Event, Information Security, Risk and Technology

USENIX Security ’23 ‘The Digital-Safety Risks Of Financial Technologies For Survivors Of Intimate Partner Violence’

Security Boulevard

DECEMBER 22, 2023

Brown, Jeremy Shaffer, Rasika Bhalerao, Thomas Ristenpart Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

Technology

Technology Risk Architecture Education

Understanding the Core Principles of Information Security

Centraleyes

NOVEMBER 1, 2023

To build a robust information security strategy, one must understand and apply the core principles of information security. This blog post will delve into the fundamental principles underpinning effective information security principles and practices. Is The Demise of the CIA Triad Imminent?

Information Security

Information Security Encryption Risk Authentication

How Do You Quantify Risk? Best Techniques

Centraleyes

FEBRUARY 13, 2024

Categorizing risks as high, medium, or low has been the go-to method for organizations seeking to prioritize their cybersecurity efforts. Ten Risks in a Bed Remember the nursery rhyme? Enter the need for a more precise and actionable approach — Cyber Risk Quantification. What is Cyber Risk Quantification?

Risk

Risk Cyber Risk Cybersecurity Penetration Testing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises. Should a risk-conscious, security-aware culture be considered a critical security control?

Security Awareness

Security Awareness Risk CISO Cybersecurity

Cyber Insurance and the Changing Global Risk Environment

Security Affairs

APRIL 22, 2022

When Einstein was asked what a war will look like in the future, he couldn’t have predicted the importance of digital technology for modern societies. This shift to digital technology has created a new class of digital risks that are constantly evolving and strike faster and often with more severity than traditional risks.

Cyber Insurance

Cyber Insurance Insurance Risk Technology

How to Use Your Asset Management Software to Reduce Cyber Risks

CyberSecurity Insiders

APRIL 29, 2022

Identify assets and their associated risks. The best asset management software sets up a stock of your organization’s assets, phases of their entire life cycles, most recent software upgrades, the risks they could face, and the approaches to ensure their security. . . Handle the threats’ possible risks. .

Cyber Risk

Cyber Risk Software Risk IoT

The risk of pasting confidential company data into ChatGPT

Security Affairs

MARCH 12, 2023

This percentage could rapidly increase in the next months with the integration of the technology in multiple services, for example through the use of ChatGPT API. On March 1, our product detected a record 3,381 attempts to paste corporate data into ChatGPT per 100,000 employees, defined as “data egress” events in the chart below.”

Risk

Risk Artificial Intelligence Technology Hacking

ISACA Awards Gala to Recognize Outstanding Technology Professionals for Exceptional Contributions

CyberSecurity Insiders

FEBRUARY 2, 2022

.–( BUSINESS WIRE )–Every year ISACA members and tech professionals worldwide serve their organizations and industries with exemplary achievements and noteworthy contributions to advancing technology. To learn more about the ISACA Awards Gala and register for the in-person and/or virtual event, visit www.isaca.org/awards-gala.

Technology

Technology Education Government Information Security

Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities

Security Affairs

APRIL 11, 2021

Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to repay debt. Fitch Ratings published an alert last week to warn of the “material risk” to water and sewer utilities caused by cyber attacks that could also impact their ability to repay debt.

Risk

Risk Cyber Risk Cyber Attacks Government

Tech firms suspend use of ‘biased’ facial recognition technology

Security Affairs

JUNE 14, 2020

Amazon, IBM and now Microsoft ban the sale of facial recognition technology to police departments and are urging for federal laws to regulate its use. Microsoft is joining Amazon and IBM when it comes to halting the sale of facial recognition technology to police departments. ” reads the Amazon’s announcement.

Technology

Technology Surveillance Artificial Intelligence Government

How Diversity and Inclusion Initiatives Can Reduce Cyber Risk

Centraleyes

NOVEMBER 26, 2023

In the aftermath of the national reckoning on racial justice ignited by the tragic events involving George Floyd, it became evident that despite good intentions, the cybersecurity sector had not tackled the field’s predominantly white and male composition. User-Centric Design Poor user decisions often exacerbate cyber risk.

