Video: Managing the Risks of the Internet of Things

The primary emphasis of the new revision is that a ‘notification event’ now triggers the reporting process, described as any unauthorized acquisition of unencrypted customer information. This is a change from the earlier draft of the Rule, which used the term ‘security event’ to describe unauthorized system access or information misuse. This change may result in some confusion, unfortunately, described below.

“While the use of telehealth has surged during the COVID-19 pandemic, the data security and privacy concerns for both patients and healthcare providers have also increased, says cybersecurity strategist Kayne McGladrey”

“Not all high schools are promoting cybersecurity as a career option, and working in the SOC can have the knock-on effect of bringing people in who were unaware of the field before,” says Kayne McGladrey, a senior member at IEEE. Even if they don’t go on to take cyber jobs, “working in the SOC gives them exposure to some of the language and risks common in cybersecurity,” he says. “Then, if they’re working as developers, it’ll influence the direction by which they create things. They’ll at least have security in mind.”

Like many CISOs, I don’t sleep much; in my case, getting by on five to six hours of sleep a night is hereditary. Although the tracker collected detailed telemetry, the app only provided comparative reports against other people. Despite my experience, the app alarmingly claimed I’d been having terrible problems sleeping for weeks in a row.

Producing highly accurate reports without individual customization is a consistent design flaw of many cyber security solutions available today.

“Viruses are most commonly spread through phishing, which is a technique of sending emails designed to prey on a person’s emotions to make them click a link or open a malicious attachment,” says Kayne McGladrey IEEE member and director of security and IT for Pensar Development. “Besides running up-to-date commercial antivirus software, the easiest way to avoid viruses is to pause before acting on messages. Get a cup of coffee, or at least get up and stretch, before deciding if the email is trying to manipulate your emotions through a sense of authority (someone impersonating your boss or a police officer), a sense of urgency (because of an artificial time constraint), or scarcity (supplies are limited, act now).” These are the same psychological techniques used by con artists since time immemorial, with the only difference being that con artists had to con one person at a time. “With email, social media, and text messages, threat actors can con thousands of people. No antivirus software is perfect, but pausing before acting can stop most of today’s viruses.”