DataBreachToday.com

EY's Piotr Ciepiela Discusses Key Challenges in Implementing, Maintaining OT SOCs
Piotr Ciepiela, EMEIA cybersecurity leader at EY, discusses the challenges of securing OT systems and contrasts them with IT SOC environments. He emphasizes the need for specialized tools, dedicated personnel and strong collaboration with engineering teams to manage OT SOC operations.

Patients Still Asked to Bring Paper Records to Appointments Post-Ransomware Attack
McLaren Health Care expects IT disruptions caused by a ransomware attack earlier this month to last through the end of August. While most of McLaren's facilities are open, IT systems across its hospitals, cancer centers and clinics are still affected, including electronic medical record access.

New Version Aims to Ensure AI Safety While Keeping Its Builders Happy
California state lawmakers watered down a bill aimed at preventing artificial intelligence disasters after hearing criticism from industry and federal representatives. The bill still faces opposition from Silicon Valley and Democratic lawmakers.

Robert Boyce on Accenture's Strategy for Assessing the Behavior of Ransomware Gangs
Accenture Global Cyber Resilience Lead Robert Boyce outlines why organizations must assess the stability of ransomware groups before deciding how to respond to extortion threats. He outlines how trustworthiness of ransomware gangs can affect the likelihood of receiving decryption keys after payment.

Action1 Opts For Independence, Believes It Can Become Multi-Billion Dollar Business
Action1 has rebuffed CrowdStrike's interest in acquiring the patch management and vulnerability remediation startup for $1 billion and opted to remain independent. Action 1 has decided to turn down acquisition inquiries since the company believes it can grow into a multi-billion dollar business.

FBI Says Iran, Russia Ramping Up Influence Operations Ahead of National Vote
The FBI confirmed recent reports that Iran hacked into former President Donald Trump’s campaign, saying in a Monday statement the country was attempting "to stoke discord and undermine confidence" in the U.S. democratic process through online influence operations and other malicious efforts.

Explore the Wide Range of Categories and Services and What It Takes to Do the Job
Cybersecurity consulting encompasses a wide array of services and specialties, ranging from high-level strategic guidance to hands-on technical support. Discover the categories and learn how to position yourself as a trusted expert in the cybersecurity consulting field.

Crowded Leak Site May Be a Weakness and Fewer New Players a Sign of Higher Quality
How many ransomware victims pay their attackers a ransom precisely to avoid having their names listed - or their stolen data dumped - on a ransomware group's data leak blog? We don't know, but leak site posts don't correlate well with security firms' telemetry data.

How to Responsibly Embrace AI's Potential to Strengthen Cybersecurity Defenses
Verizon’s 2024 DBIR shows a gap between generative AI's perceived capabilities and its actual use in cyberattacks, citing skyrocketing gen AI "hype" and very low actual gen AI "mentions" alongside traditional attack types. But it's still essential for security leaders to focus on AI risks now.

Aging Technology and Rising Competition Have Created a Need for Greater Investment
The owners of eSentire are exploring a potential sale that could value the company at about $1 billion and attract the interest of private equity firms. The company is hoping to command a valuation equivalent to more than seven times its annual recurring revenue of about $150 million.

Officials Say the Olympic Games Saw 140 Cyberattacks. None Were Successful.
France’s cyber defense agency teamed up with governments and security experts from across the globe to identify and mitigate a historic level of both physical and cyber threats following years of preparation, experts tell Information Security Media Group.

1.3 Million Individuals Being Notified Their Social Security Numbers Were Stolen
Background check firm Jericho Pictures, which does business as National Public Data, is notifying 1.3 million individuals that their personal information was stolen via a December 2023 breach of its systems. The stolen information was listed for sale on a cybercrime market beginning in April.

Cybercriminal Gang RansomHub Claims It Leaked 700 Gigabytes of Lab's Stolen Data
Florida drug testing medical laboratory American Clinical Solutions told federal regulators that 300,000 individuals are caught up in a hacking incident now that criminal gang RansomHub has published 700 gigabytes worth of data stolen from the lab's network.

NYU's Brennan Lodge on Training Your Own Model With Retrieval Augmented Generation
Many cybersecurity organizations hope generative artificial intelligence and large language models will help them secure the enterprise and comply with the latest regulations. But to date, commercial LLMs have big problems - hallucinations and a lack of timely data, said NYU professor Brennan Lodge.