Schneier on Security

NOVEMBER 9, 2018

The privacy frontier facing research universities spans open access practices, uses and misuses of data, public records requests, cyber risk, and curating data for privacy protection.

Data collection 208

Data collection Cyber Risk Risk Government 208

Hot for Security

JUNE 30, 2021

The Government Accountability Office (GAO) sent a letter to NASA in an effort to make the space agency more resilient to cyberattacks by proposing several security measures that would ensure its protection. In any case, NASA is not the only agency going through these changes. “We

Government 52

Government Accountability Cyber Risk Risk 52

Hot for Security

JUNE 30, 2021

The Government Accountability Office (GAO) sent a letter to NASA in an effort to make the space agency more resilient to cyberattacks by proposing several security measures that would ensure its protection. In any case, NASA is not the only agency going through these changes. “We

Government 52

Government Accountability Cyber Risk Risk 52

SC Magazine

MARCH 11, 2021

In response, the non-profit has offered a glimpse into its work-in-progress “Accountability Framework,” designed to help relevant health care stakeholders take responsibility for keeping cyberspace secure by enforcing behavioral norms and also by understanding and rooting out the underlying causes when attacks do happen. “Too

Accountability 59

Accountability Healthcare Government CISO 59

Security Affairs

FEBRUARY 4, 2024

Notably, per additional context acquired from the actor, the majority of exposed accounts on the Dark Web didn’t have 2FA enabled. The opportunity to acquire them in bulk will be extremely attractive for actors involved in spam, online banking theft, scam, business email compromise (BEC), and account takeover (ATO) activities.

Scams 119

Scams Passwords Phishing Accountability 119

The Security Ledger

JULY 22, 2020

In this Spotlight podcast* we’re joined by Andrew Jaquith, the CISO at QOMPLX to talk about how the COVID pandemic is highlighting longstanding problems with cyber risk management and cyber resilience. Andy Jaquith is the Chief Information Security Officer at QOMPLX Inc. Read the whole entry. »

CISO 52

CISO Cyber Risk Ransomware Risk 52

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware 92

Malware Cybercrime Hacking Cyber threats 92

Security Affairs

APRIL 11, 2021

“The loss or corruption of customer data, electronic files and accounts that leads to the inability to read meters or access billing systems and reduces customer confidence could affect the ability to raise rates. ” Credit rating agencies assess the capacity for utilities to repay their debt and cyber attacks could impact it. .

Risk 107

Risk Cyber Risk Cyber Attacks Government 107

SecureWorld News

JULY 3, 2023

As we rely increasingly on digital technologies for our work, communication, entertainment, and education, we also expose ourselves to more and more cyber risks. Cyberattacks can devastate individuals, businesses, and even nations, affecting our privacy, security, and economy. Human error accounts for 95% of all data breaches.

Cybercrime 83

Cybercrime Social Engineering Data breaches Education 83

Centraleyes

NOVEMBER 8, 2023

stock exchanges must adhere to the cyber risk management and material incident reporting guidelines, commencing in mid-December 2023 (or Spring 2024 for qualifying small companies). Clarity plays a crucial role in holding organizations accountable for accurate cybersecurity reporting.

CISO 52

CISO Cyber Risk Risk Cybersecurity 52

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. This allowed hackers to breach many user accounts. Third-party risk management.

Data breaches 89

Data breaches Passwords Social Engineering Encryption 89

The Security Ledger

MARCH 12, 2021

Women are more than 50% of the population, but barely 20% of the information security workforce. In this encore episode of the podcast, in honor of Women’s History Month, we’re revisiting a 2019 interview with Veracode CEO Sam King to talk about the information security industry’s struggles to attract and retain talented women.

Information Security 52

Information Security Hacking Cyber Risk Accountability 52

SecureWorld News

MAY 29, 2024

Protecting manufacturing operations requires a shared responsibility model, which includes local plant leadership, manufacturing engineering and operations, and information technology and security teams. In the realm of building control systems, each structure can harbor anywhere from four to eight distinct systems. "The

Manufacturing 87

Manufacturing CISO Artificial Intelligence Cyber threats 87

Thales Cloud Protection & Licensing

APRIL 29, 2024

The Cyber Resilience Act complements other legislation, specifically the NIS2 Directive (see below). NIS2 (Network and Information Security Directive) The updated NIS Directive significantly expands the scope and rigor of cybersecurity requirements across the European Union.

