Category: Government

An Italian hacker makes the grade and ends up in choppy waters, and hear true stories of title deed transfer scams. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault. Plus - don't miss our featured interview with Avery Pennarun of Tailscale.

Presently sponsored by: Cyberattacks are guaranteed. Is your recovery? Protect your data in the cloud. Join Rubrik’s Cloud Resilience Summit.

Welcoming the Armenian Government to Have I Been Pwned

Today, we're happy to welcome the 37th government to have full and free access to domain searches of their gov domains in Have I Been Pwned, Armenia. Armenia's National Computer Incident Response Team AM-CERT now joins three dozen other national counterparts in gaining visibility into how data breaches impact their national interests.

As we expand the reach of governments and organisations into HIBP, we hope to give defenders better insights into the impact of data breaches on their people so that the impact and value to attackers diminish.

A Facebook friend request leads to arrest, Twitter scams ride again via promoted ads, and adult websites expose their members. Oh, and Graham finds out what Rule 34 is. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.
Rapid7 completes IRAP PROTECTED assessment for Insight Platform solutions

Exciting news from Australia!

Rapid7 has successfully completed an Information Security Registered Assessors Program (IRAP) assessment to PROTECTED Level for several of our Insight Platform solutions.

What is IRAP?

An IRAP assessment is an independent assessment of the implementation, appropriateness, and effectiveness of a system’s security controls. Achieving IRAP PROTECTED status means Australian Government agencies requiring PROTECTED level controls can access our industry-leading, practitioner-first security solutions. Meeting this status further strengthens our position as a trusted partner for Australian government organizations seeking to enhance their cybersecurity posture.

Rapid7 is one of the only vendors to be IRAP-assessed across what we consider a consolidated cybersecurity operation. This places us in a unique position to supply services across federal, state, and local government in Australia. It provides our government customers with the confidence that we have the right governance and controls in place for our own business in order to deliver that service effectively for our customers, specifically covering:

  • Vulnerability management on traditional infrastructure
  • Endpoints
  • The secure implementation of web applications
  • Detection and response to alerts or threats
  • The ability to securely automate workflows

Why is being IRAP PROTECTED important?

Being IRAP-assessed demonstrates our commitment to providing secure and reliable information security services for Government Systems, Cloud Service Providers, Cloud Services, and Information and Communications Technology (ICT) Systems, and more widely to our Australian customers.

Importantly, it highlights how we take the shared responsibility model extremely seriously. It also shows we’re protecting our customers’ information and data across their traditional infrastructure and in the cloud.

Which solutions are approved?

Solutions assessed and approved for PROTECTED Level include InsightIDR (detection and response), InsightVM (vulnerability management), InsightAppSec (application security), and InsightConnect (orchestration and automation). These solutions provide a comprehensive security platform to help government agencies tackle the challenges of today's evolving cybersecurity landscape.

The successful completion of the IRAP assessment at the PROTECTED level demonstrates our commitment to supporting Australian government customers. It means they have access to a comprehensive security platform necessary to tackle the ever-evolving challenges of today's cybersecurity landscape.

As more government agencies migrate to hybrid cloud environments, we can help them better manage the growing complexity of identifying and securing the attack surface.

As attackers become increasingly sophisticated, better armed, and faster, the IRAP assessment is yet another string in our cybersecurity bow, showcasing our potential to support Australian Government agencies and more widely, our customers.

Presently sponsored by: Kolide can get your cross-platform fleet to 100% compliance. It's Zero Trust for Okta. Want to see for yourself? Book a demo.

Welcoming the Liechtenstein Government to Have I Been Pwned

Over the last 6 years, we've been very happy to welcome dozens of national governments to have unhindered access to their domains in Have I Been Pwned, free from cost and manual verification barriers. Today, we're happy to welcome Liechtenstein's National Cyber Security Unit who now have full access to their government domains.

We provide this support to governments to help those tasked with protecting their national interests understand more about the threats posed by data breaches, and we look forward to welcoming many more national infosec teams in the future.

Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today!

Welcoming the German Government to Have I Been Pwned

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department. This access now provides them with complete access to the exposure of their government domains in data breaches.

With the unabated flood of data breaches, we're happy to provide this support to governments in the hope it better enables them to protect their national interests and we look forward to welcoming many more national CERTs in the future.

Cyber attacks against government agencies and public sector services increased by 40% in the second quarter of 2023 compared to the first, a new report by KnowBe4 has highlighted.

