Cyber

Someone leaked thousands of sensitive bank documents from the Treasury Department’s Financial Crimes Enforcement Network to BuzzFeed, which then shared them with the International Consortium of Investigative Journalists. The leaked documents describe how JPMorgan Chase, HSBC, Standard Chartered Bank, Deutsche Bank, and Bank of New York Mellon were allegedly involved in handling the flow of money […]

Foreign and domestic hacking activity targeting NASA continues to grow at a time when at least 75 percent of NASA’s civilian employees are working at home, according to agency officials. An inspector general report released in June found that NASA continues to struggle with implementing cybersecurity policies, despite spending about $2.3 billion on IT, networking, […]

A GAO report states that the Treasury Department isn’t keeping up with tracking how well the financial services sector is mitigating cybersecurity risk, and needs to put data behind its efforts. The department says the same problem that prevented it from developing metrics five years ago remains: the reluctance of financial services firms to share […]

Rather than using expensive outside experts to test the security of wireless networks at the Department of the Interior, inspector general investigators used cheap, readily available hacking tools. They found systematic weakness in the department’s security that a malicious hacker could have exploited to steal data, and their mock attacks were not noticed by either […]

The California legislature passed AB 713, which would create a new healthcare-related exemption under the CCPA. All provisions of the bill will take effect immediately to prevent the CCPA from “negatively impact[ing] certain health-related information and research,” except for certain required contractual provisions. Information is not subject to the CCPA’s obligations if: It is deidentified […]

After some back and forth between the president and the legislature about the date, Brazil’s General Data Protection Law (Lei Geral de Proteção de Dados Pessoais, or LGPD), a law similar to the European Union’s GDPR, is now in effect. Businesses that are GDPR compliant may be well on their way to achieving compliance with […]

Several Senate Democrats are demanding more information about the Department of Veterans Affairs' cybersecurity practices following the disclosure that a breach exposed data on...

A new report surveying government cybersecurity professionals in the U.S., U.K. and Middle East shows a clear perception that collaboration with the private sector is desirable in order to keep pace with change and innovation to ensure robust national cyber defense. For example: 65 percent of government respondents thought the pace of change was too […]

The National Institute of Standards and Technology has a new cooperative agreement with the Internet Keep Safe Coalition (iKeepSafe) to assist the National Initiative for Cybersecurity Education in its outreach efforts to build a K12 community that inspires cybersecurity career awareness with students in elementary school, stimulates cybersecurity career exploration in middle school, and enables […]

A cyber breach can have serious legal, financial, and reputational consequences for a company. As such, cybersecurity threats must be treated as business risks, not just a potential IT problem. Senior management at a company should take the lead to ensure that the company is taking appropriate actions to protect itself against cyber risks. There […]