Risk 71

Risk Manufacturing Digital transformation Cybersecurity 71

SecureWorld News

NOVEMBER 17, 2022

Gerstein, a 1980 West Point graduate, who served as the Department of Homeland Security Undersecretary (acting) and Deputy Undersecretary in the Science and Technology Directorate from 2011-2014, in his "Better Anticipating and Managing Today's Growing Cyber Risks" article.

Cyber Risk 75

Cyber Risk Technology Information Security Accountability 75

SecureWorld News

JUNE 26, 2023

From the filing : " Subsequently, certain current and former executive officers and employees of the Company, including the Company's Chief Financial Officer and Chief Information Security Officer, received 'Wells Notices' from the SEC staff, each in connection with the Investigation. federal securities laws."

CISO 87

CISO CSO Data privacy Cyber Risk 87

SC Magazine

APRIL 14, 2021

Every organization should have a responsible and accountable program for reducing risk through vulnerability management. There’s no way to eliminate security vulnerabilities completely, so it’s our shared responsibility as a global information security industry to implement approaches to hunt and fix them swiftly.

Government 107

Government Risk Information Security InfoSec 107

SecureWorld News

DECEMBER 20, 2021

Ransomware remains a significant issue, state-sponsored threat actors continue to disrupt organizations and critical infrastructure, and many experts believe the United States is far behind our adversaries when it comes to our cyber workforce and defenses. Here are some key thoughts from our fireside chat.

Cybersecurity 98

Cybersecurity Artificial Intelligence Government Technology 98

McAfee

NOVEMBER 3, 2020

Please join McAfee, AWS, and our customers to discuss the impact women are having on information security in the cloud. These remarkable women represent multiple roles in cloud and security, from technical leadership through executive management. Chief Information Security Officer. Can’t make it? Collins Aerospace.

Cybersecurity 93

Cybersecurity Architecture Cloud Migration Retail 93

Security Boulevard

APRIL 29, 2024

The Cyber Resilience Act complements other legislation, specifically the NIS2 Directive (see below). NIS2 (Network and Information Security Directive) The updated NIS Directive significantly expands the scope and rigor of cybersecurity requirements across the European Union.

Risk 72

Risk Manufacturing Cybersecurity Digital transformation 72

SC Magazine

MAY 24, 2021

In a report released May 20, the Government Accountability Office looked at how the private cybersecurity insurance market has developed over the past five yearsRich Baich is global chief information security officer for insurance giant AIG. Photo by Spencer Platt/Getty Images).

Cyber Insurance 94

Cyber Insurance Insurance Marketing Cyber Risk 94

Security Affairs

APRIL 5, 2023

The JCDC has seen the benefits of collaboration for exigent risks (such as the heightened awareness and protection related to Russia’s invasion of Ukraine and the Log4Shell vulnerability) but sees a remaining gap when it comes to imminent risk. To address this gap, the JCDC is planning proactive measures for future cyber risks.

Energy and Utilities 72

Energy and Utilities Cyber threats Risk Cyber Risk 72

Security Affairs

MAY 9, 2023

“CACTUS essentially encrypts itself, making it harder to detect and helping it evade antivirus and network monitoring tools,” Laurie Iacono, Associate Managing Director for Cyber Risk at Kroll, told Bleeping Computer. The Cactus ransomware relies on multiple legitimate tools (e.g.

Ransomware 71

Ransomware VPN Antivirus Encryption 71

BH Consulting

JANUARY 11, 2022

There’s plenty of food for thought and perspective for anyone in security leadership or privacy roles in their organisations. We begin with a look at a contentious topic: cyber risk insurance. There is an argument that cybersecurity insurance is useful because it makes people think of business risk, not just IT.

Cybersecurity 59

Cybersecurity Insurance Scams Cyber Risk 59

Centraleyes

DECEMBER 6, 2023

Vulnerability management is a critical element of information security. The technology surrounding information security is developing at a rapid pace and vulnerabilities are inevitable. Using a dedicated cybersecurity risk management platform can help you to stay informed of new vulnerabilities and threats.

