Architecture, Cybersecurity, InfoSec and Risk

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk

Risk VPN Internet Internet

BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore

Security Boulevard

JULY 12, 2023

Permalink The post BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Architecture

Architecture CISO Education Risk

5 Major Cybersecurity Trends to Know for 2024

eSecurity Planet

DECEMBER 19, 2023

As 2023 draws to an end and cybersecurity budgeting is nearly complete, it helps to consider the year’s events and try to predict next year’s trends. After receiving input from industry experts and doing my own analysis of the year’s driving forces, I identified five major cybersecurity trends. Bottom line: Prepare now based on risk.

Cybersecurity

Cybersecurity CISO Government Technology

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

If Infosec Was a Supermarket Business

Security Boulevard

FEBRUARY 27, 2023

By Jordan Durham I was recently reading an article which made a brief analogy between cybersecurity and a retail store. This got me thinking – could there be a deeper analogy made for cybersecurity and a supermarket, especially detection and response programs? So, if we apply this to our analogy, we could class this data as low risk.

InfoSec

InfoSec Cybersecurity Risk Technology

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

For this recognition, Cyber Defense Magazine (CDM) reviews the hottest, most innovative, market-leading cybersecurity players globally, recognizing the top one hundred firms worldwide. . Quickly detect risks and amend access entitlement issues associated with privileged users. Improve control over user data and access permissions.

InfoSec

InfoSec Marketing Technology B2C

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Global inflation can have, and is having, a significant impact on cybersecurity. As prices rise, organizations may be tempted to cut back on cybersecurity spending, making them more vulnerable to cyberattacks. Additionally, inflation can make it more difficult for organizations to keep up with the latest cybersecurity threats.

Cybersecurity

Cybersecurity CISO Education Phishing

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

SecureWorld News

MAY 16, 2023

Seven small coastal towns in Massachusetts have formed a partnership to better tackle their IT and cybersecurity needs in the region. Tom Brennan is the Executive Director, Americas Region, at CREST, a global community of cybersecurity businesses and professionals working to keep information safe in a digital world.

Cybersecurity

Cybersecurity Insurance Cyber Risk CISO

New certificate program teaches cloud auditing in a multi-tenant architecture

SC Magazine

MARCH 25, 2021

Experts in the field of cloud, IT governance and general cybersecurity believe that this certificate program is a significant addition to the wide spectrum of security training programs available today, filling an important gap in the knowledge-based training market. “Not

Architecture

Architecture Technology Government Penetration Testing

2021 Gartner®: Market Guide for Cloud Workload Protection Platforms

CyberSecurity Insiders

AUGUST 6, 2021

An Important Read for InfoSec and DevOps. With the increasing granularity of workloads, and the distributed and ephemeral nature of cloud assets, CWPP addresses pressing challenges faced by both InfoSec and DevOps. And much more. Download the 2021 Gartner Market Guide for Cloud Workload Protection Platforms.

Marketing

Marketing Architecture InfoSec Risk

Cyber CEO: 5 Outdated but Common Cybersecurity Practices You Should Avoid

Herjavec Group

SEPTEMBER 23, 2021

As cyber breaches and ransomware attacks skyrocket, businesses now have no choice but to face the truth — cybersecurity is no longer an option. You can’t expect the cybersecurity program that covered your in-office work environment to comprehensively secure your remote and hybrid workforces. Taking a Reactive Approach.

Cybersecurity

Cybersecurity Penetration Testing Digital transformation Risk

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Now, those insurers are poised to drive cybersecurity investment by insisting that organizations meet certain criteria to qualify for coverage. Still unclear is whether this will serve the cybersecurity community well, or distort strategies to protect data and networks. A maturing model. billion in premium.

Insurance

Insurance Cyber Insurance Cybersecurity Government

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Herjavec Group

APRIL 26, 2021

Third-party risk is a hot topic in the world of cybersecurity. The recent SolarWinds breach was a tough reminder that technological advancement will always carry inherent risks. former CEO of RSA Security) for a virtual fireside chat last week to chat about third-party risk. So where does that leave us?

Risk

Risk Government InfoSec Cybersecurity

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

Quantum computing poses a potential threat to current cybersecurity practices, which are based on encryption algorithms that can be broken by quantum computers. As for the panel presentation at SecureWorld Denver , it features Edgar Acosta, Experienced Cybersecurity Professional (former CISO at DCP Midstream ); Craig Hurter, Sr.

