The Federal Bureau of Investigation (FBI) issued a Private Industry Notification on September 27, 2023, highlighting two concerning ransomware trends and providing companies with guidance on mitigating potential threat actor activity. As of July … [Read more] about FBI Cautions Organizations on Dual Ransomware Attacks
On October 4, 2023, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) published Identity and Access Management: Developer and Vendor Challenges, an advisory document developed by the Enduring Security … [Read more] about CISA and NSA Highlight Technology Gaps in New Guidance on Identity and Access Management
On September 27, 2023, The U.S. National Security Agency (NSA), the U.S. Federal Bureau of Investigation (FBI), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Japanese National Police Agency (NPA), and the Japanese National … [Read more] about CISA Releases Advisory Concerning Chinese-Backed Threat Actor
New York Attorney General Letitia James recently announced two agreements related to data breaches with entities that operate in the education industry. In both instances the entities paid the ransom and received evidence of deletion of the stolen … [Read more] about New York Continues to Focus on Companies’ Data Security Practices
On August 28, 2023, the California Privacy Protection Agency (the “Agency”) released two sets of draft regulations under the California Consumer Privacy Act (the “CCPA”), one for risk assessments and another for cybersecurity audits, as part of the … [Read more] about California Privacy Protection Agency Releases Draft Regulations on Risk Assessments