Notice Bored

AUGUST 5, 2022

Security Posture suggests a confusing mix of application and account security metrics. A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning.

CISO 63

CISO Risk Artificial Intelligence Marketing 63

The Last Watchdog

AUGUST 2, 2018

One program, for instance, puts on workshops for Congressional staffers and other federal employees on how to recognize and avoid nation-state backed hackers looking to interfere in elections. So we’ve boiled the NIST framework down into a very focused workshop exercise. LW: How did this organization get started?

Internet 160

Internet Internet Cybersecurity Education 160

Notice Bored

JULY 4, 2022

I feel more confident about the underlying generic principles of risk, compliance, conformity, obligations, accountabilities, assurance and controls though, and have the breadth of work and life experience to appreciate the next point. The possibility of being held personally to account (perhaps even sacked or prosecuted!)

Risk 72

Risk Accountability InfoSec CISO 72

Troy Hunt

SEPTEMBER 17, 2019

But it's not necessarily that bad, and here's why: Password Limits on Banks Don't Matter That very first tweet touched on the first reason why it doesn't matter: banks aggressively lock out accounts being brute forced. However, after 3 attempts of entering an Access Code your account will be blocked. Any thoughts?

Banking 237

Banking Passwords Accountability Authentication 237

Cisco Security

APRIL 20, 2021

This action accounted for over 38% of the contributions to our findings during the evaluation. Cisco Secure Endpoint and MITRE ATT&CK: Why it matters to CISOs right now. Orbital Advanced Search. Another recent addition, Orbital Advanced Search , was a key contributor to the evaluation results as well.

Financial Services 102

Financial Services CISO Architecture Malware 102

Cisco Security

APRIL 19, 2022

In 2017, Sandworm infiltrated Ukrainian accounting software MeDoc and hijacked the company’s update mechanism which resulted in malicious software being introduced to copies of the MeDoc software used by its customers. Cisco Secure Endpoint and MITRE ATT&CK: Why it matters to CISOs right now. Scenario 2: Sandworm. Protection Test.

Software 111

Software CISO Architecture Healthcare 111

Cisco Security

FEBRUARY 4, 2022

My good friend and fellow Advisory CISO Helen Patton has done a great summary of the memo in a previous blog. Without secure, enterprise-managed identity systems, adversaries can take over user accounts and gain a foothold in an agency to steal data or launch attacks.” Sign up for a Cisco Zero Trust Workshop today!

Architecture 80

Architecture Authentication CISO Government 80