Dive Brief: Almost two-thirds of organizations across the globe have either fully or partially implemented zero-trust strategies, according to a report released Monday by Gartner based on a survey of 303 security leaders. Of organizations that have fully or partially implemented zero trust, 4 in 5 have strategic metrics to measure their success. Of those, […]
Dive Brief: The majority of companies, 4 in 5, have suffered a cyberattack that wasn’t fully covered under their cyber insurance policy, according to an analysis by cyber risk quantification firm CYE. On average, each insurance gap left more than three-quarters of a breach uncovered, CYE said in a report released Wednesday. The research, which analyzed […]
Dive Brief: UnitedHealth Group estimates costs from the Change Healthcare cyberattack could reach $1.6 billion this year, executives said on Tuesday. However, the managed care giant maintained its full-year earnings guidance, suggesting the financial fallout from the attack on the massive claims clearinghouse may be less serious than feared. The hit comes from direct response […]
Dive Brief: Officials from the White House and the U.S. Department of Health and Human Services held a meeting on Tuesday with UnitedHealth and other industry groups to discuss the cyberattack at Change Healthcare, which has disrupted the healthcare sector for three weeks. HHS Secretary Xavier Becerra and White House Domestic Policy Advisor Neera Tanden […]
Dive Brief: More than 2 in 5 ransomware attacks reported to the FBI in 2023 targeted organizations in a critical infrastructure sector, the agency said Thursday in its annual Internet Crime Report. Of the 2,825 ransomware attacks reported to the FBI last year, 1,193 hit critical infrastructure organizations. The proportion of ransomware attacks hitting critical […]
Dive Brief: Cybersecurity requirements and questions for vendors should be included in utilities’ procurement processes, state regulators and the U.S. Department of Energy recommended Thursday in a set of “cybersecurity baselines” aimed at improving the security of distribution systems and distributed energy resources. The National Association of Regulatory Utility Commissioners and DOE’s Office of Cybersecurity, Energy […]
Dive Brief: Corporate finance chiefs play a less active role compared with information technology leaders when it comes to key aspects of complying with new cybersecurity rules from the Securities and Exchange Commission, according to a recent survey by AuditBoard, a cloud-based risk management company. Among other provisions, the rules require a public company to […]
Dive Brief: The HHS has reached its second-ever settlement related to a ransomware attack, which exposed the protected health information of more than 14,000 people, the agency announced Wednesday. Maryland-based Green Ridge Behavioral Health agreed to pay $40,000 and implement a corrective action plan after an investigation found potential violations of the HIPAA rule and […]
Dive Brief: Ransomware attacks inflicted more financial damage and hit more companies last year than ever before, according to Unit 42 and Chanalysis research. Victim organizations paid a collective $1.1 billion in ransom demands in 2023, the largest amount ever recorded, Chainalysis said in a Wednesday report on financially-motivated criminal activity in cryptocurrency exchanges. Threat […]