Hacked F-35 Fighter Info from Australian Contractor Exemplifies Third-Party Risk in Cybersecurity

Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good [...]

Cybersecurity Is a Human Nature Problem

When we think of cybercrime, cybersecurity, cyber[fill-in-the-blank], we need to remember there are two components: (1) the cyber, and (2) the other. The cyber part simply refers to the tool that is used or the target that is attacked. And, for Heaven's sake, please quit getting freaked out by the word "hack" -- hacking means unauthorized access [...]

Third-Party Risk in Cybersecurity Exemplified by North Korea’s Stealing of US War Plans

Third-party risk (or nth-party risk) is a hot topic in cybersecurity. While it can mean many things, at its core third-party risk describes a situation in which an organization that does a good job of protecting its own network and data, within its environment, works with other organizations that do not do such a good [...]

NIST Cybersecurity Guidance for Small Business Likely Forthcoming

The US House of Representatives has passed legislation similar to that recently passed by the Senate that would require the National Institute of Standards and Technology (NIST) to produce cybersecurity guidance that will be aimed at helping small businesses. The NIST Small Business Cybersecurity Act of 2017 would include NIST’s creating guidelines, tools, and best [...]

Hacking Into A Company You Sold Can Get You Jail Time

A federal judge sentenced David Kent to a year and a day in prison and ordered him to pay $3.3 million in restitution and pay a $20,000 fine for accessing the computer network of Rigzone.com, an industry-specific networking website. Kent founded Rigzone.com, sold it for $51 million, and after the sale accessed the company's network to obtain [...]