Risk Assessments/Management

A recent compromise of the investment arm of Block Inc.’s fast-growing Cash App, which has been favored by Generation Z and Millennial customers, demonstrates the risk of insider fraud from former as well as existing employees.

Fuel holding tanks are seen at Colonial Pipeline’s Dorsey Junction Station on May 13, 2021 in Woodbine, Md. A proposed $1 million fine blames Colonial Pipeline executives for failing to correct a number of known safety violations. (Photo by Drew Angerer/Getty Images)

Security Architecture

Open XDR strategies combine data from siloed tools to help security teams identify and stop attacks

Sam Jones April 12, 2022

The old-fashioned notion of individual detection and response in each tool has been replaced by centralizing all data and correlating it for a full understanding of attacks underway.

Email security

Data breach at Georgia health system confirmed

SC StaffApril 11, 2022

Georgia-based Wellstar Health System has confirmed being impacted by a data breach after its email system was compromised.

Connecticut’s health information exchange had 44 breaches in the last three and a half years, but failed to report them to the appropriate regulators. It begs the question: where’s the accountability? (Photo credit: “USNS Comfort (T-AH 20) Performs Surgery” by NavyMedicine is marked with CC PDM 1.0.

Incident Response

Health insurance exchange didn’t report 44 data breaches, but were hit with no security mandates

Jessica DavisApril 11, 2022

A state audit of the Connecticut health insurance exchange, Access Health, found multiple security and compliance violations. But its report only outlines recommendations, rather than requiring major changes to address longstanding issues.

Today’s columnist, Thomas Pore of LiveAction, writes that Deep Packet Dynamics can help reduce long dwell times like the industry saw in the SolarWinds case where attackers were in the network for more than a year. (“SolarWinds letters” by sfoskett is licensed under CC BY-NC-SA 2.0)

Supply chain

Website security and the overlooked third-party supply chain risk

Hadar Blutrich April 11, 2022

Companies need to pay attention to how JavaScript-based attacks can bypass traditional server-side security.

Risk Assessments/Management

Related Videos

Transform cybersecurity with process mining

Sensitive data security challenges prevail

Over 300K hit by SuperCare Health breach

Cash App breach demonstrates threat posed by past and present employees

Open XDR strategies combine data from siloed tools to help security teams identify and stop attacks

Data breach at Georgia health system confirmed

Health insurance exchange didn’t report 44 data breaches, but were hit with no security mandates

Website security and the overlooked third-party supply chain risk

Fast Five

Selected by the SC Media Editorial team every Tuesday.