Okta Breach Update and Analysis

Details continue to emerge regarding the Lapsus$ breach of Okta systems and the impact of the incident on Okta customers and the broader security community. On March 21, 2022, the Lapsus$ cyber threat group posted screenshots on their Telegram channel demonstrating that the group had gained superuser access to Okta systems and access to Okta…

Read More

Top Three Focus Areas for CISOs in 2021

In a year that tested our resolve, the RH-ISAC community was resilient. The COVID-19 pandemic altered business-as-usual operations, changing the ways consumers shop and travel, and how employees work. Many of our members were forced to reduce staff and contractors, financially de-prioritize large capital and long-term projects, and delay initiatives that would have contributed to…

Read More

Top 5 Tips to Protect User Data

If there’s one thing that never changes in cybersecurity, it’s this: threat actors will always look for the path of least resistance to gain access to a victim’s network. While companies that collect and maintain personally identifiable information (PII) or protected health information (PHI) are often the preferred targets of threat actors, attackers will target…

Read More

Biggest Holiday Risk Factors

This blog is part of the RH-ISAC holiday guidance blog series. For more blogs in this series, visit https://rhisac.org/blog/. As we enter the holiday season, malicious actors ramp up their attacks, seeking to take advantage of the increase in traffic to both digital and brick-and-mortar retailers and hospitality organizations. Attackers tend to be opportunistic: targeted, specific…

Read More