3 Interesting Articles
Former Uber security chief Sullivan avoids prison in data breach case
Washington Post ($): Former Uber chief security officer, Joe Sullivan, avoided jail time and was sentenced to three years’ probation and 200 hours of community service for covering a 2016 cyber attack. Last October, a jury found Sullivan guilty of obstructing an active FTC investigation and concealing a 2016 data breach that affected 50 million customers. This case has split the cybersecurity community and it was the first time a security executive has faced criminal charges for mishandling a data breach. Experts warned that a conviction would dissuade people from CISO roles though this case is an extreme example of executive negligence. Most CISOs are already well aware of their responsibilities and the importance of properly handling data breaches and cooperating with regulatory investigations.
NextGen Healthcare says hackers accessed personal data of more than 1 million patients
Tech Crunch: NextGen Healthcare, an electronic health record software company, was breached in late March and personal data of over 1 million patients was stolen. Hackers stole information such as social security numbers, names and dates of birth. The company was alerted to suspicious activity on March 30th and determined that data was stolen between March 29 and April 14th. Hackers accessed their cloud-based EHR by using client credentials which appear to have been stolen from other sources unrelated to the company. This is the second time this year that NextGen has been a victim of a breach.
It’s Time to Protect Yourself From AI Voice Scams
Atlantic: AI voice scams have existed for a couple of years but the technology has become cheaper, better and more accessible as the AI boom continues. In March, the FTC issued a cautionary notice to consumers regarding “family emergency schemes,” which are deceptive tactics that exploit individuals by falsely claiming that their family members are in dire situations, thereby coercing them into providing money or personal data for their release. It may be worthwhile establishing a safeword with loved ones as it simply takes one public audio clip of a person to create an AI model of their voice.
2 Stats You Should Know
Funding for cybersecurity startups increased slightly from $2.4 billion in Q4 2022 to nearly $2.7 billion in Q1 2023. (source)
70% of compliance professionals identified keeping up with regulatory changes as their biggest challenge. (source)
1 More Thing
Here’s a great example of public and private sector collaboration which prevented a cyberattack at Equifax:
Our large and diverse network of experts is here to help...
Charles M.
Principal
Charlies is a 14 year cyber security expert. He started his career in the U.S. armed forces and then transitioned into commercial roles. A security engineer by training, he's well-versed in tool deployment and administration.
Ellen K.
GRC Expert
Ellen bring a decade of GRC expertise to the TalPoint community. She's knowledgeable on a variety of frameworks and employs a methodical approach to compliance. She's available for needs assessments, gap assessments, internal audits, and for certain frameworks running independent 3rd party audits.
Zachary C.
Founder and CRO
Zachary bring a 20+ year career in risk management to the TalPoint community. He's worked across healthcare, finance, and supply chain manufacturing. His broad experience offers both a holistic view of risk as well as a common sense approach to risk management.