The Case for Why Better Breach Transparency Matters
It's become a standard practice for organizations to disclose the bare minimum about a data breach, or worse — not disclose the incident at all.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
It's become a standard practice for organizations to disclose the bare minimum about a data breach, or worse — not disclose the incident at all.
The Nonprofit organization launched the Threat Handling Foundations Certificate amid mounting incident and breach disclosures.
The "incident" led to outages affecting a variety of the tech company's operations, though the full scope of the breach is unknown.
Nucor made it clear its investigation is still in the early stages and didn't specify the nature or scope of the breach, nor who the threat actor might be.
The incident should serve as a critical wake-up call. The stakes are simply too high to treat AI security as an afterthought — especially when the Dark Web stands ready to capitalize on every vulnerability.
A review of the emails involved in the breach is still ongoing, but what has been discovered is enough for the Treasury Department to label it a "major cyber incident."
In what's being called a 'major cybersecurity incident,' Beijing-backed adversaries broke into cyber vendor BeyondTrust to access US Department of Treasury workstations and steal unclassified data, according to a letter sent to lawmakers.
The data leak was not actually due to a breach in Amazon's systems but rather that of a third-party vendor; the supply chain incident affected several other clients as well.
The incident is a reminder why organizations need to pay attention to how they store and secure data in SaaS and cloud environments.
Judge dismisses claims against SolarWinds for actions taken after its systems had been breached, but allows the case to proceed for alleged misstatements prior to the incident.
Responding to an incident quickly is important, but it shouldn't come at the expense of reporting it to the appropriate regulatory bodies.
In an incident with direct parallels to the recent Ticketmaster compromise, an Aussie live events giant says it was breached via a third-party cloud provider, as ShinyHunters takes credit.
Though the company is informing affected individuals of a breach, it's keeping the nature and scope of the cybersecurity incident that led to it under wraps.
Most companies still can't determine whether a breach is material within the four days mandated by the SEC, skewing incident response.
The private information of more than 28,000 people may have been accessed by unauthorized actors, thanks to a cyber incident at service provider Infosys McCamish — the same third party recently responsible for the Bank of America breach.
The finance services giant says it was hacked — and reported the incident proactively before SEC requirements mandated it. It could be an anti-extortion move, or merely a brand protection effort.
Production systems at the remote access company were breached, leading AnyDesk to revoke code signing certificate and reset Web portal credentials as part of its incident response.
Increasingly, businesses are concerned about the speed of their cloud incident response times.
The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.
The best incident-response plans cover contingencies and are fine-tuned in stress tests to ensure collaboration, remediation, and recovery efforts align.