Cyber Threat Report: Cyber Security News for 12/14/23

FBI Explains How Companies Can Delay Sec Cyber Incident Disclosures
The FBI worked with the Department of Justice to create a guidance document for victims about how companies can “request disclosure delays for national security or public safety reasons.” Read More

Almost 50% Of Organizations Plan To Reduce Cybersecurity Headcounts: Survey
Even as security incidents continue to grow in all sectors, 47% of the respondents plan to reduce their security headcounts. Read More

Congress Finds Pharmacies Give Patient Records To Law Enforcement Without Warrants
Investigators found of eight, three failed to require legal review before submitting patient records to law enforcement: CVS Health, the Kroger Company, and Rite Aid Corporation, and none of the eight require a warrant prior to sharing patient records. Read More

Cloud Engineer Wreaks Havoc On Bank Network After Getting Fired
Now he's got two years behind bars to think about his bad choices. Read More

White House Wants To Set Minimum Cyber Standards For Hospitals, Healthcare
The Biden administration has been working on a global effort to crack down on ransomware payments, too. Read More

HHS Agrees To $480,000 Settlement With Louisiana Medical Group Over Data Breach
This settlement marks the first resolution by HHS involving a phishing attack that violated the Health Insurance Portability and Accountability Act (HIPAA), highlighting the need for healthcare organizations to prioritize cybersecurity measures. Read More

Chinese Apt Volt Typhoon Linked To Unkillable Soho Router Botnet 
Malware hunters have set eyes on an impossible-to-kill botnet packed with end-of-life SOHO routers and connected it to a Chinese APT targeting US critical infrastructure. The only solution is to rip and replace these things. Read More

Major Data Breach Leaks Highly Sensitive Donor Records Of Multiple Charities
More than 948,000 records in a database measuring over 465GB are believed to belong to DonorView, a software provider for nonprofits. Read More

HEADLINE PRIVACY & IT SECURITY COMPLIANCE NEWS

Recently, the FBI has released a new document on how companies can delay the disclosure of cyber security incidents to the SEC (Securities and Exchange Commission). This follows a new set of rules established by SEC that mandates companies to promptly report significant “material” incidents. Companies must file 8-K reports within four business days unless the Attorney General deems disclosure a threat to national security or public safety. The FBI, responsible for processing delay requests, advises companies to establish relationships with local FBI cyber squads and reach out immediately once a cyber incident occurs.

Despite more security incidents, 47% of organizations aim to reduce cybersecurity staff and infrastructure spending, according to a recent report based on a survey of 500 security decision-makers. Among these organizations, 62% experience a monthly increase in security incidents. Smaller organizations face challenges due to limited resources, while larger ones struggle with efficient tool integration.

Get in touch with us to learn more about how the team of experts at JANUS can help protect your business effectively. Follow us on Twitter and LinkedIn.