The US Government Accountability Office (GAO) has identified issues with the Department of Health and Human Services’ (HHS) cybersecurity responsibilities. The department is yet to implement all the recommendations to improve this and is not effectively monitoring the implementation of practices to reduce ransomware risks. The GAO also found HHS hasn’t conducted a sector-wide cybersecurity risk assessment, and needs to measure the effectiveness of its own support in reducing ransomware risk.
Microsoft Power Pages misconfigs exposing sensitive data • The Register
Private businesses and public-sector organizations are unwittingly exposing millions of people’s sensitive information to the public internet because they misconfigure Microsoft’s Power Pages website creation