The Cybercrime in the Public Sector report examines the most popular and prolific cybercrimes of 2023, including cybercrime trends, statistics and real life examples on a global scale as well as breaking it down by specific countries and regions.

Research has shown that government agencies and law practices experienced the largest spike in ransomware attacks at 95% in quarter three of 2023. Moreover, global ransomware attacks were up by 95% in the third quarter of 2023 when compared to the same period in 2022.

Government agencies and public institutions collect troves of personal and private information on citizens, including their financial details, their diseases and medications, or their children’s health and education records. It’s why cybercriminals actively target these organisations as such information is highly valuable on the dark web.

Furthermore, when this personal data ends up on the dark web at the hands of an anonymous hacker, it is personally devastating; it also opens the victims up to harassment, identify theft, and fraud, and shatters their trust in the agencies they need to trust most. Given the level of damage that can be caused by these attacks, it should not be surprising that the public sector is becoming an increasingly attractive target for cybercriminals.

These cybercriminals are levaraging social engineering methods such as phishing, vishing, spear phishing, and smishing which continue to be the most popular and effective tactics used by cybercriminals to gain access to systems and initiate their attacks. There is a critical need to strengthen the human aspect of cybersecurity within organizations through comprehensive security awareness training. It is an undeniable fact that employees, the last line of defense, can inadvertently become the weakest link in the security chain.

“Through proper training initiatives, this cost-effective and straightforward approach can effectively counteract social

engineering tactics,” Stu Sjouwerman, CEO, KnowBe4. “However, as the sophistication of attacks designed to exploit the human factor increases, the continuous reinforcement of a strong security culture is an indispensable tool for enduring digital defense and operational continuity.”

 

To review the cybercrime in the public sector, click here.

The post Public Sector Cyberattacks Rise By 40% in 2023 first appeared on IT Security Guru.

The post Public Sector Cyberattacks Rise By 40% in 2023 appeared first on IT Security Guru.

If you handle consumer financial data, you need to be aware of the U.S. Federal Trade Commission‘s (FTC) revised Safeguards Rule cybersecurity regulation. The rule applies to a wide range of businesses, including those that may not consider themselves to be financial institutions. The FTC has classified many companies as “non-banking financial institutions” subject to the rule, which requires them to implement specific measures to protect customer data.

Compliance with the revised Safeguards Rule is mandatory, and the deadline for implementation is fast approaching. Financial institutions covered by the rule must comply with certain provisions by June 9, 2023. While the FTC has extended the deadline for some changes to the rule, businesses should still take immediate steps to ensure they are in compliance by the deadline.

Understanding the FTC Safeguards Rule

The FTC Safeguards Rule is a set of regulations that require covered financial institutions to develop, implement, and maintain an information security program designed to protect customer information. The rule was first introduced in 2002 and has been revised multiple times to keep up with evolving technology and security threats. The most recent revision was announced in October 2021, with a deadline for compliance set for June 2023.

What is the FTC Safeguards Rule?

The FTC Safeguards Rule is a set of regulations that require covered financial institutions to develop, implement, and maintain an information security program designed to protect customer information. The rule applies to non-bank financial institutions, such as mortgage lenders and brokers, and requires them to take steps to protect sensitive customer information from unauthorized access, use, or disclosure.

Who is affected by the FTC Safeguards Rule?

The FTC Safeguards Rule applies to non-bank financial institutions, such as mortgage lenders and brokers, that collect, maintain, or use personal information from consumers. The rule also applies to service providers that have access to this information. Covered financial institutions must comply with the Safeguards Rule regardless of size, location, or type of business.

What are the requirements of the FTC Safeguards Rule?

Among other things, the revised Safeguards Rule requires:

  • Planning and action to address “reasonably foreseeable internal and external risks” — in other words, protection against data breaches, data leakage, phishing, and ransomware.
  • Implementation of multi-factor authentication.

In addition to these requirements, covered financial institutions must also:

  • Designate one or more employees to coordinate the information security program.
  • Identify and assess the risks to customer information in each relevant area of the company’s operation and evaluate the effectiveness of the current safeguards for controlling these risks.
  • Implement safeguards to control the risks identified through risk assessment and regularly test or monitor the effectiveness of the safeguards’ key controls, systems, and procedures.
  • Select service providers that are capable of maintaining appropriate safeguards, make sure the contract requires them to maintain safeguards, and oversee their handling of customer information.
  • Evaluate and adjust the program in light of relevant circumstances, including changes in the firm’s business or operations, or the results of security testing and monitoring.