Cyber Risk

Cyber Risk Risk Cybersecurity Education

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

The Last Watchdog

DECEMBER 31, 2019

Physical security is the protection of personnel and IT infrastructure (such as hardware, software, and data) from physical actions and events that could cause severe damage to an organization. Related: Good to know about IoT Physical security is often a second thought when it comes to information security.

Cyber Risk

Cyber Risk Risk Firewall Surveillance

Russia-Ukraine cyber conflict poses critical infrastructure at risk

Security Affairs

MARCH 14, 2022

While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk. Critical infrastructure is a privileged target for almost any kind of threat actor, the ongoing Russia-Ukraine cyber conflict is posing them at risk. ” reported researchers from Cyble.

Risk

Risk Hacking Cyber Attacks Financial Services

NFL Teams Up with Cisco to Secure Super Bowl LVI

Cisco Security

FEBRUARY 15, 2022

Since it’s a live event, 100 percent uptime is imperative for the Super Bowl, ensuring fans don’t miss a moment of the action. The Super Bowl is the largest sporting and television event in the United States, with nearly 100 million viewers. Securing an event of this magnitude can be quite a challenge.

Firewall

Firewall Technology Malware Network Security

Black Hat Announces Matt Tait as One of Its Keynote Speakers for Black Hat USA 2021 Hybrid Event

CyberSecurity Insiders

JULY 6, 2021

SAN FRANCISCO–( BUSINESS WIRE )– Black Hat , the producer of the cybersecurity industry’s most established and in-depth security events, announces Matt Tait, Chief Operating Officer at Corellium, as a Keynote speaker for the Black Hat USA 2021 hybrid event. For more information, please visit www.informatech.com.

Media

Media Marketing Education Technology

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Boulevard

APRIL 5, 2021

The post CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’ appeared first on Security Boulevard. Many thanks to CERIAS Purdue University for publishing their outstanding videos on the organization's YouTube channel.

Technology

Technology Risk Education InfoSec

SIEM rules ignore bulk of MITRE ATT&CK framework, placing risk burden on users

SC Magazine

FEBRUARY 16, 2021

A recent study of 10 organizations found that, on average, rules and policies tied to security information and event management solutions, or SIEM, cover only 16 percent of the tactics and techniques listed in the MITRE ATT&CK framework. Risk assessment and threat prioritization are key. Antony-22, CC BY-SA 4.0

Risk

Risk Technology Media Engineering

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

While you might think that these actors are interested in government and defense information, their operations prove they are interested in much more – including software development and information technology, data analytics, and logistics. Educate your employees on threats and risks such as phishing and malware.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

The people problem: Large businesses shift resources to address risks tied to new and disgruntled employees

SC Magazine

MARCH 11, 2021

Organizations move on plans to strengthen security policies, increase training, and invest in technology. These efforts focused squarely on the people problem: addressing increased risk tied to employees working from home and workforce tensions amid societal pressures from the pandemic.

Risk

Risk Financial Services Technology Artificial Intelligence

Spotlight on Cybersecurity Leaders: Bill Bowman

SecureWorld News

FEBRUARY 26, 2024

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. Bill Bowman, CISSP, CIPM, is the Chief Information Security Officer & Data Privacy Officer at financial software company Emburse. A : Moving the reporting line to risk (GC/CLO); using AI.

Cybersecurity

Cybersecurity CISO InfoSec Data privacy

US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks

Security Affairs

MARCH 5, 2024

The Department of the Treasury warns that the proliferation of commercial spyware poses growing risks to the United States. “The Intellexa Consortium, which has a global customer base, has enabled the proliferation of commercial spyware and surveillance technologies around the world, including to authoritarian regimes.”

Spyware

Spyware Surveillance Government Technology

How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule

CyberSecurity Insiders

MARCH 28, 2023

Understanding the FTC Safeguards Rule The FTC Safeguards Rule is a set of regulations that require covered financial institutions to develop, implement, and maintain an information security program designed to protect customer information. What is the FTC Safeguards Rule? Implementation of multi-factor authentication.

