COVID-19 Resource Center: Latest News and Insights on the Novel Coronavirus and Cybersecurity Response

The COVID-19 pandemic has changed how we all live and work, creating the largest remote workforce in history. Never have topics such as identity and access management, device security and business resiliency been more critical. Use this COVID-19 Resource Center for the latest updates and opinions on the virus, its influence on the threat landscape and how global organisations can improve response.

Global Cybercrime Surging During Pandemic

Marianne Kolbasuk McGee • August 6, 2020

Cybercriminals have shifted their focus from individuals and smaller businesses to target governments, critical health infrastructure and major corporations to maximize their profits and disruption during the COVID-19 pandemic, a new Interpol report warns.

Fraud Management & Cybercrime

COVID-19 Contact-Tracing Apps: The Privacy Issues

Latest

Endpoint Security

Analysis: Hijacking of Twitter Hacker's Virtual Hearing

Anna Delaney • August 7, 2020

The latest edition of the ISMG Security Report analyzes the hijacking of a virtual court hearing in the Twitter hacking case. Also featured: Why network segmentation is more important than ever; update on Windows print spooler vulnerability.

Building a Stronger Security Infrastructure

Anna Delaney • August 6, 2020

As organizations collect more consumer data during the COVID-19 pandemic, how can they protect it? Peter Yapp, former deputy director at the UK's National Cyber Security Center, provides insights on building a stronger security infrastructure.

Governance & Risk Management

Pandemic Impact: How Will Data Breaches Evolve?

Mathew J. Schwartz • August 5, 2020

Will the COVID-19 pandemic lead to a spike in the number of reported data breaches? Not necessarily, says cybersecurity expert Brian Honan. But he says that the rush to adopt cloud-based services and expanded remote services might change the types of breaches being reported.

Governance & Risk Management

A Working Model for a 'Zero Trust' Security Architecture

Geetha Nandikotkur • August 4, 2020

Implementing a "zero trust" architecture for the remote workforce during the COVID-19 pandemic requires secure authentication methods, role-based access strategy and encryption standards based on micro-segmentation, according to a panel of security experts.

Fraud Management & Cybercrime

Alert: Chinese Malware Targeting IT Service Providers

Akshaya Asokan • August 4, 2020

A trio of U.S. government agencies is warning organizations about a hacking campaign using a malware strain that has previously been tied to Chinese hackers. The Taidoor RAT, which has been around for over 10 years, has recently been spotted in several campaigns against IT service providers.

Fraud Management & Cybercrime

FBI: COVID-19-Themed Phishing Spreads Netwalker Ransomware

Prajeet Nair • July 31, 2020

The FBI is warning that attacks using a ransomware variant called Netwalker have increased since June, targeting government organizations, educational entities, healthcare firms and private companies in the U.S. and elsewhere. Phishing campaigns spreading the malware are using COVID-19 themes as a lure.

Governance & Risk Management

ONC's Donald Rucker: More Work to Do on Health Data Privacy

Marianne Kolbasuk McGee • July 30, 2020

In an exclusive, wide-ranging video interview, Don Rucker, M.D., HHS national coordinator for health IT, discusses why more work needs to be done to protect the privacy of health data as well as why the U.S. needs to ramp up secure health information exchange among clinicians.

Governance & Risk Management

VPN Vulnerabilities Put Industrial Control Systems at Risk

Prajeet Nair • July 30, 2020

Vulnerabilities in some VPNs used to remotely connect to industrial control systems could enable hackers to compromise large-scale industrial organizations, the security firm Claroty reports.

Governance & Risk Management

Building a Resilient Workforce

Anna Delaney • July 28, 2020

Rachael Stephens, program director at the National Governors Association, discusses a new report offering insights into ways that governors and state policymakers can nurture a resilient workforce amid technological disruption that's exacerbated by the COVID-19 pandemic.

Fraud Management & Cybercrime

The Celebrity Twitter Hack: What Happened?

Nick Holland • July 24, 2020

The latest edition of the ISMG Security Report analyzes the hacking of high-profile Twitter accounts. Also featured: Addressing security when offices reopen; the role of personal protective equipment, or PPE, in money laundering during the pandemic.

Governance & Risk Management

Back to the Office: Managing the Risks

Anna Delaney • July 22, 2020

As organizations that shifted to a remote workforce consider allowing some workers to return to the office environment, CISOs must reassess their security infrastructures, says Chris Kubic of Fidelis Cybersecurity, who formerly was CISO at the National Security Agency.

Governance & Risk Management

CISO Notebook: Putting Frameworks Around Risk

Tom Field • July 21, 2020

Dallas County, one of the 10 largest counties in the U.S., was accustomed to an entirely on-premises workforce. Then came the pandemic. The Texas county's CISO, Michael Anderson, tells how he planned for business resiliency - and why he owes it all to frameworks.