Cyber risk management is not an “IT problem”; it is an enterprise risk management matter that can be harnessed into a business enabler.
The agency says threat actors are targeting organizations' IT help desks with phone calls from a local area code claiming to be revenue cycle or administrator employees. After gaining access, they divert legitimate payments.