????? FILED Headlines: The cost of a data breach is up (though AI can help), Microsoft gets hit with a DDoS, and EU banks have “room for improvement

Hi there,?

Welcome to FILED Headlines, the weekly edition of the FILED Newsletter focused on the latest, most essential news from the intersection of data privacy, data security, and governance.? This week:?

• IBM’s Cost of a Data Breach Report points to AI and automation to reduce the average cost of a data breach.?

• Australian companies will soon need to report ransomware payments.?

• And a cyber stress test of EU banks suggests that although they have the high-level frameworks in place, there is room for improvement.?

??? Privacy & governance??

A new tool built by a former Google engineer, webXray tracks thousands of cookies across the web, allowing you to enter a search term, and see the results returned for that search - along with the cookies they set. The tool is aimed at corporate litigators, not everyday folks.? Are Chief Privacy Officers on the way out????

X’s AI, Grok, is now being trained on your posts, though you can opt out.??

A status update for the American Privacy Rights Act. Plus, a mid-year data privacy check-in, with a US focus.???

Meta's US $1.4 billion settlement in Texas biometric case has been approved. ?

The European Union’s AI Act has gone into force. Now what??

?? Security?

The average cost of a data breach is US $4.88M, up 10% on last year, according to IBM’s annual Cost of a Data Breach Report. But the cost comes down by USD 2.2M if an organization is deploying AI and automation.?

Microsoft Azure and Microsoft 365 services experienced an outage this week thanks to a Distributed Denial-of-Service (DDoS) attack. The attack’s effect was amplified by an error in the implementation of Azure DDoS defenses.?

The results of a "cyber risk stress test" for European banks has indicated that while the high-level response and recovery frameworks are in place, there is some room for improvement.?

A North Korean hacker responsible for a series of 2022 ransomware attacks on hospitals has been charged, with the US Department of State offering US $10M for information.?

Australian companies will soon need to report ransom payments.?

A Minnesota-based spyware maker was hacked, with indications it had snooped on thousands of devices before being breached itself.??

Health organization HealthEquity says a cybersecurity incident in July compromised the data of 4.3 million people.?

Ransomware gangs are exploiting a just-patched VMware ESXi flaw, Microsoft says.??

The Indian cyber security agency has said a phishing attack campaign has targeted CrowdStrike users impacted by the recent global computer outage.???

Speaking of CrowdStrike, insured losses from the outage could reach US$1.5 billion.?

Attackers bypassed Google authentication to create Workspace accounts, and leveraged that to impersonate a domain holder at third-party services that integrate Google’s “Sign in with Google” feature.??

?? The latest from RecordPoint???

?? Read:??

Microsoft Copilot comes up a lot lately, as organizations see the model as a streamlined way of harnessing generative AI. While Copilot?offers many benefits, it also brings risk. Learn how to harness the power of Copilot while keeping your data secure and ensuring your customers' privacy.?

The National Transport Commission needed help solving records management and information governance challenges such as reducing the manual effort for users. The solution was leveraging RecordPoint's platform and people to allow records management to happen in the background.?

?? Listen:?

We’re a week away from the next episode of FILED going live, but until that hits the feed, and given this month will see updates to Australia’s Privacy Act, listen back to our interview with Wanne Pemmelaar, whose company Filerskeepers helps organizations navigate the global evolution of privacy regulation.?