Encryption

Encryption Technology Risk Architecture

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Security Boulevard

JULY 13, 2023

Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Education

Education Risk Architecture CISO

Reassuring Words and Good Intentions Don't Mean Good Security

Troy Hunt

APRIL 2, 2020

Not a good day for any #CyberSecurity company. comododesktop @troyhunt #InfoSec #DataBreach pic.twitter.com/JxGzS9evtT — Nigel Cox (@Harlekwin_UK) October 2, 2019 “We take security seriously” [link] [link] — Troy Hunt (@troyhunt) September 27, 2019 Over and over again, kids tracking watching have egregiously bad security.

Penetration Testing

Penetration Testing Risk InfoSec Architecture

Data Loss Prevention in an API-Driven World

CyberSecurity Insiders

JUNE 16, 2023

Cloud Security is often implemented with dedicated secure access service edge (SASE) architectures, including cloud access security brokers (CASBs). However, sensitive data is transmitted freely across internal and external APIs, increasing the risk of accidental or malicious exposure of different sensitive data types.

Risk

Risk Firewall Data breaches InfoSec

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Transportation Cybersecurity Summit

Security Boulevard

SEPTEMBER 29, 2023

Permalink The post Cyber Week 2023 & The Israel National Cyber Directorate Presents – Transportation Cybersecurity Summit appeared first on Security Boulevard. Many thanks to Israel’s Tel Aviv University for publishing their presenter’s tremendous Cyber Week 2023 security content on the Tel Aviv University’s TAUVOD YouTube channel.

Cybersecurity

Cybersecurity Architecture CISO Education

7 Best Attack Surface Management Software for 2024

eSecurity Planet

DECEMBER 20, 2023

Attack surface management (ASM) is a relatively new cybersecurity technology that combines elements of vulnerability management and asset discovery with the automation capabilities of breach and attack simulation (BAS) and applies them to an organization’s entire IT environment, from networks to the cloud.

Software

Software Risk Architecture Internet

Build an insider threat management program that involves everyone

SC Magazine

JULY 13, 2021

Today’s columnist, Deborah Watson of Proofpoint, says with so much work conducted via virtual meetings, risk has increased and businesses have to pay more attention to an insider threat management program. Think of Insider Threat Management Programs (ITMPs) as a holistic focus on managing the risks that insiders pose to your corporate assets.

Risk

Risk InfoSec Media Technology

Keeper Security Acquires Glyptodon to Provide Zero-Trust Remote Access for IT Admins, SREs and DevOps Teams

CyberSecurity Insiders

FEBRUARY 3, 2022

The acquisition enhances Keeper Security’s continued evolution in the identity and access cybersecurity space, particularly in enabling hyper-secure access to remote resources. The post Keeper Security Acquires Glyptodon to Provide Zero-Trust Remote Access for IT Admins, SREs and DevOps Teams appeared first on Cybersecurity Insiders.

Password Management

Password Management Passwords Encryption Data breaches

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

Needless to say, in 2021 cybersecurity was front and center for individuals, enterprises, and governments alike. Data breaches and cybersecurity threats were at an all-time high this past year. So let’s take a look at the big challenges, priorities, and trends we saw in cybersecurity over the past year.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Embracing the Quantum Computing Revolution: Unleashing the Opportunities for Cybersecurity

Security Boulevard

SEPTEMBER 26, 2023

Permalink The post Cyber Week 2023 & The Israel National Cyber Directorate Presents – Embracing the Quantum Computing Revolution: Unleashing the Opportunities for Cybersecurity appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Architecture CISO Education

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

The Last Watchdog

MAY 19, 2021

Related: DHS embarks on 60-day cybersecurity sprints. In response, President Biden last week issued an executive order requiring more rigorous cybersecurity practices for federal agencies and contractors that develop software for the federal government. Keatron Evans, principal security researcher, Infosec Institute.

Hacking

Hacking Government Technology Ransomware

Democratizing Threat Hunting: How to Make it Happen for Everyone

Cisco Security

FEBRUARY 16, 2021

Topics such as tech refresh, risk management, and incident response were examined from the perspective of a roadmap for success in an information security program for organizations of all sizes. Having this data at our hands allows us to align our risk exposure to do some of the important work.”

Risk

Risk InfoSec Technology CISO

Cyber Playbook: An Overview of PCI Compliance in 2022

Herjavec Group

MARCH 24, 2022

Internet-facing architecture that is being ASV scanned has grown more complex over the last years with the implementation of HTTPS load balancers, web application firewalls, deep packet inspection capable intrusion detection/prevention (IDS/IPS) systems, and next-gen firewalls. Ensure that all of the above that do remain in web page *.html

Architecture

Architecture Firewall Penetration Testing eCommerce

3 New Awards in 3 Weeks – We are on a Roll!

Security Boulevard

JUNE 6, 2022

Today we’ve been honored with the “Next Generation in API Security” award in the 2022 Global InfoSec Awards from Cyber Defense Magazine (CDM). Salt delivers this rich API context through its unique and patented, cloud-scale big data architecture that leverages AI and ML algorithms to gain the most insights into API behaviors.

