Get the latest cybersecurity news from leading companies, news outlets and blogs.
Cyber Connections News Roundup is a bi-weekly brief of online links to news stories and commentary of interest to the cybersecurity community, delivered on the second and fourth Tuesday of each month. Articles are selected for their newsworthiness, timeliness, potential impact, and reach.
July 26
T-Mobile Settles for 2021 Cyberattack
According to an article on www.cybersecuritydive.com, T-Mobile has agreed to $500M settlement for the class-action lawsuit stemming from the massive data breach it suffered in 2021. The settlement, reached on July 22, still requires final court approval. It includes a $350 million payment to members of the class action and its related legal costs. T-Mobile also agreed to invest an additional $150 million in data security and cybersecurity technology in 2022 and 2023. The data breach was widely regarded as the largest carrier breach on record, marking the fifth publicly acknowledged security incident for T-Mobile in three years. Read more.
Web Application Threats Continue to Plague Healthcare
According to a recent report on https://healthitsecurity.com, basic web application attacks have overtaken miscellaneous errors in causes of breaches in the healthcare sector. According to the Verizon Business 2022 Data Breach Investigations Report (DBIR), basic web application attacks, miscellaneous errors, and system intrusions represented 76 percent of all healthcare breaches. The HHS Health Sector Cybersecurity Coordination Center (HC3) and the HHS 405(d) Program outlined the definition and characteristics of web application attacks and explored how they threaten healthcare cybersecurity in its latest brief. Examples include online forms, spreadsheets, email programs, patient portals, EHR systems, patient monitoring applications with IoT devices, and online pharmacies. Read more.
TSA Revises and Reissues Cybersecurity Requirements for Pipeline Owners and Operators
According to a press release from the Transportation Security Administration (TSA), the agency has revised and reissued its Security Directive regarding oil and natural gas pipeline cybersecurity. Developed with input from industry stakeholders and federal partners, including the Cybersecurity and Infrastructure Security Agency (CISA), the reissued security directive extends cybersecurity requirements for another year, and focuses on performance-based – rather than prescriptive – measures to achieve critical cybersecurity outcomes. Following the May 2021 ransomware attack on a major pipeline, this version of the security directive continues to take steps that protect transportation infrastructure from evolving cybersecurity threats. Read more.
Are You Cyber Safe For Summer Travel Season?
It is critical to understand the tools we need to protect ourselves while traveling, according to a recent article on www.traveldailynews.com. Often, travel is a time when we’re rushed, tired, and vulnerable to cybersecurity fraud. It’s a time when we need the internet, and so we connect to unsecured Wi-Fi hotspots. We may find ourselves removed from a focus on our device security that is needed to remain protected. Most experts agree that the following suite of cybersecurity tools is essential while traveling: a Virtual Private Network, an antivirus suite, a malware suite, and a privacy-focused browser. Read more.
The Cybersecurity Job Market Continues to Stay Hot
In 2017, the global cybersecurity industry had an approximate market size of $86.4 billion, according to research conducted by Gartner, a tech research and consulting firm. By 2027, the global cybersecurity market is expected to grow nearly 80% from where it was in 2017, according to market research company BrandEssence. According to a recent article on www.fortune.com, BrandEssence projects that the global cybersecurity market will reach $403 billion; that’s with a compound annual growth rate of 12.5% between 2020 and 2027. According to the article, this rapid growth is a result of the interplay between the actions of cybercrime actors and the intelligence agencies that are trying to keep pace. Read more.