Decrypting Breach Realities: Beyond Isolation to Collective Progress

According to a recent study, over the last two years, more than half of all organizations have experienced a breach from a third party.
Regrettably, the predominant response to such incidents is to isolate the affected party.
Surprisingly, as many as 83% of consumers confess to halting or discontinuing their transactions with an organization post-incident.
While it is understandable for people to react to a security incident by distancing themselves from the affected organization, this response overlooks a valuable chance for the entire industry.
The opportunity being discussed is the potential for shared learning and progress that arises when the specific details of an incident are made public.
To put it differently, rather than merely reacting negatively, there is a prospect for the industry to unite, comprehend the incident, and leverage that understanding to enhance overall security practices and resilience.
The terms 'cyberattack,' 'data breach,' and 'breach' are sometimes used interchangeably.
It's important to note that not every cyberattack results in a data breach, and conversely, not all data breaches are a result of cyberattacks.
A data breach happens when unauthorized individuals infiltrate secure systems, pilfering credential data that encompasses personal details like Social Security numbers, bank account information, and healthcare records.
Corporate data, such as customer records, intellectual property, and financial information, may also be compromised.
Despite having a security program deemed commercially reasonable, breaches persist.
When assessing potential partners and vendors, a crucial factor to consider is their ability to respond effectively and their willingness to be transparent in the event of a security incident.
Employees are gaining more understanding when it comes to security incidents.
Security experts recognize that phishing is a numbers game, and as attack tactics become more sophisticated, acknowledging the role of human trust and error in our risk landscape is crucial.
While businesses often implement successful security policies internally, the same level of scrutiny is not consistently applied to partners and vendors.
Recognizing that breaches can happen despite precautions, it is crucial for businesses to include an evaluation of security measures in their vetting process.
Hasty decisions to sever ties with a reliable partner after an attack can introduce additional risks, including operational challenges.
Although distinguishing between an unexpected breach and a pattern of risky behaviour is vital, the availability of compliance frameworks and security assessments facilitates a more informed evaluation of a potential partner's breach readiness.
Being more understanding about breaches does not mean organizations should skip their checks.
Security questionnaires and reports remain crucial for ensuring organizations handle data carefully.


This Cyber News was published on www.cysecurity.news. Publication date: Wed, 06 Dec 2023 16:43:05 +0000


Cyber News related to Decrypting Breach Realities: Beyond Isolation to Collective Progress