Risk 52

Risk Cyber Risk Software Information Security 52

CyberSecurity Insiders

MARCH 7, 2021

These third parties aren’t typically under your organization’s control and its unlikely that they provide complete transparency into their information security controls. Some vendors can have robust security standards and good risk management practices, while others may not.

Data breaches 112

Data breaches Penetration Testing Risk Cyber Risk 112

The Last Watchdog

FEBRUARY 25, 2019

A separate set of startups soon cropped up specifically to handle the provisioning of log on accounts that gave access to multiple systems, and also the de-provisioning of those accounts when a user left the company. Efforts to balance security and productivity sometimes backfired.

Government 169

Government Authentication Technology Data breaches 169

SecureWorld News

JULY 31, 2023

If you are a CISO today who is not getting face time with the board, look at this as an opportunity to continue to press for the need to discuss the current state and cyber risks currently being faced by the company. For sanity, manage to a written information security policy.

CISO 83

CISO InfoSec Risk Cybersecurity 83

SecureWorld News

OCTOBER 14, 2021

This will soon be applied through an information security lens if your organization does business with the government as part of a new Civil Cyber-Fraud Initiative. information or systems at risk.". The IGs regularly examine compliance and cyber risk. You can probably guess why the U.S.

Government 82

Government Cybersecurity Cyber Risk Risk 82

SecureWorld News

AUGUST 21, 2023

Krista Arndt is the Chief Information Security Officer for United Musculoskeletal Partners (UMP). She has worked in and around security, risk, and governance since 2008 in various roles. A : Multi-factor- authentication (MFA) on personal accounts.

Cybersecurity 67

Cybersecurity Healthcare Risk Cyber Risk 67

Duo's Security Blog

OCTOBER 18, 2021

#BeCyberSmart,” with this post we’ll dig deeper on cyber liability insurance, MFA, and other cybersecurity trends impacting MFA usage in higher education to help campuses manage this aspect of cyber risk for their communities. MFA is core to implementing a zero trust stance to protect your campus.

Insurance 65

Insurance Education Risk Cyber Insurance 65

SecureWorld News

OCTOBER 11, 2023

For the last eight-plus years, I've been working as a fractional Chief Information Security Officer (CISO). If vendor is to receive Personally Identifiable Information about a Massachusetts resident, will it have, and will it maintain, a comprehensive written information security program that is in compliance with 201 CMR 17.00

Insurance 89

Insurance Passwords CISO Cybersecurity 89

The Last Watchdog

MARCH 17, 2021

Ongoing basic research in advanced cryptography concepts is pivotal to putting the brakes on widening cyber risks and ultimately arriving at a level of privacy and security that makes sense. Along the way, of course, cybersecurity must get addressed. Lots of big companies sponsor basic research; it’s how progress gets made.

Digital transformation 222

Digital transformation Encryption Technology Mobile 222

CyberSecurity Insiders

DECEMBER 6, 2021

One respondent in a cybersecurity leadership role noted, “[simple] changes can have a significant impact on [an organization’s security posture]. Items such as MFA, security awareness training and vulnerability management with accountability go a long way in shoring up defenses.”. Cybersecurity is a business investment.

Cybersecurity 105

Cybersecurity Ransomware Security Awareness Technology 105

Notice Bored

APRIL 12, 2021

On Sunday I blogged about preparing four new 'topic-specific' information security policy templates for SecAware. A healthcare company could mention health-related risk examples where delays in furnishing critical information to the workers who need it could jeopardise treatments and critical care.

Risk 60

Risk Small Business Cyber Risk Healthcare 60

Security Affairs

APRIL 30, 2020

The PerSwaysion campaign proliferates with alarming rates by leveraging compromised accounts’ email data to select further targets who hold important roles in their companies and share business relations with the victims. Group-IB continues to work with the relevant parties in local countries to inform the affected companies of the breach.

Phishing 90

Phishing Accountability Financial Services Cloud Migration 90

IT Security Guru

OCTOBER 14, 2021

The global COVID-19 pandemic has been a tumultuous time for Chief information security officers (CISOs) who on any given day have a long and complicated list of responsibilities. An explosion of cyber risks and a complicated and constantly changing threat landscape. Opportunities and positives on the security industry.

CISO 55

CISO Social Engineering Marketing Cyber Risk 55