The Wall Street Journal, Target, Facebook, and the U.S. Federal Reserve – all of these organizations were subject to recent, successful data breaches, exposing sensitive financial and personal information. Mind you these organizations had significant resources to devote to cybersecurity. But as technology marches forward, the threats and vulnerabilities are likewise evolving.
Just today, the Pew Research Center reports that 18% of online adults have had their important personal information stolen, such as their Social Security Number, credit card or bank account information, up from 11% who reported the same in July 2013.
Any discussion about security would not be complete without mentioning the biggest story of this past week, and likely the entire year: the discovery of the ‘Heartbleed’ vulnerability. Much has been written this past week in tech blogs, networking magazines and mainstream media outlets about Heartbleed, which is not the name of another sophisticated Internet attack but rather a security vulnerability in OpenSSL software that lets a hacker access the memory of data servers. Just as its name implies, it’s a serious concern as it affects the most popular way for websites to encrypt secure data as it is transferred across the Internet, and allows bad actors to steal just the information that web users were trying to protect from prying eyes.
Cnet offers a solid overview of what the Heartbleed vulnerability is, in layman’s terms, and what you should do to protect yourself and your data. Likewise, ReadWrite debunks some of the Heartbleed myths that have developed over the past week.
No company or website is 100% secure. In fact, no offline company is 100% secure either – but there is no time like the present to take a look at your company’s cybersecurity practices and how they could be potentially improved.
Cybersecurity is one of the key areas of concern for the administration, particularly the security of our nation’s critical infrastructure. As such, the White House recently announced the launch of the long-awaited Cybersecurity Framework. Created through collaboration between industry and government, the framework is designed to serve as a voluntary how-to guide for operators of critical infrastructue, including telecommunications providers, to enhance their cybersecurity efforts.
NTCA is sponsoring a webinar for its members, rural broadband service providers, on April 29, 2014, at 2:00 p.m. ET. Attend this webinar to learn more about the Cybersecurity Framework and other tools available to assist your security efforts. Speakers will discuss the Cyber Resilience Review (CRR), which can be used to evaluate your company’s operational resilience and cybersecurity capabilities and suggest areas for improvement. Organizations have two options in regard to the CRR: a no-cost, on-site consulting service or an online self-assessment tool.
For more information about the webinar, or how NTCA is continuing to stay engaged with the administration in regard to cybersecurity, please feel free to contact me.