DataBreachToday.com

Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO Roles
As cloud computing, DevOps and automation continue to evolve, the lines between IT functions are fading, making security integral to these processes. Hiren Dave, CIO and CISO at Essen Health Care, shares how combining the roles of CIO and CISO improves risk management and communication.

EVP Johan Gerber on How Threat Intelligence Can Prevent Fraud, Protect Payments
Mastercard's proposed purchase of Recorded Future for $2.65 billion will bring advanced threat intelligence into its payment systems. EVP Johan Gerber explains how this move improves fraud detection and prevention and strengthens Mastercard's cybersecurity in an evolving digital payments landscape.

Also: US SEC Settles With Prager Metis, Rari Capital
This week, Delta Prime and Ethena were hacked, Lazarus' funds were frozen, the SEC settled with Prager Metis and Rari Capital, Sam Bankman-Fried sought a new trial, the SEC accused NanoBit and CoinW6 of scams, the CTFC sought to fight pig butchering, and Wormhole integrated World ID and Solana.

New Report Accuses 9 Platforms of Surveillance of Users, Points to Privacy Concerns
The U.S. Federal Trade Commission on Thursday published a report detailing how the largest social media and streaming services surveil both users and nonusers across the web while collecting vast troves of data, pointing to significant privacy concerns for children and teens.

Recent mega data breaches involving third-party vendors - such as the Change Healthcare cyberattack - are intensifying the spotlight on critical security risk management and governance issues for business associates and other suppliers, said regulatory attorney Rachel Rose.

International Law Enforcement Dismantles End-to-End Encrypted Messaging Service
An international law enforcement operation dismantled the Ghost encrypted messaging service in a takedown that resulted in the arrest of 51 suspects across three continents including alleged members of the Italian Mafia and motorcycle gangs. Australian police arrested Ghost's alleged administrator.

Laws Seek Removal of Deceptive Content, Labeling of Less Malicious Content
California enacted regulation to crack down on the misuse of artificial intelligence as Gov. Gavin Newsom on Tuesday signed five bills focused on curbing the impact of deepfakes. The Golden State has been on the national forefront of tech regulation.

Acquisition Set to Boost SASE Protection, Network Connectivity for Swiss Businesses
Swiss Post has signed an agreement to acquire Open Systems, a cybersecurity leader specializing in secure access service edge. The deal, expected to close by late 2024, will expand Swiss Post's offerings for secure digital communications for public and private organizations across Switzerland.

Crashing Markets, Slower Innovation, But More Sustainable AI Development
If the bubble isn't popping already, it'll pop soon, say many investors and close observers of the AI industry. If past bubbles are a benchmark, the burst will filter out companies with no solid business models and pave the way for more sustainable growth for the industry in the long term.

Tell Interviewers How You Respond to Incidents and Solve Problems
The STAR - Situation, Task, Action, Result - method is a widely used framework for answering behavioral interview questions. It allows job candidates to present their experiences in a structured way, making it easier for interviewers to understand their problem-solving skills and real-world impact.

Norwest Money Fuels Integration of Cloud Defense Tools, Autonomous Alert Management
Norwest Venture Partners led a $33 million Series C round to accelerate Intezer's product development, strengthen AI models and broaden security alert coverage. The funding will enable the New York-based company to offer more support for cloud security while growing its customer success teams.

Cybersecurity Experts Say Operatives Probably Intercepted Physical Supply Chain
It doesn't appear to be a cyberattack, security experts said of the hundreds of pagers that blew up Tuesday across Lebanon, an apparent salvo against Hezbollah militants by the Israeli government. "The only logical explanation is that explosives and a side channel for detonation was likely used."

iPhone Maker Seeks Voluntary Dismissal, Citing Concerns Over Sensitive Data Leaking
Apple has filed a motion to dismiss its lawsuit against NSO Group, citing concerns over the potential exposure of sensitive threat intelligence information. The tech giant believes continuing the lawsuit could compromise its ability to protect users and lead to the disclosure of sensitive data.

Former Royal Mail and Manchester University CISOs Talk Ransomware Response
Timely notification of ransomware incidents to British law enforcement agencies played a crucial role in understanding the threats and in developing mitigation strategies, the former security heads of Royal Mail and the University of Manchester said.

Experts Warn Federal Cyber Strategies Increasingly Lack Accompanying Resources
The U.S. Cybersecurity and Infrastructure Security Agency has released a new plan to further align federal cybersecurity operations that experts say will likely face significant implementation roadblocks due to a lack of funding, leadership buy-in and technical resources.

Repeat IPOs Have Been Very Rare in Security - Don't Expect SailPoint to Change That
Thoma Bravo has begun interviewing underwriters as it explores an initial public offering for SailPoint, Bloomberg reported last week. The private equity firm hasn't finalized details, including the timing of a potential listing for the identity governance and administration vendor.

Preparing healthcare organizations to respond to and rebound from a disruptive ransomware attack is akin to implementing a "12-step program," said Dr. Eric Liederman, CEO of consultancy CyberSolutionsMD and recently retired long-serving director of medical informatics at Kaiser Permanente.

5 Cybersecurity Firms Provide Large Pool of Government-Funded Espionage Resources
China's cyberespionage campaigns, viewed as an extension of the communist regime's wider geopolitical moves, rely on civilian hackers from domestic security firms for much of their success. Researchers say these groups face off in intense rivalries for lucrative government contracts.

New Security Measures Follow High-Profile Hacks of Snowflake Customers
Data warehousing platform Snowflake rolled out default MFA - as well as a 14-character password minimum - to shore up security in the wake of a series of cyberattacks in June that hit high-profile customers including Santander Bank, Advance Auto Parts, LA Unified School District and Neiman Marcus.