Cyberattacks have become an unavoidable part of the technology landscape in recent years with attacks like ransomware, phishing, and whaling reaching an all-time high. According to IBM’s Cost of Data Breach Report 2022, the average cost of a ransomware attack is $4.54 million and the average cost of a breach in the US alone is $9.44 million. Cyber insurance is important in these instances, because it helps cover the financial losses incurred.

Cyberattacks on hotels are becoming increasingly common; so much so that the sector receives no less than 13% of all cyberattacks on organizations and the costs, in some cases, are very high.

Organizations of all sizes that store, process, or transmit credit card data must comply with PCI DSS (Payment Card Industry Data Security Standards). The PCI standard’s 12 principal requirements can prove challenging for organizations to achieve and maintain, especially those in the highly-regulated financial industry. An upcoming PCI compliance audit may be cause for concern for many organizations, who are left scrambling to ensure their cybersecurity practices are up to scratch.

With companies in virtually every industry facing persistent and increasing cyber security threats, federal regulators are taking steps to protect customers and investors. In March, the SEC proposed new cyber security transparency rules that would require publicly traded companies to disclose, among other things, the cyber security expertise—or lack thereof—among their board members. This is despite the evidence that it is a recognized risk within businesses.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. Quantum cryptography is seen as the way forward to protect all sorts of transactions. The standard has yet to be set and luckily one of the competing methods has just been broken.

Most cyber threats — like credential stuffing and card cracking — are committed by fraudsters with the aim of stealing money, data, or both. The law is clear on these cyberattacks: online fraud is illegal. But unlike these overtly malicious threats, web scraping isn’t always illegal, or even unethical. Aggregator sites like travel agencies and price comparison websites use scraper bots to help customers find the best deals.

Identity and Access Management or Identity Access Management (IAM) is a critical security function for organizations of all sizes for privileged access management. By managing access to systems and data, IAM can help mitigate the risk of information breaches and protect the organization's most valuable assets through IAM technologies.

Haidrun’s CEO, Jonas Lundqvist, is featured in The Guardian explaining how blockchain supports traceability in the food supply chain: “In a food supply chain, for example, the record of a journey from farm to fork is available to monitor in real time, while the disclosure of data provides accountability for trading transactions and farming practices to support claims such as organic, freshness and superior quality.