Data Breach Response: A Step-by-Step Guide - In today's interconnected world, organizations must be prepared to respond swiftly and effectively in the face of a data breach. To navigate these challenges, a well-defined and comprehensive data breach response plan is essential. Let's explore the ...
8 months ago Securityzap.com
Decrypting Breach Realities: Beyond Isolation to Collective Progress - According to a recent study, over the last two years, more than half of all organizations have experienced a breach from a third party. Regrettably, the predominant response to such incidents is to isolate the affected party. Surprisingly, as many as ...
10 months ago Cysecurity.news
Tech Security Year in Review - In this Tech Security Year in Review for 2023, let's look into the top data breaches of the past year. Each factor contributes to the growing threatscape, demanding a proactive and adaptable cybersecurity approach to safeguard your organization ...
9 months ago Securityboulevard.com
MoveIt Transfer vulnerability targeted amid disclosure drama - Another vulnerability in Progress Software's MoveIt Transfer product is under attack amid an apparent leak of flaw. In security alerts published on Tuesday, Progress detailed two critical improper authentication vulnerabilities, one tracked as ...
3 months ago Techtarget.com
Microsoft SFI progress report elicits cautious optimism | TechTarget - "After a year, it looks like Microsoft has made some smart and substantive initial progress in elevating security across the whole organization: investment in security-focused head count, inclusion of security into performance reports across the ...
6 days ago Techtarget.com
MOVEit Transfer Flaws Push Security Defense Into a Race With Attackers - Attackers appear to be pounding away at a couple of critical bugs that Progress Software disclosed this week in its MOVEit file transfer application, with nearly the same ferocity as they did the zero-day flaw the company disclosed almost exactly a ...
3 months ago Darkreading.com
Welltok data breach exposes data of 8.5 million US patients - Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack. Welltok works with health service ...
10 months ago Bleepingcomputer.com
Welltok Data Breach: 8.5M US Patients' Information Exposed - In a recent cybersecurity incident, Welltok, a leading healthcare Software as a Service provider, reported unauthorized access to its MOVEit Transfer server, affecting the personal information of approximately 8.5 million patients in the United ...
10 months ago Securityboulevard.com
Bank of America's Security Response: Mitigating Risks After Vendor Data Breach - In a concerning development, Bank of America has informed its customers about a possible data breach stemming from a security incident involving one of its vendors. This incident raises questions about the security of sensitive customer information, ...
7 months ago Cysecurity.news
Goto Customers Backup Data Breach: Protect Your Business and Handle Data Breach Risks - A data breach at Goto customers exposed their backup data to malicious actors, leading to a data breach that impacted those customers. Businesses need to be aware of the risks associated with data breaches and how to protect their organisations from ...
1 year ago Securityaffairs.com
AvidXchange Notifies Consumers of Data Breach Following Period of Unauthorized Access - On October 13, 2023, AvidXchange, Inc. filed a notice of data breach with the Attorney General of Massachusetts after discovering that a recent cybersecurity event resulted in an unauthorized party being able to access the company's IT network. In ...
10 months ago Jdsupra.com
Akumin Files Notice of Data Breach with the Securities and Exchange Commission - On October 16, 2023, Akumin Inc. filed a notice of data breach with the Securities and Exchange Commission after discovering that it had been the recent victim of a ransomware attack. In this notice, Akumin explains that the incident resulted in an ...
10 months ago Jdsupra.com
Ex-Uber CSO: Lessons Learned from the Breach and Legal Case - BLACK HAT EUROPE 2023 - London - Former Uber CISO Joe Sullivan last week shared new details about the 2016 data breach at the company that led to his firing from Uber and, later, felony charges. The Uber Breach Sullivan was in his second year as CISO ...
9 months ago Darkreading.com
How Can Data Breach Be A Trouble For Your Industry? - To navigate an era of cyber risks, this unsettling reality necessitates a renewed focus on data integrity protection and digital asset protection. In this blog, we will discuss a data breach in the Hospitality industry. Some of the companies like MGM ...
9 months ago Securityboulevard.com
Texas Retina Associates Notifies Nearly 300k People of Recent Data Breach - On June 26, 2024, Texas Retina Associates filed a notice of data breach with the Attorney General of Texas after discovering that confidential information that had been entrusted to the company was subject to unauthorized access. In this notice, ...
3 months ago Jdsupra.com
Infosys McCamish Systems data breach impacted over 6M people - MUST READ. Infosys McCamish Systems data breach impacted over 6 million people. Keytronic confirms data breach after ransomware attack. City of Cleveland still working to fully restore systems impacted by a cyber attack. ABN Amro discloses data ...
3 months ago Securityaffairs.com
Prudential Financial data breach impacted over 2.5M individuals - Prudential Financial data breach impacted over 2.5 million individuals. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
3 months ago Securityaffairs.com
Evolve Bank data breach impacted fintech firms Wise and Affirm - MUST READ. Evolve Bank data breach impacted fintech firms Wise and Affirm. Keytronic confirms data breach after ransomware attack. ABN Amro discloses data breach following an attack on a third-party provider. Christie disclosed a data breach after a ...
3 months ago Securityaffairs.com
Mr. Cooper breach affects more than 14.6M - Mr. Cooper, a major U.S. mortgage servicer, says an October data breach affected nearly 14.7 million people, including all its current and former customers. Mr. Cooper provided a data breach notification to the Office of the Maine Attorney General ...
9 months ago Packetstormsecurity.com
23andMe failed to detect mega-breach attackers for 5 months The Register - Biotech and DNA-collection biz 23andMe, the one that blamed its own customers for the October mega-breach, just admitted it failed to detect any malicious activity for the entire five months attackers were breaking into user accounts. In a collection ...
8 months ago Go.theregister.com
Forward Bank Notifies 46,019 Customers of Recent Data Breach - On November 17, 2023, Forward Bank filed a notice of data breach with the Attorney General of Maine after discovering that an unauthorized party was able to access certain files on the company's computer network. In this notice, Forward Bank explains ...
10 months ago Jdsupra.com
Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k Individuals - On October 23, 2023, the Dakota Eye Institute filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that patients' personal information was compromised following a cyberattack. ...
10 months ago Jdsupra.com
Longhorn Imaging Center Files Notice of Data Breach Affecting Patients' Sensitive Medical Information - On October 25, 2023, South Austin Health Imaging LLC dba Longhorn Imaging Center filed a notice of data breach with the Attorney General of Texas after discovering that confidential information in the company's possession was subject to unauthorized ...
10 months ago Jdsupra.com
PennyMac Files Notice of Data Breach That Leaked Thousands of SSNs - On October 19, 2023, PennyMac Loan Services LLC filed a notice of data breach with the Attorney General of Texas after discovering that unauthorized actors were able to access information that had been entrusted to the company. In this notice, ...
10 months ago Jdsupra.com
Delta Dental says data breach exposed info of 7 million people - Delta Dental of California is warning almost seven million patients that they suffered a data breach after personal data was exposed in a MOVEit Transfer software breach. Delta Dental is a dental insurance provider that covers 85 million people ...
9 months ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)