NIST releases Incident Response Recommendations and Considerations for Cybersecurity Risk Management for public comment
Incident response is a critical part of cybersecurity risk management and should be integrated across organizational operations. The six Functions of the NIST Cybersecurity Framework (CSF) 2.0 all play vital roles in incident response.
The National Institute of Standards and Technology (NIST) is releasing the initial public draft of Special Publication (SP) 800-61r3 (Revision 3), Incident Response Recommendations and Considerations for Cybersecurity Risk Management: A CSF 2.0 Community Profile, for public comment. This publication seeks to assist organizations with incorporating cybersecurity incident response recommendations and considerations throughout their cybersecurity risk management activities, as described by CSF 2.0. Doing so can help organizations prepare for incident responses, reduce the number and impact of incidents that occur, and improve the efficiency and effectiveness of their incident detection, response, and recovery activities.
The public comment period is open through Monday, May 20, 2024. See the publication details for a copy of the draft and instructions for submitting comments.
(Source: NIST)
Scammers take advantage of Change cyberattack
Scammers are taking advantage of the Change Healthcare cyberattack to steal credit card information, according to the Minnesota Hospital Association and Minnesota Attorney General Keith Ellison.
State hospital associations have received reports from patients who have been targeted by scammers seeking to steal their credit card information, Ellison said. People claiming to be representatives from various healthcare providers are telling patients they will receive refunds if they provide their credit card number, said the notice from the Minnesota AG's office.
Patients should be aware of reports of scammers contacting people around the country, posing as hospital, clinic or pharmacy employees, and asking for credit card information to resolve issues from the Change Healthcare cyberattack, according to the Minnesota Hospital Association.
(Source: Healthcare Finance)
UnitedHealth admits patient data was 'taken' in mega attack
UnitedHealth Group has publicly acknowledged that data was "taken" in the cyberattack on its Change Healthcare unit and said it has started analyzing the types of sensitive personal, financial and health information potentially compromised.
Meanwhile, the U.S. Department of State is offering a reward of up to $10 million for information leading to the identification or location of leadership of ransomware-as-a-service group BlackCat/Alphv, which claimed to be behind the attack.
The State Department announced the bounty offer Feb. 15, about a week prior to the Change Healthcare attack, which UnitedHealth Group said occurred on Feb. 21.
UnitedHealth Group in its latest attack update on Wednesday said it is "prioritizing" the review of affected data the company believes would likely have contained health information, personal identifiable information, claims and eligibility or financial information.
(Source: Healthcare Info Security)
White House unveils AI governance policy focused on risks, transparency
The White House released its much-anticipated artificial intelligence governance policy Thursday, March 28, establishing a roadmap for federal agencies’ management and usage of the budding technology.
The 34-page memo from Office of Management and Budget Director Shalanda D. Young corresponds with President Joe Biden’s October AI executive order, providing more detailed guardrails and next steps for agencies. It finalizes a draft of the policy that was released for public comment in November.
(Source: Fedscoop)
Cyberattack on city of Pensacola was a ransomware attack, mayor confirms. What happens now
Pensacola Mayor D.C. Reeves confirmed that the cyberattack that shut down city networks and phone systems is a “ransomware incident.” Reeves was unable to say more about the incident because it’s part of an ongoing investigation into who is behind it.
The attack that happened nearly two weeks ago is like another ransomware cyberattack that hit Pensacola in 2019. Hackers infiltrated the city's computer networks, locked down the systems, stole city data, and demanded a ransom for its return.
During his weekly press conference, Thursday, Reeves said those precautions and protocols put in place after the 2019 ransomware cyberattack are paying off as the city deals with this latest attack. The city has been following the emergency plan developed in the wake of that incident and the mayor says it has helped them respond more efficiently and effectively.
The mayor added he doesn’t know how long it will take to wrap up the investigation into the ransomware cyberattack. Multiple agencies are involved, but he said Pensacola Police Department is running the investigation.
(Source: Pensacola News Journal)
|