Authentic8 Blog Author: Gerd Meissner

Gerd writes, produces, edits, and manages content at Authentic8. Before, he covered information technology and data security as a journalist and book author in the US and in Europe.

2017 in Review: Data Breach Statistics and Trends

Illustration: 2017 in Review: Data Breach Statistics and Trends - Authentic8 Blog

What were the biggest data breaches in 2017? Did the federal government's cybersecurity fare better, two years after the disastrous OPM hack in 2015?

Did ransomware live up to, or even beat, the dire predictions? Which industries were targeted or hacked most?

We have pulled together summaries, surveys and posts worth returning to, for use as a quick reference to consult when working on IT security presentations, cybersecurity plans and requests for budget or approvals in the year ahead:

The Biggest Hacks, Leaks and Data Breaches in 2017

...presented in 28 (illustrated) slides by ZDnet, with links to more in-depth information.

Source: ZDNet

ABA Tech Report 2017: Security

What does the American Bar Association’s 2017 Legal Technology Survey Report reveal about data security in the nation’s law firms? David G. Riess, attorney at Clark Hill PLC, summarizes.

Source: ABA Tech Report

2017 in Review: Data Breach Statistics and Trends - Authentic8 Blog illustration

Largest Healthcare Data Breaches of 2017

78 healthcare data breaches in 2017 that affected more than 10,000+ records

Noteworthy Reads, Pics & Tweets

Earlier this month, we asked our circle of InfoSec Luminaries: "Which cybersecurity-related book, video, movie, podcast, GIF, or epic tweet can you recommend?"

Their tips make for worthwhile reads and relaxed browsing (not only) over the holidays. Enjoy!

Steve Durbin, Information Security Forum

I’m going to play safe and go with The Cyber Risk Handbook: Creating and Measuring Effective Cybersecurity Capabilities by Domenic Antonucci.

I highlight it not because I wrote one of the chapters but because it tries, and I’d say succeeds, in covering the whole range of challenges associated today with operating in cyberspace in a readable manner whilst suggesting practical approaches from a range of well known and respected contributors.

If you want to understand how to get to grips with cyber, read this book. Now! It’s also available for Prime delivery via Amazon, Kindle download and Audio download. The perfect gift!

Dr. Fred Scholl, Monarch Information Networks

WTF?: What’s the Future and

News Media: Easy Target on Twitter?

Illustration: News Media: Easy Target on Twitter? - Authentic8 Blog

CNN host Anderson Cooper said someone hijacked his Twitter account while he was asleep. The incident serves as a reminder that the Twitter feeds of (media) brands have become high-value targets for pranksters, online criminals and hacktivists.

How can news organizations and journalists better protect themselves against having their Twitter accounts hijacked or sabotaged?

CNN's initial announcement in December came after a tweet from Cooper's handle called President Trump a “tool” and a “pathetic loser.” CNN tweeted that “someone gained access” to his account.

The account wasn't "hacked", technically. It turns out that Cooper's assistant left his phone - which was logged in to the Twitter account - unattended at the gym. So goes the story, at least, and they're

5 Must-Read Cybersecurity Resources for Law Firms

Illustration: 5 Must-Read Cybersecurity Resources for Law Firms - Authentic8 Blog

A recent survey of law firms found that nearly one-third of the respondents didn’t know who was responsible for risk management within their organization. What will their corporate clients make of that?

According to the research reviewed for this post, client cybersecurity audits are becoming the new normal for law firms. Many companies are no longer willing to entrust their legal matters to firms without subjecting them to a client audit first.

The same holds true when Big Law is looking to partner with smaller practices in local markets. Potential partners who cannot demonstrate that and how they protect sensitive client information against data breaches will lose valuable business and connections to a competitor in the region who can.

For this post, we have collected resources that provide up-to-date insights and guidance that help law firms with their cybersecurity planning and client audit preparation:

*

1. Why Are So Many Law Firms Unaware That They Suffered a Data Breach?

The second edition

5 Free Resources for More Cybersecurity Awareness in Your Business

Illustration: 5 Free Resources for More Cybersecurity Awareness in Your Business - Authentic8 Blog

Every year, too many companies and organizations still pass up an easy opportunity for making their employees or volunteers more #cyberaware: National Cyber Security Awareness Month, the annual public/private campaign in October to raise public awareness and improve the nation’s overall security posture.

While IT security managers acknowledge the need for finding new and better ways to help users overcome their learned helplessness in the face of cyber threats, a lack of internal resources often prevents them from mounting their own NCSAM efforts and reach out to employees on all levels.

Does this sound familiar? If so, it’s not too late for your team to get in on this year’s NCSAM action.

Here's a quick fix.

Check out the free tools and resources we have selected for you.

However big or small your organization, they can help you get up and running with your own NCSAM in-house campaign on a budget and in no time:

*

The Official NCSAM