Top Stories for this Week

Latest CyberAttack Channels

• Forty-three percent of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves, according to Accenture.
• These incidents now cost businesses of all sizes $200,000 on average, reveals insurance carrier Hiscox.
• More than half of all small businesses suffered a breach within the last year.
• Today it’s critical for small businesses to adopt strategies for fighting cyberthreats.

New Known Breaches in the Past Week

Hattiesburg ambulance service reports data breach

According to a news release, AAA Ambulance Service Inc., which is based in Hattiesburg, said there was an attempted ransomware attack launched on its data systems on or around July 1. The company systems were secured at the time, but following an investigation, it was discovered in August that some patient data may have been viewed or taken during the attack. By Keisha Rowe | October 05, 2020

$5 Million settlement in hospital data breach

Community Health Systems Inc. is to pay $5 million to 27 states after a massive data breach in August 2014 that impacted approximately 6.1 million patients nationwide, including 75,597 consumers from West Virginia. By Ashley Haycraft | October 11, 2020

Health insurer pays $6.85M to settle data breach, HIPAA violations

The U.S. Department of Health and Human Services announced Sept. 25 that Premera Blue Cross has agreed to pay $6.85 million to the Office for Civil Rights at HHS to settle potential violations of the Health Insurance Portability and Accountability Act Privacy and Security Rules. By ADA Org. | October 12, 2020

Froedtert Hospital says patient information was stolen in data breach

Froedtert, which runs Froedtert Hospital in Wauwatosa with the Medical College of Wisconsin, said the stolen information did not include Social Security numbers and credit card and other financial information. But the data may have included patient names, addresses, provider names, dates of patient visits, medical record numbers and dates of birth, according to Froedtert Health. By: Jackson Danbeck | October 14, 202020

Customers of food delivery app Chowbus had their home addresses leaked

An email address registered with the company sent a link to files containing details of about 4,300 restaurants as well as information about hundreds of thousands of customers, screenshots posted to Reddit suggest. By Grace Dean | October 6, 2020

General Cybersecurity News

The Important Difference Between Cybersecurity And Cyber Resilience (And Why You Need Both)

Cyber threats like hacking, phishing, ransomware, and distributed denial-of-service (DDoS) attacks have the potential to cause enormous problems for organizations. Not only can companies suffer serious service disruption and reputational damage, but the loss of personal data can also result in huge fines from regulators. By Bernard Marr | October 14, 2020

In the Age of Coronavirus, Infectious Disease Isn’t the Top Business Risk in the US; Cyber Attacks Are

Though the Covid-19 crisis is still not in check in the United States after seven months of public restrictions and it is still unclear when a vaccine will be developed, infectious disease clocks in as only the second-greatest business risk category in 2020. Cyber attacks remain the country’s greatest challenge, something that bucks a general global trend among the world’s major economies. By CPO Magazine | October 13, 2020

Hacker groups chain VPN and Windows bugs to attack US government networks

Hackers have gained access to government networks by combining VPN and Windows bugs, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) said in a joint security alert published on Friday. By Catalin Cimpanu | October 12, 2020

Small Business Cybersecurity Concerns

Small Businesses and Consumers Grossly Underestimate Danger of Cyberattacks

Consumers and businesses alike are underprepared to deal with existing or upcoming cyber threats. Surprisingly, according to a Nationwide Agent Authority survey, the main reason is not the lack of funds, but misplaced confidence and poor risk management. By Silviu STAHIE | October 9, 2020

Experts push cybersecurity awareness amid COVID-19 concerns for small businesses

As school, socializing, and many aspects of life moved online in 2020, experts warned it was more important than ever to protect your digital devices and steer clear of cybercriminals. October was National Cybersecurity Awareness Month, a designation intended to raise awareness surrounding online threats. By Hannah Knowles | October 10, 2020

Why cybersecurity needs to be a top priority for small businesses

A common misconception among SMEs is that cyber criminals would rather target more larger organisations than smaller entities with less assets. In fact, SMEs are easier pickings for hackers due to their lack of cybersecurity. As this can jeopardise a whole business structure, every SME need to make protecting their network a top priority. By Special Reports | October 09, 2020

