A recent study found that financially material cyber attacks are increasing in frequency and that the top 5% of such attacks lead to an average $52M in losses. As these types of cyber attacks become more frequent and more severe, it has become increasingly critical for risk managers outside of enterprise security functions —such as compliance and credit officers—to consider cybersecurity risk in their assessment of customers, suppliers and investments.

A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24. This news could so easily have been tragic. When flight, vehicle or machinery updates are required for safety critical applications, yeah, do them please.

The Office of Inspector General (OIG) recently evaluated the Department of Commerce’s (DOC) cybersecurity program, uncovering critical failures that exposed the DOC to potential risks. Specific issues included the use of default passwords for administrative accounts, compromising over 100,000 pieces of personal identifiable information (PII).

Today we are announcing updates to the Bitsight ratings algorithm. Bitsight is committed to creating the most meaningful, trustworthy, and actionable security ratings and analytics in the marketplace. As part of this commitment, we periodically make updates to our ratings algorithm based on new data observations and capabilities, internal and external research, and market feedback. For this year’s update, we have made several adjustments, including modifying the weights of several risk vectors.

Three Nigerian nationals face charges in a US federal court related to a business email compromise (BEC) scam that is said to have stolen more than US $6 million from victims. 29-year-old Kosi Goodness Simon-Ebo was extradited from Canada to the United States earlier this month, according to a Department of Justice press release, and will appear before a federal court on Friday. Two of Simon-Ebo's alleged conspirators, James Junior Aliyu, 28, and 31-year-old Henry Onyedikachi Echefu.

Unlimited Care Inc. is a home health company that offers help to patients in Westchester, New York, and surrounding locations. The company employs more than 2,500 people and has an annual revenue of more than $250 million. The organization recently suffered from a data attack that could have compromised a large number of company employees.

In 2011, Bitsight invented the security ratings industry. As the market leader, we are still the standard in how organizations quantify, manage, and monitor cyber risk. Today, that universal metric is used by entities from national governments to global enterprises to Fortune 500 companies to interpret cyber risk. And now, we’re disrupting the industry once again. Waves of change are constantly disrupting companies of all sizes around the world, particularly when it comes to cybersecurity.