BankInfoSecurity.com

Transforming Technical Expertise Into Strategic Leadership
The rapid proliferation of IoT devices introduces significant security risks that require CISOs and top corporate leaders to step up, reduce risks and align IoT security with mission-critical objectives.

Gartner Forecasts Global Shipments of AI PCs to Increase by 165.5% in 2025
AI PCs are expected to make up 43% of all PC shipments by 2025, from 17% in 2024. The demand for AI-powered laptops is forecast to outpace that for desktops, and by 2026, AI laptops will be the "only choice of laptop available to large businesses."

Nearby Texas Tech University Health Sciences Center's IT Systems Also Still Offline
Nearly three weeks after a ransomware attack, UMC Health System has restored electronic health records, but the Texas-based public health system is still working to recover other patient care IT systems. Nearby Texas Tech University Health Sciences Center is still dealing with a related outage.

Integration of DSPM Firm Dasera Enhances Data Protection Across Cloud Environments
Netskope’s purchase of Dasera enhances its data security posture management capabilities, enabling customers to secure both structured and unstructured data across cloud and on-premises environments. The integration will offer a platform for holistic data protection and security posture management.

Data Regulator Likely Reviewing Insider Threat Case at Intesa Sanpaolo Bank
Intesa Sanpaolo bank of Italy this week told the country's data regulator that an employee - who has since been fired - accessed sensitive banking details of the country's prime minister and other politicians for years. The Italian Data Protection Authority is investigating the data breach.

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach
A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance
The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.

Only Six Nations Have Incorporated NIS2 Into National Statute
Most European countries are set to miss a trading bloc deadline for implementing a key cybersecurity regulation that requires measures such as mandatory security auditing for essential services such as hospitals and banks. Just six countries have integrated the NIS2 directive into national law.

Naming and Sanctioning Cybercrime Syndicate Members Has Repercussions, Police Say
Western law enforcement may not be able to bust every last Russian cybercrime suspect, but newly revealed efforts against Evil Corp and LockBit reveal suspects arrested while on vacation, as well as the psychological fallout criminal syndicates face when members get named, indicted and sanctioned.

Critical Infrastructure Firms Are Hiring - and Paying Well
As digital transformation continues to reshape industries, the convergence of operational technology and cybersecurity has emerged as a critical area of focus. But there's a noticeable gap in the workforce. Professionals who truly understand both OT and cybersecurity are in short supply.

SEGs have performed admirably for many years, but they’re no match for this new generation of email attacks, and relying on outdated tools can have catastrophic consequences. By upgrading to a behavioral AI-based solution, you can defend against emerging threats and become more proactive in the fight against cybercrime.

Healthcare organizations should rethink some of their approach to security, enhancing focus on insider threats, improving cyber awareness training and securing mobile applications and devices, said Ryan Witt, vice president of industry solutions at Proofpoint, discussing findings of a new study.

AI, Security Experts Discuss Who Defines the Risks, Mitigation Efforts
An attempt by the California statehouse to tame the potential of artificial intelligence catastrophic risks hit a roadblock when Governor Gavin Newsom vetoed the measure late last month. One obstacle is lack of a widely-accepted definition for "catastrophic" AI risks.

Also: AI Safety Bill Vetoed, Global Ransomware Response Guide Gets Some Revisions
In the latest weekly update, ISMG editors discussed the implications of the U.S. investigation into Chinese hackers targeting telecom wiretap systems, the catastrophic risks of AI and the recent veto of an AI safety bill in the U.S., and the latest global ransomware response guidance.