Filter By:



Recent Blogs & Podcasts

IANS Executive Communications

\ Executive Communications 

Covering significant InfoSec events using business language to brief the Board and C-Suite.

Executive Communications

Get notified that IANS will be covering a news story.

Word Document

Get a story breakdown within 6 hours of the news being published.

PowerPoint Document

For major stories, a PowerPoint will be delivered within 24-36 hours.

Follow Up

Subsequent updates will be provided for developing stories.

February 23, 2018 | Enterprise and IT Compliance Management

 SEC Releases New Guidance on Cybersecurity Risk Disclosures

On February 21, 2018, The Securities and Exchange Commission (SEC) released “interpretive guidance to assist public companies in preparing disclosures about cybersecurity risks and incidents.” The document formally clarifies how the SEC expects firms to handle disclosures of “material risks” related to cybersecurity.

Read More »

November 22, 2017 | Data Breaches

 Uber Tries to Cover Up Breach by Paying Hackers to Delete Data

On November 21, 2017, Bloomberg reported that Uber attempted to conceal an October 2016 data breach impacting 57 million customers by paying the hackers $100,000 to delete the stolen data and keep quiet. The compromised data included names, email addresses and phone numbers of 50 million Uber riders around the world, as well as the personal information of 7 million drivers.

Read More »

October 16, 2017 | Wireless Networks

 KRACK Weakness in WPA2 Wi-Fi Security Protocol

On October 16, 2017, researchers disclosed a major weakness in the Wi-Fi Protected Access 1 (WPA1) and WPA2 security protocols. WPA2 is the most widely used Wi-Fi security standard in the world. The disclosure was a proof-of-concept, and there are currently no confirmed reports of this vulnerability, known as KRACK (an acronym for Key Reinstallation Attacks), being actively exploited in the wild.

Read More »

October 11, 2017 | Cloud Application and Data Controls

 Accenture Data Left Unsecured on Public AWS S3 Cloud Storage Bucket

On September 17, 2017, cybersecurity firm UpGuard privately alerted Accenture to the fact that some of its sensitive information (including client-specific information, passwords and credentials, and encryption keys) was stored on a publicly accessible, unsecured Amazon Simple Storage Service (S3) storage unit -- called a “bucket.” The data could be downloaded by anyone who knew the web address -- no password was required.

Read More »

October 6, 2017 | Vendor and Partner Management

 Russian Hackers’ Breach of NSA via Kaspersky Software

In 2015, Russian-government backed hackers stole classified National Security Agency (NSA) data on U.S. cyber-offensive capabilities, according to a Wall Street Journal report on Tuesday, October 5th. The stolen information included details on how the U.S. defends against cyberattacks and the techniques it uses to penetrate foreign networks.

Read More »

September 18, 2017 | Malware and Advanced Threats

 GoldenEye Ransomware Attack

GoldenEye is fast-spreading ransomware that encrypts files and makes demands for Bitcoin payments to unlock data. It was first observed on June 27, 2017 and has infected more than 30,000 computers worldwide. 

Read More »