Big data

Big data InfoSec Architecture Education

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Securing the ICT Supply Chain from Cybersecurity Threats

Security Boulevard

SEPTEMBER 25, 2023

Permalink The post Cyber Week 2023 & The Israel National Cyber Directorate Presents – Securing the ICT Supply Chain from Cybersecurity Threats appeared first on Security Boulevard.

Cybersecurity

Cybersecurity Architecture CISO Education

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Each year, a select pool of experts from the cybersecurity community sets hours aside to review hundreds of entries received for the SC Trust and Excellence Awards. Cedric Leighton is founder and president of Cedric Leighton Associates, a strategic risk and leadership management consultancy. He retired as a colonel in 2010.

Computers and Electronics

Computers and Electronics Technology Education Information Security

The Quest for Optimal Security

The Falcon's View

AUGUST 6, 2018

However, listing out specific technologies can become cumbersome, plus it doesn't necessarily lend itself well to thinking about security architecture and strategy. Risk Management. Risk Management. Risk management is not your starting point. maybe you need to move to ISO 27001 or complete a SOC 1/2/3 certification).

InfoSec

InfoSec Risk Architecture Security Awareness

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We also talk about the pitfalls of using artificial intelligence in cyber security and about the best way to tackle the US's chronic cybersecurity talent shortage. David Brumley: Oh, no.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

CISO workshop slides

Notice Bored

AUGUST 5, 2022

Other slides in the deck appear to equate ' security posture ' to vulnerability management and software/systems patching - a rather narrow/specific technical concern for metrics suggested to senior management, although arguably it is a major factor in cybersecurity - or to security strategy.

CISO

CISO Risk Artificial Intelligence Marketing

How You Can Effectively Manage Your SSH Keys Towards Zero Trust Security

Security Boulevard

JUNE 15, 2022

Risks associated with SSH keys (orphaned keys, duplicate keys, etc.). Threat prevention is achieved by only granting access to networks and workloads utilizing policy informed by continuous, contextual, risk-based verification across users and their associated devices.”. Venafi Confidential SSH Risk Assessment. Key sprawl.

Risk

Risk Architecture Digital transformation InfoSec

We’re Named 2020 Gartner Peer Insights Customers’ Choice for Enterprise DLP

McAfee

JULY 7, 2020

McAfee Unified Cloud is a framework for implementing a Secure Access Service Edge (SASE) architecture and a safe way to accelerate digital transformation with cloud services, enable cloud and internet access from any device, and allow ultimate workforce productivity. We have deployed the solution to 100K+ endpoint devices with minimum issues.

Digital transformation

Digital transformation InfoSec Architecture Marketing

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We also talk about the pitfalls of using artificial intelligence in cyber security and about the best way to tackle the US's chronic cybersecurity talent shortage. David Brumley: Oh, no.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

ForAllSecure

OCTOBER 9, 2019

How exactly will artificial intelligence help bridge the infosec skills gap and what kinds of security work are still best left to humans? We also talk about the pitfalls of using artificial intelligence in cyber security and about the best way to tackle the US's chronic cybersecurity talent shortage. David Brumley: Oh, no.

InfoSec

InfoSec Artificial Intelligence Computers and Electronics Software

Redesigning the Security Narrative

Duo's Security Blog

APRIL 29, 2022

Defining “storytelling” in an InfoSec context Inspiration - We the People: Democratizing Security “Storytelling” is a word that you will hear frequently within Duo’s creative team — now part of a Brand & Strategy unit for Cisco’s rebranded security organization Cisco Secure. But where to begin?

Marketing

Marketing InfoSec Architecture Authentication

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

Cisco Security

NOVEMBER 2, 2022

To top it off, Duo is connected to our SIEM and our InfoSec team is able to review detailed logs and setup alerts to be able to keep everything secure.” Duo’s Passwordless Architecture. This significantly improves the user experience and mitigates the risk of stolen credentials and man-in-the-middle (MiTM) attacks.

Authentication

Authentication Passwords Phishing Mobile

How CIOs Can Protect Data Against Ransomware Attacks in 2022

Security Boulevard

OCTOBER 27, 2021

In the coming year, CIOs will focus on enabling changes to their data, cybersecurity, and cloud strategies—all while keeping an eye on hybrid work models and consumer privacy. A Zero Trust architecture should be at the center of every security strategy. Establish a Zero Trust Mindset. It’s a much bigger attack surface.

