Cybersecurity This Month:

Employment 

The global “WannaCry” ransomware attack that peaked last week as well as the growing threat of Adylkuzz, another new piece of malware, illustrate a basic problem that will only become more pressing as ever more of our systems become connected: The internet wasn’t designed with security in mind, and dealing with that reality isn’t cheap or easy. 

Computer 'Geeks' Help Make or Break the Deal

Executives and investors are hiring an unlikely crowd to help them do deals: computer geeks. Companies and investment funds are adding an extra layer of scrutiny to acquisitions by screening targets for cybersecurity risks, as global computer attacks raise awareness. That’s prompting offers specifically tailored to takeovers by a variety of players, from consultants like Deloitte LLP to software providers including Intralinks Holdings Inc.

A majority of executives would seek to significantly lower a deal’s valuation in case of a high-profile data breach, a survey by stock market operator NYSE showed last year. About 85 percent of executives interviewed in the study said discovering major vulnerabilities at the audit stage of an acquisition would likely affect their final decision to go ahead with the takeover or back out.

Largest Settlement to Date Issued in Data Breach Suit

Anthem, the largest health insurance company in the US, has agreed to settle a class action lawsuit over a 2015 data breach for a record $115 million. 

"Nevertheless, we are pleased to be putting this litigation behind us, and to be providing additional substantial benefits to individuals whose data was or may have been involved in the cyberattack and who will now be members of the settlement class," an Anthem spokeswoman said in a statement confirming the settlement.

Assuming it's approved, it would be the largest data breach settlement in history, according to the plaintiffs' lawyers, who first announced the agreement Friday.

 
Buchanan Breach Coach

Visit Buchanan BreachCoach®, your one-stop portal for cybersecurity information and updates.

Top News

Bankers Are Hiring Cyber-Security Experts to Help Get Deals Done 

The wake-up call for cybersecurity expertise during mergers and acquisitions came after a 2014 Yahoo! Inc. hack affected about 500 million accounts, damaging the company’s reputation and causing Verizon Communications Inc. to cut its offer to buy the company by $350 million. There’s concern that computer viruses can be planted and remain dormant until after a deal, leaving the acquirer to cope with stolen customer data, industrial secrets or ransom demands.

Bloomberg Technology on Jun 27, 2017

Anthem agrees to pay record $115M to settle data breach suit 

Anthem, the largest health insurance company in the US, has agreed to settle a class action lawsuit over a 2015 data breach for a record $115 million.

The settlement still has to be approved by US District Court Judge Lucy Koh, who is scheduled to hear the case on August 17 in San Jose, California. And Anthem isn't admitting any wrongdoing or that "any individuals were harmed as a result of the cyberattack."

on CNET Jun 25, 2017

Fmr. CIA Director Brennan: ‘It’s Going to Take a 9/11’ Cyber Threat for US to Act
Lawmakers should recognize the gravity of cyber-security threats the U.S. faces, and focus on legislation and regulations to properly address vulnerabilities, warned former CIA Director John Brennan Wednesday.

“People frequently say it’s going to take a 9/11 in the cyber realm in order for us as a country to be able to come to terms and deal more effectively with cyber challenges,” said Brennan.

GovCon Wire on Jun 19, 2017

All IT Jobs Are Cybersecurity Jobs Now
The recent global ‘WannaCry’ ransomware attack that affected computers in 150 countries and the growing threat of new malware illustrate a basic problem that will only become more pressing as more of our systems become connected.

Also reported here

Wall Street Journal Technology - What's News on May 22, 2017

Twitter abandons 'Do Not Track' privacy protection
Twitter was one of the first companies to support Do Not Track (DNT), the website privacy policy. Now, Twitter is abandoning DNT and its mission to protect people from being tracked as they wander over the web.

DNT seemed like a good idea. By setting DNT on in your web browser, websites that supported DNT could neither place nor read advertising cookies on your device. Well, that was the idea anyway.

ZDNet - News on May 18, 2017

For Many Companies, a Good Cyber Chief Is Hard to Find 

Demand for chief information security officers is rising as cybersecurity problems attract the attention of corporate boards, but top candidates aren’t in great supply. 

Wall Street Journal Technology - What's News on May 15, 2017 (subscription required)

Prevent data breaches, don’t just report them
A growing number of state regulators publicly post details of data breaches that have compromised the personal information of their residents.

All but three states require companies to notify customers when hackers acquire sensitive information, such as credit card numbers and Social Security numbers. Many of those states also require the companies to alert state regulators and credit bureaus. The notices typically provide an overview of the data breach, a description of the information that was compromised and the steps that the company is taking to prevent additional attacks. 

TechCrunch on May 9, 2017