2000, InfoSec and Risk - Cyber Security Informer

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. I went to Black Hat in 2000. I know there was a period when several InfoSec people, myself included, said we will not be on panels unless there's diversity represented on said panel. That is, until Chenxi Wang spoke up. So I learned. And it should.

InfoSec

InfoSec Engineering CSO Technology

Episode 232: Log4j Won’t Go Away (And What To Do About It.)

The Security Ledger

DECEMBER 16, 2021

Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses. Tomislav tells us why issues related to Log4j won’t be going away anytime soon and how organizations must adapt to deal with the risk it poses. Supply Chain Risks: The New Normal.

Cyber Risk

Cyber Risk Software InfoSec Risk

Weaving strategies with policies

Notice Bored

NOVEMBER 26, 2021

From the information risk and security perspective, virtual working is both a nightmare and, again, an opportunity. How can virtual working benefit information risk and security? What about the technology risks, not least our ever-increasing dependence on the Internet? What can be done to facilitate secure virtual working?

Risk

Risk Artificial Intelligence Technology InfoSec

‘I vowed I was going to teach people’: NPower’s trauma-informed training nurtures digital talent

SC Magazine

MARCH 18, 2021

military and serving as deputy chief information security officer at Globe Life and global information security risk director at GM Financial. As an infosec leader, Vaughn witnessed first-hand the dearth of available IT talent that’s available to hire.

Education

Education Media InfoSec Engineering

Y2k + 20: risk, COVID and "the Internet issue"

Notice Bored

JANUARY 9, 2021

For a long time prior to the year 2000, a significant number of software programmers had taken the same shortcut we all did back in "the 90s". The combination of very high probability and catastrophic impact results in a risk up at the high end of a tall scale. Year values were often coded with just two decimal digits: 97, 98, 99.

Internet

Internet Internet Risk InfoSec

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec, his years hacking medical devices. Using older software within your own software always carries risk. I’m really not kidding about the ubiquity of Mike in infosec. What if they don’t?

Healthcare

Healthcare Hacking InfoSec Software

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

And what parallels might infosec learn from COVID-19? In this episode, Mike Ahmadi draws on his years of experience in infosec, his years hacking medical devices. Using older software within your own software always carries risk. I’m really not kidding about the ubiquity of Mike in infosec. What if they don’t?

Healthcare

Healthcare Hacking InfoSec Software

Top Web Application Firewall (WAF) Vendors

eSecurity Planet

MAY 6, 2021

A staple in the cybersecurity industry since 2000, Fortinet is known for its line of firewalls, including the FortiWeb web application firewall. Automated attack detection with identity and behavioral risk categorization. Read our in-depth review of F5 Advanced WAF. Fortinet FortiWeb. Management dashboard for alerts and controls.

Firewall

Firewall DDOS Marketing Technology

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

Vamosi: DEF CON turns 30 This year what began simply as a going away party for a coworker has since evolved over the decades into an annual summer tradition for InfoSec leaders in Las Vegas, which now includes other events such as besides Las Vegas, Diana is known as hackers summer camp. Again, all all around the InfoSec community.

Hacking

Hacking Computers and Electronics InfoSec Software

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

CyberSecurity Insiders

JULY 7, 2021

The Second line comprises the people who are looking at the risk management aspects, and I'm head of internal audit for all of technology. And we wound our way to “Year 2000” ( Y2K ), which now seems sort of silly, but in retrospect, at the time it was a big deal. To clarify, there are three lines of defense.

Financial Services

Financial Services Cybersecurity Technology Government

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. When I look at nuclear submarines and the software that runs them, it has to be zero defect, because lives are at risk. Certainly there is a higher level of risk compared to any other type of normal app.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. When I look at nuclear submarines and the software that runs them, it has to be zero defect, because lives are at risk. Certainly there is a higher level of risk compared to any other type of normal app.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 20, 2020

The confidentiality, integrity, and availability of it all -- you know, the classic CIA triad in infosec. When I look at nuclear submarines and the software that runs them, it has to be zero defect, because lives are at risk. Certainly there is a higher level of risk compared to any other type of normal app.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Ethereum Smart Contracts

ForAllSecure

FEBRUARY 10, 2022

And they point to the inherent risk in any new financial vehicles. It's a little over 2000 accounts with approvals and most of them are not very active accounts. And indeed the company multi chain did that for I think, over 2000 accounts. They were attacked for around $80 million US Dollars. These losses are huge.

Hacking

Hacking Cryptocurrency Accountability Banking

Top Breach and Attack Simulation (BAS) Vendors

eSecurity Planet

MAY 5, 2021

BAS offers more than just pen testing and red team insights, going further in recommending and prioritizing fixes to maximize security resources and minimize cyber risk. CyCognito is committed to exposing shadow risk and bringing advanced threats into view. See our in-depth analysis of AttackIQ’s BAS platform. DXC Technology.

Penetration Testing

Penetration Testing Risk Technology Marketing

Cyber Security Informer

The Hacker Mind: Shattering InfoSec's Glass Ceiling

Episode 232: Log4j Won’t Go Away (And What To Do About It.)

Trending Sources

Weaving strategies with policies

‘I vowed I was going to teach people’: NPower’s trauma-informed training nurtures digital talent

Y2k + 20: risk, COVID and "the Internet issue"

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

Top Web Application Firewall (WAF) Vendors

The Hacker Mind Podcast: DEF CON Villages

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Ethereum Smart Contracts

Top Breach and Attack Simulation (BAS) Vendors

Stay Connected