Neil Ford, Author at IT Governance USA Blog

SEC Charges SolarWinds and its CISO with Fraud

Neil Ford November 3, 2023

The SEC (Securities and Exchange Commission) has charged the software company SolarWinds and its CISO (chief information security officer), Timothy G. Brown, with fraud and internal control failures relating to its cybersecurity practices. In a press release dated October 30, …

[Continue Reading...]

An Introduction to the SEC Cybersecurity Disclosure Rules and Who Needs to Comply

Neil Ford October 26, 2023

On July 26, 2023, the SEC (Securities and Exchange Commission) adopted new rules on cybersecurity disclosures. They came into effect on September 5, and begin to apply from December 15 – although compliance dates vary depending on the type of …

[Continue Reading...]

How ISO 27001 training can boost your career

Neil Ford October 19, 2023

If you’re looking for a way to stand out in the information security industry, an ISO 27001 qualification may be the perfect solution. The Standard sets out the specifications for an ISMS (information security management system), helping organizations manage the …

[Continue Reading...]

Increased Cybersecurity Risks for Financial Services Organizations

Neil Ford October 12, 2023

The financial services sector is one of the worst affected by data breaches and cyber attacks. Indeed, according to IBM and Ponemon Institute’s Cost of a Data Breach Report 2023, the average cost of a data breach for financial services …

[Continue Reading...]

Cybersecurity Awareness Month 2023: Secure our World

Neil Ford October 6, 2023

October 2023 marks the 20th Cybersecurity Awareness Month – an annual campaign designed to raise awareness of cybersecurity, both at home and at work. This year, CISA (the Cybersecurity and Infrastructure Security Agency) has announced a new awareness program called …

[Continue Reading...]

Microsoft Azure Leak Compromises 38TB of Data

Neil Ford September 21, 2023

A member of Microsoft’s AI research division has accidentally leaked 38 terabytes of data via a misconfigured storage bucket. Researchers from the Cloud security company Wiz.io found the Microsoft employee had shared a URL for the Azure storage bucket in …

[Continue Reading...]

Operation Duck Hunt: Multinational Operation Dismantles Qakbot Botnet

Neil Ford September 7, 2023

The FBI and the Justice Department have announced a multinational operation that has dismantled the infrastructure of the Qakbot botnet and resulted in the seizure of more than $8.6 million in cryptocurrency. Operation ‘Duck Hunt’ took place in the U.S. …

[Continue Reading...]

MOVEit breach: over 1,000 organizations and 60 million individuals affected

Neil Ford August 31, 2023

When Russia’s Cl0p gang hacked Progress Software’s MOVEit Transfer app via a zero-day SQL injection vulnerability on May 27, it soon became apparent that the number of organizations and individuals affected would be high. The first known victim was the …

[Continue Reading...]

Tesla data breach caused by “insider wrongdoing”

Neil Ford August 24, 2023

A data breach at Tesla, which affected 75,735 people and saw sensitive company data compromised, was caused by two former employees, the electric car maker said. In a data breach notice filed with Maine’s attorney general, Tesla’s data privacy officer, …

[Continue Reading...]

Apple Pay hack: researchers force payments on locked iPhones

Neil Ford September 30, 2021

Researchers in the UK have demonstrated a security flaw that allowed them to make a contactless Visa payment of £1,000 ($1,345) via a locked iPhone. According to Bleeping Computer, the hack relies on Apple Pay’s Express Transit mode, a feature …

[Continue Reading...]

Neil Ford Archive