Each month, RCM&D’s Cyber Practice highlights key issues in the world of cybersecurity. In this month’s edition of Cyber News Bytes, we discuss topics ranging from new cyber legislation to ransomware gangs.
Implementing California Consumer Privacy Act (Pt. 1)
On July 1st, the California Consumer Privacy Act (CCPA) will officially become enforced. The CCPA, which went live in January, allows consumers in the state of California the ability to access their personal data, opt out of the sale of their personal information and/or request the information be deleted.
It is imperative that organizations monitor CCPA enforcement activity throughout the second half of 2020 to understand what regulators are focused on and what changes may need be made within their company to ensure compliance with the new law. An article from Junto Blog by eRiskHub highlights findings on how some organizations are currently handling consumer access of personal information and some of the vulnerabilities in these current practices.
Wall Street Journal Cyber Risk Assessment
As carrier loss ratios continue to rise amid the COVID-19 pandemic, the Cyber insurance market is beginning to see adjustments to the underwriting process. As Cyber insurance continues to mature and insurance companies have more data and technology at their fingertips, there has been a continued effort to fine-tune their ability to assess risk. Today, insured organizations should not be surprised to find underwriters requesting business continuity plans, cyber risk assessments, work-from-home procedures, security protocols, and more. Historical applications may not allow underwriters to accurately discern an organization’s risk in today’s landscape. While this requires more effort from the insured, the additional measures can help proactively discover and resolve vulnerabilities. An article from The Wall Street Journal highlights some of these additional measures.
2020 Verizon Data Breach Report
Verizon recently released its 13th annual Data Breach Investigations Report. The report assesses and analyzes the variables associated with thousands of incidents and breaches that occurred over the course of 2019.
An article from LMG Security emphasized several key takeaways from the report, which highlighted an increased number of network errors, a trend of weak passwords leading to more crimes and statistics on criminal groups driving cybercrime.
REvil Ransomware Gang Begins Auctioning Victim Data
Ransomware continues to wreak havoc in the cybersecurity space. In the latest twist, ransomware gangs have begun auctioning off stolen data to entice victims to meet payment demands. A recent article from Krebs On Security highlights the REvil Ransomware group utilizing this tactic and publicly shaming those who don’t pay up. As the COVID-19 pandemic continues, criminals are still searching for new ways to terrorize victims who may be struggling to stay afloat amid economic uncertainty. In this article, Brian Krebs highlights ways you can prevent your business from being at the mercy of cybercriminals.
Questions?
RCM&D is here for you to help protect your cybersecurity. Talk to a trusted advisor today with any questions on these highlighted issues and beyond.