Cybersecurity Best Practices for Small to Mid-Sized Businesses

Hiscox’s Cyber Readiness Report 2019 revealed that the number of small and mid-sized businesses reporting at least one attack has continued to rise year-over-year, reaching 47% for those with less than 50 employees and 63% for those with 50 to 250 staff members. By Avast Blog | October 8, 2020

Research Reveals Key SMB Cybersecurity Trends

While COVID-19 has brought huge disruption and uncertainty this year, cybersecurity still remains a top priority and focal area for small and midsize businesses (SMBs). At least, that’s what our new research reveals. By ConnectWise Guest Blogger | October 12, 2020

Cyber Insurance News

Cybersecurity insurance: what is it and does your company need it?

Cybersecurity insurance — also referred to as cyber risk insurance or cyber liability insurance coverage — can protect against a number of cyber-related threats and help businesses recover from an otherwise no-win situation. By Abbey Slattery | October 13, 2020

Cyber insurance is only a few claims away from disaster. This is why it matters

Cyber insurance may still be in its infancy, but over the past few years, we have seen rapid growth followed by what we all hope to be a temporary plateau. Insurers are issuing more policies. The amounts of protection are increasing. By Thomas Johansmeyer | October 09, 2020

Cyber Insurance Market worth $20.4 billion by 2025

The Cyber Insurance Market size in the post-COVID-19 scenario is projected to grow from USD 7.8 billion in 2020 to USD 20.4 billion by 2025, at a CAGR of 21.2% during the forecast period. By MarketsandMarkets | October 12, 2020

Cyber Insurance: A Promising Way To Contain Havoc Cyber Attacks

Insurance is one of the most promising tools for addressing pervasive cyber insecurity. A robust market for insuring cyber incidents could, among other things, financially incentivize organizations to adopt better cyber hygiene—thereby reducing cyber risk for society as a whole. But cyber insurance is not yet mature enough to fulfill its potential, partly due to uncertainty about what kinds of cyber risks are, or can be, insured. By Tayyab Awan | October 14, 2020

MSP News

Embracing Managed Service Providers in the post-Covid-19 world transformation

Covid-19 has accelerated the need for businesses to look at moving operations and managed service providers can play a crucial role in the transformation. By Bharat S Raj | October 13, 2020

CVE Announcements This Week

Microsoft October 2020 Patch Tuesday fixes 87 vulnerabilities

Microsoft has released today its monthly batch of security updates known as Patch Tuesday, and this month the OS maker has patched 87 vulnerabilities across a wide range of Microsoft products. By Catalin Cimpanu | October 13, 2020

US Cyber Command: Patch Windows 'Bad Neighbor' TCP/IP bug now

US Cyber Command warns Microsoft customers to immediately patch their systems against the critical and remotely exploitable CVE-2020-16898 vulnerability addressed during this month's Patch Tuesday. By Sergiu Gatlan | October 14, 2020

New Critical Patches for October 2020

So far in 2020, 11 zero-day attacks have been seen in the wild and the vendors have released patches for them. Those CVEs are:

• • Firefox (CVE-2019-17026)
  • Internet Explorer (CVE-2020-0674)
  • Chrome (CVE-2020-6418)
  • Trend Micro OfficeScan (CVE-2020-8467 & CVE-2020-8468)
  • Firefox (CVE-2020-6819 & CVE-2020-6820)
  • Google Tag (CVE-2020-0983, CVE-2020-1020 & CVE-2020-1027)
  • Sophos XG Firewall (CVE-2020-12271)

Regulations, Frameworks, and Controls

Next generation controls for information systems and organizations now includes key focus on privacy

The National Institute of Standards and Technology (NIST) released its draft version of Revision 5 of Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, in late March 2020. By Thomas Wolfe | October 12, 2020

Top 5 Cybersecurity Frameworks to Secure Your Organization

With the help of the best cybersecurity frameworks, you can move past compliance requirements and obtain a secure cyber state. These top cybersecurity frameworks will allow your organization to achieve a more cyber resilient program. By Axio | October 14, 2020