Governance, Risk and ComplianceDisparities in SEC Breach Disclosure Rules Evident in CDK Global AttackMSSP Alert StaffJuly 17, 2024Experts point out that CDK Global's parent firm Brookfield Business Partners did not report its cybersecurity incident to the SEC.
Supply chainWordPress Fights Off Malware Attack, 5 Plugins InfectedJim MastersJune 26, 2024The software supply chain attack backdoors malicious code that makes it possible to create rogue administrator accounts.
Governance, Risk and ComplianceSEC SolarWinds Probe: Will MSSPs/MSPs Come Under Scrutiny?D. Howard KassApril 9, 2024Does the SEC want to make an example of SolarWinds or is there another motivation behind the probe?
Supply chainSupply Chain Security Investment: Accenture, Tenchi Join ForcesJim MastersFebruary 1, 2024Accenture's MSSP practice gains Tenchi’s SaaS supply chain security management platform.
Data SecurityCyberattacks Compromise Crypto, College and HealthcareD. Howard KassJanuary 9, 2024Cyberattackers carried out digital burglaries on 3 common attack vectors.
Supply chainNSA Issues Best Practices for Software Supply Chain RisksD. Howard KassDecember 21, 2023The NSA's new Cybersecurity Information Sheet provides network owners and operators with guidance for incorporating software bill of materials SBOM to help protect the cybersecurity supply chain.
Supply chainDollar Tree Supply Chain Attack Could Affect Millions of PeopleD. Howard KassDecember 1, 2023Dollar Tree was struck in a manner reminiscent of the massive 2020 Russian-backed cyber hit on SolarWinds.
Supply chainTelecom Industry Association Advances Supply Chain SecurityD. Howard KassNovember 29, 2023TIA's Supply Chain Security (SCS) Management System helps organizations “operationalize” NIST and other government guidelines and frameworks.