As many of us try to enjoy some semblance of summer, we may be able to escape the heat, but avoiding the impact of the global pandemic is a bit more challenging. According to IBM’s recently released 15th annual 2020 Cost of a Data Breach Report, remote work could increase the overall cost of a data breach. The report found that the vast majority (76%) of participating organizations said the increased remote workforce would result in longer time to data breach detection and containment. Overall, the remote workforce would impact the average cost of a data breach by $137,000.

Meanwhile, the US Navy is learning some lessons in cybersecurity related to remote workers. USNI News reported, “The Navy took some risk in permitting hundreds of thousands of service members and civilian employees to use personal laptops and cell phones at home during the COVID-19 pandemic to transact normal business … But allowing the use of personal devices was a calculated risk the Navy needed to take.”

Alas, there’s more to cybersecurity than securing our devices, so let’s take a look at what else made industry headlines this week.

July 31: The high-profile Twitter attack that targeted well-known accounts and demanded Bitcoin payment was reportedly the result of a mobile spearphishing attack on “a small number of employees.”

July 30: The Hill reported, “In a letter to Justice Department Assistant Attorney General John Demers, Hawley and Blumenthal wrote that they were ‘extremely concerned’ that Zoom and TikTok had potentially disclosed private American information to the Chinese Communist Party (CCP) and censored content on the CCP’s behalf.”

July 30: The Election Cyber Surge, an initiative out of the University of Chicago, is matching a group of volunteer hackers with local election officials in need of help securing their election infrastructure.

July 30: The fourth annual study of cybersecurity professionals, published by ISSA and ESG, found that the nearly decade-long skills gap is worsening, with a reported 64% of respondents stating their organization should be doing more to address cybersecurity challenges.

July 29: Reuters reported, “Hackers linked to the Chinese government have infiltrated Vatican computer networks, including the Roman Catholic Church’s Hong Kong-based representative.”

July 28: Perhaps a day too late for the cosmetics company Avon, which unintentionally leaked 19 million records due to a misconfigured cloud server, Robert Ackerman Jr. advised, Corporations Must Step Up to the Plate to Enhance the Security of Cloud Computing.

July 28: Sophisticated attackers targeted the Michigan bar exam’s online platform, ExamSoft, with a distributed denial of service (DDoS) attack.

July 27: MSSP Alert reported, “In a landmark legal case that could test cybersecurity regulations and associated penalties, The New York State Department of Financial Services (DFS) has filed cybersecurity charges against First American Title Insurance Company, one of the largest providers of title insurance in the United States.”

July 26: Plaintiffs in California filed a class-action law suit against Apple earlier this month, alleging that the company was, “knowingly permitting iTunes gift card scams to perpetuate as it allows the company to make a profit from the scammed funds,” ZDNet reported. 

Contributors: