Businesses in Singapore face mounting challenges to protect customer data as a result of the newly enacted Personal Data Protection (Amendment) Bill (PDPA). With higher penalties expected to be levied from February 2022, it’s imperative that enterprises, particularly those collecting customer data, have a solid information security framework and incident response plan in place.
The COVID-19 pandemic has fundamentally shifted the cyber threat landscape for Australia’s health sector, with the Australian Cyber Security Centre (ACSC) reporting a 84% increase in the number of cyber security incident reports relating to the health sector between 2019 and 2020.1 As custodians of vast volumes of highly sensitive information, the industry continues to find itself at the mercy of cyberattacks that paralyze systems until a ransom is paid—threatening the security of patient d
In 2021, Kroll investigators have had multiple opportunities to respond to a series of interconnected network intrusions, ransomware events and cyber incidents which, upon investigation and review, possessed overlapping tactics, techniques and procedures (TTPs) and similar indicators of compromise (IOC) among them. The incidents affected organizations of various sizes across diverse industry sectors through what Kroll’s investigations confirmed was a range of separate intrusion vectors.
Kroll, Red Canary and VMware conducted a survey of over 400 information security and 100 legal and compliance leaders from companies with over $500M in annual revenue to capture the current state of incident response from a technical and legal perspective. Our goal was to highlight trends, identify common challenges and understand how organizations are maturing their preparedness, detection and response programs.
Understanding who you share data with and how they will utilize and protect it has never been more critical. Privacy and security continue to be a top priority for regulators around the world and organizations are advised to stay abreast and take appropriate measures to comply.
In the high-pitched, relentless battle against cyberattacks, much of the attention and energy has been focused on technical solutions, regulatory compliance, and balancing risks with opportunities. What about corporate governance? What role does executive and board-level oversight play in ensuring robust cybersecurity … and what role should it play?
With most organizations receiving over 100 threat alerts every day and a reduction of endpoint visibility due to the shift to remote work, the ability to quickly detect and confidently respond to cyber threats has become a difficult challenge for organizations to undertake on their own.
In May 2020, Kroll was contacted by a purveyor of high-end meats after receiving several customer complaints of potentially fraudulent credit card activity. The fraud allegations were raised after several customers observed unauthorized transactions on their credit cards shortly after placing orders through the purveyor’s e-commerce website. Kroll quickly assigned one of their seasoned Payment Card Industry (PCI) forensics investigators to review and investigate the matter.
David Klopp, Managing Director in the Cyber Risk practice of Kroll, recently spoke at the first session of PARIMA’s Confident Response Series 2021. The series aims to fine-tune incident response preparedness and help risk managers understand the latest tactics, techniques and procedures from the most successful cybercriminals, leading to deeper collaboration with business partners and mitigation of technical, legal and reputational risks.
The lifecycle of a cyber security incident can be broken up into three stages: investigation, remediation and notifications/disclosures, the latter often being the most complex, time consuming and costly. Disclosure challenges are compounded due to breach notification laws that require initial statements before the investigation is completed and the incident is fully contained. They can also stem from improper interpretation of digital forensics findings.