Ransomware

Ransomware Backups Mobile InfoSec

Leapfrogging with Smart Tech Refresh

Cisco Security

JANUARY 28, 2021

When boiled down to its essence, InfoSec is all about risk mitigation, and risk is based on probability and impact. By integrating both Cisco and third-party technologies, Cisco SecureX ensures that it will fit in with the journey and vision for your security program. How can SecureX help you?

Technology

Technology InfoSec Antivirus Architecture

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

Cisco Security

AUGUST 26, 2021

Cybersecurity is a continuously evolving landscape. We constantly see new threats, and threat vectors, come and go; which puts a tremendous strain on the InfoSec teams that have to protect organizations and businesses from these threats. This integration ensures sensitive files are protected during periods of elevated risk.

Technology

Technology Firewall VPN Authentication

BSides Sofia 2023 – Alexandar Andonov – The Secure Software Supply Chain Function S3C

Security Boulevard

JULY 23, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Alexandar Andonov – The Secure Software Supply Chain Function S3C appeared first on Security Boulevard.

Software

Software Architecture CISO Education

BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping

Security Boulevard

JULY 21, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Sofia 2023 – Plamen Kalchev – Commit To Memory Making The Best Of Your Notes

Security Boulevard

JULY 20, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Plamen Kalchev – Commit To Memory Making The Best Of Your Notes appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT

Security Boulevard

JULY 17, 2023

Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel. Permalink The post BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT appeared first on Security Boulevard.

Architecture

Architecture CISO Education Risk

CISA Order Highlights Persistent Risk at Network Edge

BSides Knoxville 2023 – Hudson Bush – Enterprise Security Architecture Isn’t Just For Enterprises Anymore

Webinars

Trending Sources

5 Major Cybersecurity Trends to Know for 2024

Webinars

If Infosec Was a Supermarket Business

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

New certificate program teaches cloud auditing in a multi-tenant architecture

2021 Gartner®: Market Guide for Cloud Workload Protection Platforms

Cyber CEO: 5 Outdated but Common Cybersecurity Practices You Should Avoid

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

Cyber CEO: 3 Key Components for Resilient Third Party Risk Management

Quantum Computing: A Looming Threat to Organizations and Nation States

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Reassuring Words and Good Intentions Don't Mean Good Security

Data Loss Prevention in an API-Driven World

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Transportation Cybersecurity Summit

7 Best Attack Surface Management Software for 2024

Build an insider threat management program that involves everyone

Keeper Security Acquires Glyptodon to Provide Zero-Trust Remote Access for IT Admins, SREs and DevOps Teams

Cyber CEO: A Look Back at Cybersecurity in 2021

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Embracing the Quantum Computing Revolution: Unleashing the Opportunities for Cybersecurity

ROUNDTABLE: Experts react to President Biden’s exec order in the aftermath of Colonial Pipeline hack

Democratizing Threat Hunting: How to Make it Happen for Everyone

Cyber Playbook: An Overview of PCI Compliance in 2022

3 New Awards in 3 Weeks – We are on a Roll!

Cyber Week 2023 & The Israel National Cyber Directorate Presents – Securing the ICT Supply Chain from Cybersecurity Threats

Meet the 2021 SC Awards judges

The Quest for Optimal Security

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

CISO workshop slides

How You Can Effectively Manage Your SSH Keys Towards Zero Trust Security

We’re Named 2020 Gartner Peer Insights Customers’ Choice for Enterprise DLP

Security Ledger Podcast: Security Automation Is (And Isn't) The Future Of InfoSec

SECURITY LEDGER PODCAST: SECURITY AUTOMATION IS (AND ISN'T) THE FUTURE OF INFOSEC

Redesigning the Security Narrative

Still Using Passwords? Get Started with Phishing-Resistant, Passwordless Authentication Now!

How CIOs Can Protect Data Against Ransomware Attacks in 2022

Leapfrogging with Smart Tech Refresh

CSTA Turns 400 – Proof That Technology Integrations Is Exactly What You Are Looking For

BSides Sofia 2023 – Alexandar Andonov – The Secure Software Supply Chain Function S3C

BSides Sofia 2023 – Georgi Gerganov – Keytap Acoustic Keyboard Eavesdropping

BSides Sofia 2023 – Plamen Kalchev – Commit To Memory Making The Best Of Your Notes

BSides Sofia 2023 – Daniela Shalev – Hunting Unsigned DLLs To Find APT

Stay Connected