Overall, the FTC Safeguards Rule is designed to ensure that covered financial institutions take reasonable steps to protect sensitive customer information from unauthorized access, use, or disclosure. Failure to comply with the Safeguards Rule can result in significant penalties and reputational damage for covered financial institutions.

Steps to Protect Your Customer’s Data

Conduct a Risk Assessment

Before you can protect your customer’s data, you need to know what data you have, where it’s stored, and who has access to it. Conducting a risk assessment will help you identify vulnerabilities and potential threats to your customer’s data. This will allow you to develop a comprehensive plan to protect that data.

Among other things, the revised Safeguards Rule requires planning and action to address “reasonably foreseeable internal and external risks” — in other words, protection against data breaches, data leakage, phishing, and ransomware.

Implement a Written Information Security Program

Developing a Written Information Security Program (WISP) is a key element of protecting your customer’s data. A WISP is a comprehensive plan that outlines how you will protect customer data. It should include policies and procedures for data access, storage, and disposal, as well as guidelines for responding to security incidents.

The revised Safeguards Rule also requires implementation of multi-factor authentication. This means that you need to use more than one method of authentication to access sensitive data. For example, you might require a password and a fingerprint scan to access customer data.

Train Your Employees

Your employees are your first line of defense against data breaches. It’s important to train them on how to handle customer data securely. This includes training on how to identify and respond to security incidents, as well as how to use multi-factor authentication.

Monitor Your Systems and Respond to Incidents

Monitoring your systems is critical to detecting and responding to security incidents. You should have systems in place to monitor for unusual activity and respond quickly to potential threats. This includes having a plan in place for notifying customers in the event of a data breach.

Remember, protecting your customer’s data is an ongoing process. You should regularly review and update your security measures to ensure that you are keeping up with the latest threats and vulnerabilities.

Meeting the June 2023 FTC Safeguards Rule Deadline

Preparing for the Deadline

The new June 9, 2023, deadline for compliance with the revised FTC Safeguards Rule is approaching quickly. Among other things, the revised Safeguards Rule requires planning and action to address “reasonably foreseeable internal and external risks” — in other words, protection against data breaches, data leakage, phishing, and ransomware. It also requires the implementation of multi-factor authentication. To prepare for the deadline, businesses should consider the following steps:

  • Conduct a comprehensive risk assessment to identify potential vulnerabilities and risks to customer data.
  • Develop and implement a comprehensive data security program that addresses the risks identified in the risk assessment.
  • Implement multi-factor authentication to protect against unauthorized access to customer data.
  • Train employees on data security best practices and how to identify and respond to potential security incidents.
  • Regularly review and update the data security program to ensure it remains effective and up-to-date.

What Happens if You Don’t Comply?

Businesses that fail to comply with the revised Safeguards Rule by the June 9, 2023, deadline may be subject to enforcement actions by the FTC, including fines and penalties. In addition, failing to comply with the Safeguards Rule can also damage a business’s reputation and erode customer trust.

How to Report a Data Breach

In the event of a data breach, businesses should take immediate action to contain the breach, notify affected customers, and report the breach to the appropriate authorities. The revised Safeguards Rule requires businesses to have a written incident response plan in place that outlines the steps to be taken in the event of a data breach. Businesses should also consider the following steps:

  • Notify affected customers as soon as possible and provide them with information on how to protect themselves from identity theft and fraud.
  • Report the breach to the appropriate authorities, such as the FTC, state attorneys general, and credit reporting agencies.
  • Cooperate with law enforcement and regulatory agencies in their investigation of the breach.
  • Conduct a thorough investigation of the breach to identify the cause and take steps to prevent future breaches.

Conclusion

Protecting your customer’s data is not only a legal obligation but also a moral responsibility. The revised Safeguards Rule is a step in the right direction, and businesses must take it seriously. The deadline for compliance with the revised Safeguards Rule has been extended to June 9, 2023. This extension provides businesses with an additional six months to assess their data security measures and implement necessary changes.

Among other things, the revised Safeguards Rule requires businesses to plan and take action to address “reasonably foreseeable internal and external risks.” This includes protection against data breaches, data leakage, phishing, and ransomware. Businesses must implement multi-factor authentication to ensure that only authorized personnel have access to sensitive data.

It is crucial for businesses to understand the importance of data security and take appropriate measures to protect their customers’ data. Failure to comply with the revised Safeguards Rule can result in significant financial penalties and damage to the business’s reputation. Therefore, businesses must prioritize data security and comply with the revised Safeguards Rule by the June 9, 2023 deadline.

The post How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule appeared first on Cybersecurity Insiders.