Reuter's Exclusive: SEC forensics unit sought resources, cyber training ahead of 2016 hack

-
Reuter's Exclusive: SEC forensics unit sought resources, cyber training ahead of 2016 hack

WASHINGTON (Reuters) - In August 2016, just two months before the U.S. Securities and Exchange Commission discovered its corporate filing system had been hacked, the SEC’s internal watchdog, Carl Hoecker, received a plea for help from his new forensics investigative unit.

In a three-page memo that was shared with U.S. Congressional staff and seen by Reuters, the head of the forensics unit complained of “serious deficiencies” in equipment, inadequate cyber defense training, and a lack of communication with the SEC’s Office of Information Technology (OIT).

The forensics unit’s staff were told to use equipment due for disposal when they asked for supplies and ended up repurposing computer hard drives instead. Their hardware budget for the fiscal 2017 year at $100,000 was about half a million dollars short of what was needed, the memo said.

“Even though the (Digital Forensics and Investigations Unit) has been in existence for over one year, there is no strategic vision and no clear objectives,” it read."

READ MORE.
Location: Rochester, NY, USA

Comments

Post a Comment

Popular posts from this blog

The Three Elements of Cyber Security

-
Image
What problem costs $1.6 million, takes 170 days to discover, and requires 45 days to fix? Give up? It’s the average cyber-attack on a business. Is cyber security too expensive? An effective cybersecurity initiative that costs at least a dollar less than $1.6 million is, by definition, cheaper than the alternative. End of discussion. What about the 170 days that a cyber-attack can go undetected? That’s 24 weeks! For comparison, the U.S. Bureau of Labor Statistics says that, as of September 2016, the median job search takes 10.3 weeks. That means you could lose your job, find a new one, lose that job, and find a new one all in the time it takes for the average organization to discover its network has been breached. I didn’t pick the duration of the median job search at random. Among small and medium-sized businesses (SMBs), 60% go out of business within six months of being victimized by a cyber-attack. So if you work at an SMB that is attacked, when you detect the intrusion 170 da...
Read more

FORBES: Why CIOs Might Be Thinking About GDPR Compliance All Wrong

-
Image
With the GDPR deadline less than one year away, many CIOs are frantically trying to get their data houses in order. But as IT leaders struggle to put together the many pieces of the GDPR puzzle, it's probable that too many are taking a defense-only approach to compliance. And it’s no wonder: One of the first things to go through my own mind as well with any new regulation is, “What is the shortest path to get the box checked?” Read more here at Forbes: Why CIOs Might Be Thinking About GDPR Compliance All Wrong
Read more

From 1 Billion Compromised to 3 Billion? Yep, it's true. The Yahoo! Breach

-
Image
Your Yahoo account was definitely hacked-here's what happened and what to do A massive data breach at Yahoo in 2013 was far more extensive than previously disclosed, affecting every last user, all 3 billion of them. Parent company Verizon Communications Inc. disclosed this news earlier today, Tuesday, October 3, 2017, according to the Wall Street Journal . Here is Insight from Matt O'Brien, AP Contributor for WRAL :  Yahoo: 3 billion accounts breached in 2013. Yes, 3 billion   The breach now affects a number that represents nearly "half the world," said Sam Curry, chief security officer for Boston-based firm Cybereason, though there's likely to be more accounts than actual users. "Whether it's 1 billion or 3 billion is largely immaterial. Assume it affects you," Curry said. "Privacy is really the victim here." Yahoo first disclosed the breach in December . The stolen information included names, email addresses, phone number...
Read more