The 11th edition of Verizon’s 2018 Data Breach Investigations Report has been released and it provides a wealth of information regarding cyber attacks. As reported on forbes.com, Verizon has taken a rigorous data-driven approach to analyzing security breaches and incidents, providing insights not available in any other research study on security. The study confirms the widely-held belief that using stolen or compromised credentials are the most common approach hackers use to attack and breach systems.
Other findings reported online include: Cyber-Espionage and the stealing of valuable intellectual property are reason for 47% of all manufacturing IT breaches. 58% of security breach victims are small businesses, the largest segment overall. 76% of all breaches are financially motivated and 68% took months to discover. Healthcare, accommodations, public administration, retail, and finance are the top five industries that experience the most breaches today. Phishing and similar schemes represent 93% of social attack-based breaches.
With that and all the statistics from this report, it seems the number one take away for small businesses of all types is — how can I prevent this?
How to Comply with the HIPAA Breach Notification Rule
As more and more security breaches occur, healthcare organizations are becoming more familiar with the notification rule. As stated online, 'the rule requires HIPAA covered entities and business associates (BAs) to provide notification to individuals, regulators, and the media following a breach of protected health information (PHI). But the devil, as they say, is in the details.' According to the Department of Health and Human Services, covered entities and business associates must provide notification if the breach involves unsecured PHI, which is PHI that "has not been rendered unusable, unreadable, or indecipherable to unauthorized persons using technology or methodology." Call us today at 281-403-9561 to discuss best practices on how to protect your patient data or visit our healthcare page.
Amazon Creating Rekognition Software
Amazon is getting into the facial recognition industry. According to the company, "Amazon Rekognition makes it easy to add image and video analysis to your applications. You just provide an image or video to the Rekognition API, and the service can identify objects, people, text, scenes and activities. It can detect any inappropriate content as well. Amazon Rekognition also provides highly accurate facial analysis and facial recognition. You can detect, analyze and compare faces for a wide variety of use cases, including user verification, cataloging, people counting and public safety." CNET explains this further: If Alexa is Amazon's effort to give AI ears and a voice, then Rekognition could be seen as the company's effort to give AI a sense of sight and the intelligence to recognize what it's looking at. The difference is that Alexa is built for consumers like you and me, while Rekognition is an enterprise offering intended for businesses and organizations.
Norway Aluminum Maker Closes Some Plant Operations Due to Cyber Attack
BBC News reported that one of the world's biggest aluminum producers has switched to manual operations at its Norwegian smelting facilities following a cyber-attack. Hydro, which employs more than 35,000 people in 40 countries, says the attack began on Monday night and is ongoing.
"IT systems in most business areas are impacted," the firm said. Local media in Norway reported that the cyber-attack was caused by a relatively new form of ransomware known as LockerGoga. However, a spokesman for Hydro declined to confirm this.