately protect our assets, employees, and the citizens we serve.”
“Cybersecurity is very important to our water utility. We understand its importance; however, we don’t have any employees that are professionally trained to ensure the safety of our network. Thankfully, USEPA offered assistance to our utility at no cost via the Cybersecurity Technical Assistance Program,” said Eric Kiefer, Manager, North Shore Water Commission, Wisconsin. “As a participant of this program, our water utility was able to identify and rank the severity of our vulnerabilities. With targeted improvements, we have significantly reduced our exposure to cybersecurity threats and improved our ability to successfully recover from a disaster.”
To further assist public waters systems and states, EPA will be offering additional training on how to implement best practices for cybersecurity and use the available resources. EPA is also offering consultations with subject matter experts and direct technical assistance to water systems to conduct assessments of their cybersecurity practices and plans for closing security gaps.
Additional tools, updates on training, resources, and information about assessing cybersecurity in sanitary surveys.
Background
Cybersecurity represents a substantial and increasing threat to the water sector, given the relative ease of access to critical water treatment systems from the internet. Currently, many water systems do not implement cybersecurity practices. Efforts to improve cybersecurity through voluntary measures have yielded minimal progress to protect the nations vitally important drinking water systems.
Water security planning has been a critical component of EPA and of state efforts to ensure the provision of clean and safe water since the increased threat of terrorism and malevolent attacks after 9/11. Through their sanitary survey programs, states have worked with PWSs to identify and protect against physical security vulnerabilities. PWSs have increasingly relied on the use of electronic systems to operate drinking water systems efficiently. As a result, incidents of malicious cyber activity on PWSs have shut down critical treatment processes, locked up control system networks behind ransomware, and disabled communications used to monitor and control distribution system infrastructure like pumping stations. Including cybersecurity in PWS sanitary surveys, or equivalent alternate programs, is an essential tool to address vulnerabilities and mitigate consequences, which can reduce the risk of a successful cyberattack on a PWS and improve recovery if a cyber incident occurs.
EPA engaged extensively with states, the Water Sector Coordinating Council, the Water Government Coordinating Council, and individual water associations to build their awareness, understand issues, and address concerns while developing the Memo and guidance. 

source