The importance of cybersecurity can’t be overstated, especially as the coronavirus continues to upend business as usual across nearly every aspect of American life. Professional workers, students, and even the US government are all recognizing the potential threats that lurk in the dark corners of the web. The need to tighten security and privacy practices across all these areas is more important than ever. This week’s roundup highlights what’s happening in each of these areas.
Cybersecurity experts ‘under-equipped’ to tackle COVID-19 remote working demand
ManageEngine, an enterprise IT management provider, reports that 59% of IT teams don’t feel adequately equipped to tackle security issues for remote workers. This comes after wide-scale reports of poor password hygiene from remote workers and various other privacy challenges reported since office workers moved home due to COVID-19. Kumaravel Ramakrishnan, a product manager at MachineEngine, suggested a two-pronged approach: security and privacy tools along with education. Employees need to be aware of social engineering threats, ransomware and phishing. Read the whole story at SC Media.
How “Have I Been Pwned” became the keeper of the internet’s biggest data breaches
Troy Hunt started the site in 2013 to help internet users learn if their data had ever been compromised. You simply enter your email address, and they do the rest. You can also search individual passwords to find out if your password has been breached. Today, just under 10 billion records have been breached, and as the computer-based workforce remains at home for longer and longer, the security threat to businesses continues. The site has expanded over the years, now offering a password manager to alert users if they’re reusing a password that’s been breached in the past. The best piece of advice Hunt can offer, based on the literal billions of data points? Never reuse passwords. Find out how Hunt has handled incredibly sensitive breaches like the Ashley Madison breach at TechCrunch.
Schools already struggled with cybersecurity. Then came COVID-19
Educational institutions in the US and third-party education-technology firms alike have historically lacked proper data security measures to protect student data. With the advent of the novel coronavirus, these security and privacy challenges have only gotten worse. The FBI recently issued a security alert stating that, “K-12 institutions have limited resources to dedicate to network defense, leaving them vulnerable to cyber attacks.” As more of the school curriculum becomes digitized, the associated risks only grow. Eighteen-year-old Jaggar Henry first reported these problems earlier this year, and he’s now working full-time to help fix the issues. He’d participated in a hacker competition and discovered serious vulnerabilities last year. Learn more at ARSTechnica.
Senators move to boost state and local cybersecurity as part of annual defense bill
Senators approved The National Defense Authorization Act (NDAA). Now, a group of senators have added an amendment to the bill to include funding for cybersecurity at the state level. It’s a bipartisan Senate effort led by senators from New Hampshire, Texas, Michigan, and Ohio. Multiple Senate committees have come together to draft this bill, and the House version is being negotiated this week. Learn the details at The Hill.
Read the last Weekly News Round-up.