720-891-1663

CISA Extends Comment Period on CIRCIA Rules

Probably your first question is what the heck is CIRCIA. CIRCIA is a law passed by Congress in 2022 that requires CISA to create a set of regulations for reporting cyber incidents by critical infrastructure operators. Needless to say, those operators would much rather have a very low profile and report things only if and […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Supply Chain Breaches Up 68% From Last Year

If you have been reading this blog then any conversation about supply chain risk is not news to you. Verizon, which publishes the well respected annual data breach investigations report says that supply chain breaches are up 68 percent from 2022. The number is still suspiciously low to me, however. Most people think of Verizon […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Security News Update for the Week Ending May 3, 2024

Cyberattack Ramifications: Chain Closes ALL STORES to Contain Attack Canadian pharmacy chain London Drugs has closed all stores to contain a cyberattack. While many stores stop accepting online orders or credit cards after a cyberattack, it is very rare to see a company stop doing business until further notice. However, they have not notified authorities […]

Continue reading → [DISPLAY_ACURAX_ICONS]

US Says Russia Exploiting Weak Security at Water, Wastewater Plants

Shoddy security practices. Short of cash. Lack of personnel to deal with threats. Outdated equipment connected to the Internet. Weak passwords. CISA and the FBI say these are just some of the issues that critical infrastructure operators are facing. Anti U.S. (pro-Russian) hackers are intensifying attacks on critical infrastructure such as water, wastewater, dams, energy […]

Continue reading → [DISPLAY_ACURAX_ICONS]

You Can’t Trust Cyber Crooks – DUH!

It was always difficult to separate fact from fiction when it came to breach information. Too many players had their own agendas to know what was real. Now there is another player in the room and it is FEAR, UNCERTAINTY AND DOUBT. Over the past four months alone, the press, social media accounts, and some […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Cloud Vendors Say “Know Your Customer” Rule is “Hard”

A Presidential Executive Order (EO) is making its way though the approval process which, if approved, would require cloud vendors like Google and Amazon to identify who is buying server time from them. This is very similar to what banks and other financial institutions have been doing for decades. But Google’s and Amazon’s trade group […]

Continue reading → [DISPLAY_ACURAX_ICONS]