The Cybersecurity Roundup

Things have changed since Covid. Cyber attacks are up exponentially (74% year to date over the same period last year according to Kaseya). In today's rapidly evolving digital landscape, cybersecurity has become paramount, a necessity rather than a luxury. The increasing sophistication of cyberattacks poses a grave threat to individuals, businesses, and even critical infrastructure. In this edition of The Cybersecurity Roundup, we bring you the latest news and developments from the front lines of the cyber battlefield plus a blog post explaining cyber insurance, why you need it and what coverages and amounts are sufficient in a policy.

Top Stories:

1. Massive US Military Contractor Background Check Data Leak [Link: https://cybernews.com/security/us-mc2-background-check-data-leak/]

Summary: A massive data leak involving a prominent US military contractor has exposed sensitive background check information on millions of current and former military personnel and government employees. This breach highlights the ongoing vulnerability of personal data even within highly secure sectors.

1. Over 2 Million VPN Passwords Stolen: What You Can Do [Link: https://www.msn.com/en-us/news/technology/over-2-million-vpn-passwords-have-been-stolen-heres-what-you-can-do-about-it]

Summary: A significant breach has exposed over 2 million VPN passwords. This incident underscores the importance of strong password hygiene and the need to change passwords regularly, especially for sensitive services like VPNs.

1. Warning to ServiceNow Admins: Block Publicly Available KB Articles [Link: https://www.csoonline.com/article/3526477/warning-to-servicenow-admins-block-publicly-available-kb-articles.html]

Summary: ServiceNow administrators are urged to take immediate action to protect sensitive information by restricting access to publicly available knowledge base articles. This preventive measure aims to mitigate potential vulnerabilities that could be exploited by malicious actors.

1. CISA Warns of Actively Exploited Apache HugeGraph Server Bug [Link: https://www.bleepingcomputer.com/news/security/cisa-warns-of-actively-exploited-apache-hugegraph-server-bug/]

Summary: The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about an actively exploited vulnerability in the Apache HugeGraph server. Organizations are strongly encouraged to apply available patches to protect their systems from potential attacks.

1. Suspects Behind $230 Million Cryptocurrency Theft Arrested in Miami [Link: https://www.bleepingcomputer.com/news/security/suspects-behind-230-million-cryptocurrency-theft-arrested-in-miami/]

Summary: Law enforcement authorities have apprehended individuals allegedly responsible for a massive cryptocurrency theft amounting to $230 million. This arrest highlights the growing focus on combating cybercrime in the financial sector.

1. FCC: AT&T Did Not Protect Cloud Data [Link: https://www.darkreading.com/cybersecurity-operations/fcc-att-did-not-protect-cloud-data]

Summary: The Federal Communications Commission (FCC) has found that AT&T failed to adequately protect sensitive customer data stored in the cloud. This incident serves as a reminder of the importance of robust cloud security practices for organizations of all sizes.

1. How Shifts in Cyber Insurance Are Affecting the Security Landscape [Link: https://www.darkreading.com/cyber-risk/how-shifts-cyber-insurance-affecting-security-landscape]

Summary: The evolving cyber insurance market is having a profound impact on the security landscape. As insurers tighten requirements and raise premiums, organizations are being compelled to adopt more proactive security measures to mitigate risks and ensure insurability.

The Expert's Corner

Why Your Business Needs Cyber Insurance and What Coverages and Amounts Make It a Sufficient Policy

In today's digital age, cyberattacks are an unfortunate reality for businesses of all sizes. Cyber insurance acts as a financial safety net, helping businesses recover from the devastating impact of a cyber incident. In our latest blog post, "Why Your Business Needs a Review of Its Cyber Insurance Policy", we delve into the crucial aspects of cyber insurance and how to ensure your policy provides adequate protection.

Key Takeaways:

• Cyber Insurance is Essential: No business is immune to cyberattacks. Cyber insurance helps cover the costs associated with data breaches, ransomware attacks, and other cyber incidents.
• Coverage and Amounts: It's crucial to have the right coverages and amounts in your policy. This includes coverage for data recovery, legal expenses, public relations, and business interruption. The appropriate amounts will depend on your business's size, industry, and risk profile.
• Regular Reviews: The cyber threat landscape is constantly evolving. It's essential to review your cyber insurance policy regularly to ensure it remains aligned with your business's needs and the latest risks.
• Work with an Expert: Navigating the complexities of cyber insurance can be challenging. Partnering with a knowledgeable insurance professional can help you select the right policy and ensure you have adequate protection.

By understanding the importance of cyber insurance and taking the necessary steps to secure adequate coverage, you can safeguard your business from the potentially devastating financial consequences of a cyberattack.

[Link to Blog Post: https://cybersecurehawaii.com/post/cyber-insurance-why-your-business-needs-a-review-of-its-cyber-insurance-policy]

Conclusion:

As cyber threats continue to evolve, staying informed and proactive is critical. By staying abreast of the latest cybersecurity news and developments, and by taking the necessary steps to protect your data and systems, you can significantly reduce your risk of falling victim to a cyberattack.

If you own or run a Hawaii based business and would like help in breaking down the complexities of cybersecurity, take advantage of my free 15 minute strategy call here --> https://strategy.cybersecurehawaii.com

Remember: Cybersecurity is an ongoing process, not a one-time event. Stay vigilant and proactive to safeguard your digital assets.

Thank you for reading The Cybersecurity Roundup!

Disclaimer: This newsletter is for informational purposes only and does not constitute professional advice. Please consult with a qualified cybersecurity expert for personalized guidance.