To say this week had many people frazzled for many different reasons is a bit of an understatement. According to The CISO Stress Report, Life Inside the Perimeter: One Year On, a recently published report from Nominet, CISOs are more frazzled than ever. The report found that the mental health of CISOs is deteriorating due to work stress. It’s a reality that many of the speakers at RSA Conference 2020 are eager to address, not only throughout the Human Element track but across dozens of sessions at Conference.
Also out this week is a list of the Top 20 Cybersecurity Conferences in 2020. Published by Security magazine, the list comes in response to a 2019 Fortinet survey that highlighted the need for education and professional development, particularly for CISOs as their roles continue to evolve.
Of course, it’s that time of year when reports and surveys are published, which can make it a challenge to keep up with the daily news. Here’s a look at what cybersecurity headlines you might have missed this week.
Feb. 7: A spinoff card-skimming gang known as Magecart group 12 is reportedly responsible for a series of attacks on an array of websites, including Olympic Tickets, which re-sells tickets to the 2020 summer Olympic games.
Feb. 7: A newly published bipartisan report from the Senate Intelligence Committee found “the US government was “not well-postured” to counter Russia's election interference attempts in 2016, and strongly encouraged the current administration to take steps to prepare for future attempts,” according to The Hill.
Feb. 7: By exploiting a vulnerability they discovered, researchers at Check Point were able to access the control bridge of Philips Hue smart bulbs and then attack the network of the IoT devices.
Feb. 6: The Iowa caucuses exacerbated what were already elevated concerns over election security, prompting Forbes contributor Jody Westby to explore “What Happens When IT and Cybersecurity Best Practices Are Ignored.”
Feb. 6: A stolen laptop is reportedly the root cause of a data breach that exposed the PII of approximately 650,000 Medicaid members at Health Share of Oregon.
Feb. 5: The National Law Review provided an in-depth overview of the changes that must happen across New York’s cybersecurity landscape in order to comply with the upcoming deadline of the SHIELD Act, signed into law by Governor Cuomo on July 25, 2019.
Feb. 5: Hackers exploited a zero-day vulnerability in Mitsubishi Electric’s antivirus software.
Feb. 5: In his remarks at the “Justice in Cyberspace” symposium held in Washington DC, Assistant Attorney General Brian A. Benczkowski noted, “Cybercriminals are meeting online every day, brokering deals, and exchanging skills and tools to commit increasingly more sophisticated and damaging crimes. They can, with mere clicks, target Americans with fraudulent schemes and thefts of money and intellectual property. They exploit the impediments created by national borders and differences in legal systems. And they can flourish in places that ignore—or even openly protect—those causing harm elsewhere in the world.”
Feb. 4: The Associated Press reported, “A new Maryland bill would ask the state’s Department of Information Technology to develop a baseline plan for localities within the state to help battle cyberattacks.”