Getting cybersecurity right means CISOs need peer relationships with other operations executives. CISOs need board access and a handle on the company business, writes Ian Keller, director of security at a telecom company. "And then you'll wake up and realize this is not as simple as it sounds."
A proposed $350 million settlement of a consolidated class action lawsuit against T-Mobile, after a 2021 data breach that affected nearly 77 million people, includes breach victims and related legal costs. The settlement requires T-Mobile to invest $150 million to bolster data security.
A misconfigured Alibaba private cloud server has led to the leak of around 1 billion Chinese nationals' personal details. An unknown hacker, identified as "ChinaDan," posted an advertisement on a hacker forum selling 23 terabytes of data for 10 bitcoins, equivalent to about $200,000.
India's stock brokers and depository participants must now report all cyberattacks and breaches to the Securities and Exchange Board of India within six hours of detection under a mandate implementing what is likely the world's tightest breach reporting timeline requirement.
To help improve HIPAA breach reporting, the Department of Health and Human Services should implement a formal mechanism for organizations to communicate with regulators about that process, according to a new report from the Government Accountability Office.
Publicly traded companies will need to beef up their cybersecurity knowledge since the the U.S. Securities and Exchange Commission is proposing rules and guidelines that would mandate more stringent oversight of cyber risk, says Roger Sels, former vice president of cyber solutions for BlackBerry.
Canada's Desjardins Group has reached an out-of-court settlement to resolve a data breach class action lawsuit. The breach, which the credit union group first disclosed in 2019, traced to a "malicious" insider who for 26 months had been selling personal details for 4.2 million active customers.
Hacking incidents recently reported as major breaches by three different types of health sector entities - a children's hospital, a managed care plan and a government contractor - have in total compromised the sensitive information of more than 1.4 million individuals.
The European Parliament and the Council of the European Union on Friday reached a provisional agreement to set a "baseline for cybersecurity risk management measures and reporting obligations." Called NIS2, it is a modernized framework based on the EU Network and Information Security Directive.
CERT-In has mandated that starting June 28, both government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident. What do CISOs feel about this, and how are they planning to approach this new requirement?
New York state officials are investigating a data breach at Illuminate Education, maker of a widely used software platform for K-12 schools. More than 1 million current and former New York students' personal details were exposed, and some students in California, Colorado and Connecticut were also affected.
The number of organizations being breached is on the rise, according to Forrester's 2021 State of Enterprise Breaches report. Allie Mellen describes the trend as "disappointing" and discusses the misaligned expectations some organizations have about breaches, as well as other report findings.
New cyber incident reporting rules are set to come into effect in the U.S. on May 1. Banks in the country will be required to notify regulators within 36 hours after an organization suffers a qualifying "computer-security incident." What does this mean for banks, and what are the likely challenges?
In what is likely the shortest breach reporting timeline globally, the Indian Computer Emergency Response Team, CERT-In, has mandated that starting June 28, government and private organizations in the country must inform the agency within six hours of discovering a cybersecurity incident.
Half of the 10 largest health data breaches so far in 2022 - affecting millions of individuals - have been added to the federal tally in just the last month as the latest wave of major hacking incidents being reported to regulators continues to grow.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.in, you agree to our use of cookies.