The Best of Virtual RSA Conference 2021

Information Security Media Group • June 15, 2021

With the RSA Conference virtual this year, ISMG replaced its two live on-site studios with a suite of home studios and produced a diverse group of interviews on timely topics with thought leaders who will be solving cybersecurity's most urgent problems.

►

Leadership & Executive Communication

Profiles in Leadership: Suren Naidoo, The Foschini Group

Latest

Cyberwarfare / Nation-State Attacks

NATO Endorses Cybersecurity Defense Policy

Scott Ferguson • June 15, 2021

The U.S. and its NATO allies endorsed a new cybersecurity defense policy during President Biden's visit this week with member states in Brussels. The policy agreement comes as Biden prepares to meet Russian President Vladimir Putin on Wednesday to discuss cybersecurity and other issues.

Breach Notification

Volkswagen, Audi Notify 3.3 Million of Data Breach

Jeremy Kirk • June 15, 2021

Volkswagen and its Audi subsidiary are notifying 3.3 million people in the U.S and Canada of a breach of personal information by a marketing services supplier. Volkswagen says 90,000 of those affected may have also had their driver's license number, loan data and other personal information exposed.

Governance & Risk Management

Cybersecurity Insurance: Has It's Time Come?

Steve King • June 15, 2021

As the cyberthreat landscape grows exponentially more complicated, the insurance industry is trying to keep pace. Yet, many organizations still lack cybersecurity insurance. Lynn Peachey, director of business development at Arete Incident Response, breaks down the basics of these insurance policies.

Cybercrime

'Fear' Likely Drove Avaddon's Exit From Ransomware Fray

Mathew J. Schwartz • June 15, 2021

Based on Russian-language cybercrime chatter, "fear" likely drove the lucrative Avaddon ransomware-as-a-service operation to announce its retirement as the U.S. exerts increasing diplomatic pressure on Moscow to disrupt such activity, experts say. But are criminals simply laying low until the heat dies down?

Breach Notification

Union Benefits Administrator Says Data Deleted in Hack

Marianne Kolbasuk McGee • June 14, 2021

A Seattle-based benefits administrator for unionized home healthcare and nursing home workers has reported a hacking incident affecting 140,000 individuals that involved deleting certain data.

Fraud Management & Cybercrime

Will Ransomware Attacks Push Congress to Enact Regs?

Scott Ferguson • June 14, 2021

After hearings in the Senate and House on a spate of ransomware attacks that have put the nation's critical infrastructure in danger, some security experts say Congress may be poised to take action to create greater regulatory oversight of cybersecurity within certain industries.

Critical Infrastructure Security

Avaddon Ransomware Operation Calls It Quits, Releases Keys

Mathew J. Schwartz • June 14, 2021

The prolific Avaddon ransomware-as-a-service operation has announced its closure and released 2,934 decryption keys for free. Has the increased focus by Western governments on combating ransomware been driving this and other operations to exit the fray?

3rd Party Risk Management

ISMG Editors' Panel: The FBI's Global Cryptophone Sting

Anna Delaney • June 11, 2021

Criminals tricked into using an FBI-run encrypted messaging app, Verizon's 2021 Breach Investigations Report and overcoming the challenges of recruiting cybersecurity professionals are among the latest cybersecurity topics to be featured for analysis by a panel of Information Security Media Group editors.

3rd Party Risk Management

Colonial Pipeline Ransomware Fallout: Congress Grills CEO

Anna Delaney • June 11, 2021

The latest edition of the ISMG Security Report features an analysis of lawmakers' grilling of Colonial Pipeline CEO Joseph Blount over his handling of the DarkSide ransomware attack. Also featured: How the FBI helped trick criminals into using an encrypted communications service that it was able to monitor.

Breach Notification

Ransomware Gang Goes Nuclear, Hitting US Weapons Contractor

Mathew J. Schwartz • June 11, 2021

A small U.S. nuclear weapons contractor has confirmed that it suffered a ransomware attack, resulting in the theft of data. Credit for the attack has been taken by the ransomware-as-a-service operation known as REvil, aka Sodinokibi, which the FBI recently tied to the attack against meatpacking giant JBS.

3rd Party Risk Management

Biden's Nominees Face Questions Over Cybersecurity Concerns

Scott Ferguson • June 10, 2021

President Joe Biden's nominees for White House cyber director and CISA director faced questions from senators during their confirmation hearing Thursday, including how the federal government should respond to a recent spate of ransomware attacks and other cyberthreats.

Fraud Management & Cybercrime

RSA Spins Off Fraud and Risk Business

Doug Olenick • June 10, 2021

RSA Security LLC has spun off its fraud and risk intelligence business into a stand-alone company named Outseer. The new company will be led by Reed Taussig as CEO, and it will serve a worldwide customer and partner community.