Last Month in Cyber – Issue 31

Share This Post:

We keep an eye on what’s happening in the cybersecurity world so you don’t have to. Here’s a recap of what we considered the highlights from last month.

The Cyber AB — formerly known as the CMMC Accreditation Body — issued a draft document on Tuesday July 26, 2022, detailing the assessment process that third-party organizations will need to follow in certifying that DOD contractors can securely handle the department’s sensitive information, as will soon be required by the CMMC program.

The tsunami of cyber-attacks against public, private, and critical infrastructure organizations continue to grow. Chubb Cyber Index reports an 300%-4000% increase in cyber incidents across various industries over the last 3 years. This recent article from Forbes discusses cyber-attack trends and best practices for improving your security program.

Based on recent cyber-attack and data breach reports, government agencies and their vendors/suppliers, must be prepared to proactively protect themselves against cyber-attacks by using comprehensive security solutions capable of providing detection, protection, and response services that span the enterprise – from endpoint devices to the cloud.

Contact us to learn how MARS Suite can help monitor, defend, and protect your organization and address dozens of CMMC controls and requirements.

June 2022 saw 70 healthcare data breaches of 500 or more records reported to the Department of Health and Human Services’ Office for Civil Rights (OCR) – two fewer than May and one fewer than June 2021. Over the past 12 months, from July 2021 to June 2022, 692 large healthcare data breaches have been reported and the records of 42,431,699 individuals have been exposed or impermissibly disclosed. The past two months have seen data breaches reported at well over the 12-month average of 57.67 breaches a month.

SonicWall reports a 23% fall in ransomware attacks globally in H1 2022, which fell to 236.1 million attempted attacks, continuing the downward trend that has been observed for the previous four quarters. June 2022 saw the lowest number of ransomware hits in the past 23 months. While ransomware attacks are down overall, that is not the case for the healthcare industry, which saw a 328% increase in attacks in H1 2022.

Various data breach research reports are communicating that over 60% of 2021 data breaches are being caused by third-party vulnerabilities. Another Third-Party vendor to a healthcare provider has been exploited facilitating a major data breach.

Contact us to learn how MARS Suite can reduce cyber risks, protect critical healthcare systems, and help address HIPAA and State Data Privacy controls and requirements.

In December of 2021, the Federal Trade Commission updated a Safeguards Rule that
was designed to protect consumer personal and private information and is expected to strengthen information security programs within non-banking financial institutions.
The current Safeguards Rule has been in effect since 2003 requires financial institutions to create and maintain an information security program to protect customer information. When key provisions of the updated Safeguards Rule go into effect in December of 2022, organizations providing various loan and financial services within various industries will be required to deploy up to 15 different elements within their information security program.

The new amendments only apply to financial institutions that are within the FTC’s jurisdiction. These include non-banking financial institutions such as mortgage lenders, mortgage brokers, payday lenders, auto-dealers, professional tax preparers, check cashing businesses, collection agencies, non-federally insured credit unions, and real estate appraisers.

Watch this video from NADA explaining the FTC Safeguards Rule and the impact it will have on Auto-Dealers.

Contact us to learn how MARS Suite can help address FTC Safeguards Rule requirements and preserve revenues

More from the blog

Learn More About Upcoming Events