Cybersecurity and Data Privacy in the USA: April 22 - 28, 2024

In this week’s Security Spotlight, we look at cybersecurity and data privacy last week with 4,244,763,831 known records breached in 57 newly disclosed incidents. From there, we discuss cloud and supply chain security and explain how organizations can simplify their supply chain risk management. In the latest news, UnitedHealthcare CEO says that “a substantial proportion of people in America” were impacted by the cyberattack and Google is bringing passkey support to its Advanced Protection Program.

Cybersecurity and Data Privacy in the USA: April 22 - 28, 2024

4,244,763,831 known records breached in 57 newly disclosed incidents. Welcome to this week’s round-up of the biggest and most interesting news stories in the USA. Publicly disclosed data breaches and cyber attacks: in the spotlight

• Data scraping site taken offline after billions of Discord messages offered for sale
• Phone tracking app iSharing reveals users’ precise locations

Continue?reading??

Cloud and Other Supply Chain Security: What Questions to Ask

Supply chains tend to be incredibly complex. As a result, many organizations struggle with their supply chain risk assessments.

Yet the risks in the supply chain are significant – particularly with situations like MOVEit Transfer, when threat actors exploited a zero-day vulnerability in software used by thousands of organizations across the globe (and still counting).

So, how can they simplify their supply chain risk management?

Read?more??

ISO 27001 FastTrack?

• This turnkey consultancy package is designed to help organizations reach ISO 27001 certification readiness in just three months
• Includes all the consultancy support you need to help you implement an ISMS (information security management system) quickly and cost-effectively
• An experienced consultant will work with you on the key activities of setting up an ISMS, including the design, development, and implementation

Find out more??

UnitedHealthcare CEO says 'maybe a third' of US citizens were affected by recent hack | TechCrunch

Two months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack.

Last month, Andrew Witty, the CEO of Change Healthcare’s parent company UnitedHealth Group, said that the stolen files include the personal health information of “a substantial proportion of people in America.” Continue?reading??

Google expands passkey support to its Advanced Protection Program ahead of the US presidential election | TechCrunch

Ahead of the U.S. presidential election, Google is bringing passkey support to its Advanced Protection Program (APP), which is used by people who are at high risk of targeted attacks, such as campaign workers, candidates, journalists, human rights workers, and more. Continue?reading??

GDPR Toolkit

The GDPR Toolkit provides:

• A complete set of easy-to-use, customizable, and fully GDPR-compliant templates
• Gap analysis and DPIA (data protection impact assessment) tools that help you identify what you need to do to ensure compliance
• Guidance documents covering data subject consent forms, retention of records, and pseudonymization, minimization and encryption
• Unlimited administration support service

Find out more