Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss topics ranging from Twitter hacks to cybersecurity during the new academic year.
Twitter Hacked
Last month, Twitter experienced a data breach targeting 130 accounts. The breach resulted in hackers tweeting from 45 accounts, accessing the inbox of 36 accounts and downloading Twitter data from seven. The incident was orchestrated through a phone “spear-phishing” attack, which is a process that targets particular victims who have access to confidential data. This attack emphasizes the need to train employees of these threats and to remain vigilant. A recent article from Business Insurance highlights the attacks and motives behind it.
Back to Basics: Cyber Coverage
While many organizations feel secure with their cyber liability coverage and well-aware of their unique exposures, there are plenty of others that are not and still have not considered a cyber policy. While the reasoning behind forgoing coverage varies by organization, it is still essential for these unprotected organizations to remain educated on current cyber products, the risks they protect against and the overall benefits they can provide. A recent article from D&O Diary presents a useful guide for those unprotected, providing valuable education on current products as well as what underwriters are looking for when assessing a risk. Cybersecurity is an evolving and ongoing process, being educated on all options is crucial for the protection of any organization.
Responding To Ransomware
Always a pertinent topic, ransomware attacks in today’s environment continue to plague organizations worldwide. A recent Q&A article from Net Diligence provides useful insight into the immediate actions that should be taken in the event of an attack. This article also discusses common characteristics of threat actors as well as some of the reasons an organization should seek the help of an outside expert if an attack occurs. Preventive measures for email and network security are provided to help organizations avoid being a vulnerable target for attacks. An alert from The Cybersecurity and Infrastructure Security Agency (CISA) regarding new strands of ransomware and malware underscores the importance of this topic.
Privacy Issues in the New Academic Year
As the education sector prepares for a new school year in the middle of the COVID-19 pandemic, the reliance on new technologies to provide students and staff remote access continues. Privacy regulations revolving around these platforms will be critical to continually protect the institution. The rapid adaptation of these technologies, along with a myriad of new regulations make this monitoring a difficult task for any institution. A recent article from Educause provides a critical review of the privacy regulations impacting educational institutions and also recommends governance structures that schools can adopt to set themselves up for success.
Questions?
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.