Tag Archive for: leaders

Partnering With Ukraine on Cybersecurity Paid Off, Leaders Say > U.S. Department of Defense > Defense Department News

/in



A year ago, a hunt forward 10-member team of the U.S. Cyber Command’s Cyber National Mission Force arrived in Kyiv, Ukraine.

The Marine Corps major leading that team called back and she said, “We’re gonna be here for a bit,” said Army Gen. Paul M. Nakasone, commander, U.S. Cyber Command and director, National Security Agency/chief, Central Security Service. 

Nakasone spoke on a panel today at the Reagan National Defense Forum at the Ronald Reagan Presidential Library in Simi Valley, California. 

That team grew from 10 to 39 people, working with Ukraine to strengthen its cyber defenses and provide reassurance. It paid off big-time as Russia launched its invasion, he said. 

The lesson: presence, persistence and the value of partnerships is what matters most, he said. 

The Federal Bureau of Investigation, the Cybersecurity and Infrastructure Security Agency, industry, academia, as well as foreign allies and partners are among those that the Defense Department works with closely, he said. 

A prime example is Cybercom partnering with the FBI and CISA, to ensure safe and secure elections, he mentioned. 

“We generate really good insights. We share intelligence and information with the FBI and CISA. And then, we take action against adversaries who are going to try to do us harm,” Nakasone said. 

The past year, the NSA released 24 unclassified cybersecurity advisories regarding what to expect in terms of Russian attacks on such things as the U.S. critical infrastructure, he said. 

Frank Kendall, secretary of the Air Force, who also spoke on the panel, said regarding military cyber systems, “If we put the resources into them, we can be reasonably cybersecure. … But [enemy] tactics will continue to evolve. They’re going to get more sophisticated over time as we build better defenses.” 

Over the last few decades, America’s ability to secure against cyberattacks has improved pretty dramatically, he added. 

“You’re never going to be perfect, but you can be highly resilient and you can be at a point where you if you get an unexpected attack, you can recover,” Kendall said. 

When Russia…

Source…

Additional 15K added to Eye Care Leaders’ already record-setting breach tally

/in


An Air Force ophthalmologist performs surgery on a patient on Sept. 1, 2022. (Army)

Another 15,000 patients have been added to the breach tally of the Eye Care Leaders ransomware attack from nearly one year ago.

Massengale Eye Care issued a breach notice to patients in late October, informing them that their data was also compromised during what remains the largest incident reported in healthcare this year at nearly 3.7 million impacted patients.

While mainstream media outlets have recently warned that the CommonSpirit Health cyberattack could impact 20 million patients, the massive health system’s financial report from this week again stated that they are still investigating and have not found evidence of patient data impacts. As such, ECL still holds the dubious top position.

As reported, ECL’s EMR was hit with a ransomware attack on Dec. 4, after a threat actor accessed the platform and deleted databases and system configuration files. Without the data, it was not possible to identify whether the data was accessed or exfiltrated before it was deleted.

The compromised data varied by provider and patient, and for Massengale the data could include names, contact information, dates of birth, Social Security numbers, diagnostic details, and health insurance information.

ECL has not issued its own breach notice with the Department of Health and Human Services, as it defends itself against a provider-led lawsuit accusing the cloud EMR vendor of concealing additional ransomware incidents deployed earlier this year.

A number of providers affected by those alleged incidents spoke exclusively with SC Media, detailing their frustration over the stonewalling. The lawsuit status was last updated in October, with at least 13 filings to extend the time to respond to the claims and two more filings requesting the case be dismissed. In these filings, ECL has repeatedly denied these claims.

CorrectCare security incident swells to 607K impacted individuals

Two more healthcare entities have filed breach notices with HHS, after their medical claims processing vendor CorrectCare informed them that their patient information was exposed due to two misconfigured file databases in July.

CorrectCare Integrated…

Source…

Cybersecurity needs to be one of India’s topmost priorities for long term growth: Leaders at Microsoft’s ‘Future of Security’ Roundtable

/in


As we navigate an increasingly complex, boundaryless hybrid world, cybersecurity has never been more critical. With cyberattacks growing in size, scale and sophistication, cybersecurity becomes mission-critical for protecting individuals, businesses, and governments.

Against this backdrop, and as part of Cybersecurity Awareness Month, Microsoft hosted a Future of Security curated dialogue with industry experts, on building India’s cyber resilience. Terence Gomes, Country Head – Security, Microsoft India, was in conversation with Seema Khanna, Deputy Director General, National Informatics Centre (NIC), Government of India, Rama Vedashree, Former CEO, Data Security Council of India (DSCI), and Satish Kumar Dwibhashi, SVP and CISO, InMobi, on the evolution of the cybersecurity landscape and the need for public-private partnerships to protect India at scale.

Trust in technology, need for stronger collaboration between the public and private sectors, driving consumer awareness, and the role of secure, trusted, ethical tech in driving innovation for India were some of the topics that were discussed.

Anchoring these discussions, Microsoft shared its commitment to building a trusted tech ecosystem in the country, making available the technology and threat intelligence expertise required to protect against cyber threats.

 

Key excerpts from the discussion:

Trust in technology

Seema Khanna: “Trust in technology cannot work in silos, they go hand-in-hand. Earning trust is easy, but we only get one shot at it. Both as government and industry, we must navigate earning the trust from users. For this, we need to have an enabling framework for services. Security must be by design and every service we provide needs to be built with trust, especially in the hybrid world.”

Satish Kumar Dwibhashi: “We are living in a digital world. So, digital trust is a necessity. It is no longer a choice, but imperative in today’s world.”

Rama Vedashree: “We need to take a step back and acknowledge how much has moved to digital now. Digital technologies are now being used for very personal, very sensitive information. This is exactly why trust in technology is receiving so much…

Source…

Indian Business Leaders Say Hybrid Cloud is Critical to Modernization, Yet Security, Skills and Compliance Concerns Impede Success

/in


New market research from IBM revealed that in India 85% of respondents have adopted a hybrid cloud approach which can help drive digital transformation, yet the majority of responding organizations are struggling with the complexity to make all their cloud environments work together. As organizations face skills gaps, security challenges, and compliance obstacles, only 30% of Indian respondents manage their hybrid cloud environments holistically – which can create blind spots and put data at risk.

The IBM Transformation Index: State of Cloud commissioned by IBM and conducted by independent research firm, The Harris Poll, was created to help organizations map their cloud transformation and empower them to self-classify their progress. Built on a foundation that leverages insights from experienced cloud professionals, enterprises can use the Index to gain measurable metrics that can help quantify their progress and uncover areas of opportunity and growth. The Index consisted of more than 3,000 business and technology decision-makers from 12 countries and across 15 industries including financial services, manufacturing, government, telecommunications and healthcare, to understand where organizations are advancing, or merely emerging, on their transformation journeys.

The Index points to a strong correlation between hybrid cloud adoption and progress in digital transformation. In fact, 76% of those surveyed think it’s difficult to realize the full potential of a digital transformation without having a solid hybrid cloud strategy in place. At the same time, only 39% of Indian respondents said that they have proven the benefits of the cloud and are now focused on using it more fully. So, why the disconnect? A sample of findings include:

  • Compliance: Businesses believe ensuring compliance in the cloud is currently too difficult– especially as we see enforcement of regulatory and compliance requirements heat up across the globe.
  • Security: While businesses have embraced a variety of security techniques to secure workloads in the cloud, concerns about security still remain.
  • Skills: As organizations face the realities of a talent shortage, they are failing to implement a holistic…

Source…