Data breaches

Data breaches Authentication Risk Phishing

The Annual Insider Risk Summit Adds Experts from Accenture, Aberdeen, Deloitte, IDC and PwC to Speaker Roster

CyberSecurity Insiders

AUGUST 24, 2021

MINNEAPOLIS–( BUSINESS WIRE )–Today, the Insider Risk Summit team announced the next wave of cybersecurity experts and industry advisors to the speaker lineup for the annual Insider Risk Summit 2021. Register here for the fully virtual, free-to-attend event. Insider Risk Summit Featured Speakers.

Risk

Risk CISO CSO Education

Proton Technologies makes the code of ProtonMail iOS App open source

Security Affairs

NOVEMBER 2, 2019

Proton Technologies announced this week that it has made available the source code of its popular ProtonMail iOS App. The Proton Technologies firm continues to propose initiatives aimed at ensuring the transparency of its ProtonMail applications, this week it announced the availability of the source code of its popular ProtonMail iOS App.

Technology

Technology Mobile Advertising Surveillance

Colonial Pipeline attack spotlights risks of geographically dispersed networks in an industry that is ‘far behind’

SC Magazine

MAY 10, 2021

demonstrating the unique cybersecurity risks and vulnerabilities associated with geographically distributed networks. Just as oil and gas can flow up and down the pipeline, so can malware, reaching remote facilities whose IT and operational technology systems may not be adequately fortified to defend against an attack.

Risk

Risk Energy and Utilities Backups Ransomware

The business case for security strategy and architecture

Notice Bored

AUGUST 8, 2022

Providing a blueprint, mapping-out and clarifying the organisational structure, governance arrangements and accountabilities for information risk and security relative to other parts of the business such as IT, physical security, Risk, legal/compliance, HR, operations, business continuity, knowledge management.;

Architecture

Architecture Artificial Intelligence Risk Big data

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

CyberSecurity Insiders

JANUARY 28, 2022

Peter Fletcher has been appointed vice president – information security officer of San Jose Water Co., In his new role as vice president – information security officer, he will have responsibilities across all SJW Group operations. Lynch as chief accounting officer and Andrew F. in Maine and SJWTX Inc.

Information Security

Information Security Accountability Marketing Risk

The 5 dimensions of security resilience

Cisco Security

MARCH 31, 2022

Security resilience is the ability to protect the integrity of every aspect of your business in order to withstand unpredictable threats or changes – and then emerge stronger. This has always been a requirement in cybersecurity, but recent events have made it more critical than ever. So how do we become resilient?

Technology

Technology Risk Architecture Manufacturing

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

The Last Watchdog

MARCH 13, 2023

So how will this affect chief information security officers (CISOs) and security programs? Given the perennial skills and staffing shortage in security, it’s unlikely that CISOs will be asked to make deep budget or staffing cuts, yet they may not come out of this period unscathed.

CISO

CISO Insurance Cybersecurity Risk

SPOTLIGHT: Women in Cybersecurity

McAfee

NOVEMBER 3, 2020

The RSA Conference USA 2019 held in San Francisco — which is the world’s largest cybersecurity event with more than 40,000 people and 740 speakers — is a decent measuring stick for representation of women in this field. “At Please join McAfee, AWS, and our customers to discuss the impact women are having on information security in the cloud.

Cybersecurity

Cybersecurity Architecture Cloud Migration Retail

Five 2023 Cybersecurity Predictions by Doug Dooley

CyberSecurity Insiders

DECEMBER 6, 2022

Many technology workers will resign from their comfortable, high-paying jobs at larger employers. The net result will be less employment opportunities and eventually less job-hoping in 2023 despite the talent shortfall in IT security. CISO shortage. CISO exodus.

Cybersecurity

Cybersecurity CISO InfoSec Technology

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

The headlines immediately attempted to lay the blame, in large part, on the fact that Equifax’s chief information security officer was a music major and did not have a background in technology. The technologies existing in 2018 will undoubtedly differ from those that exist in 2020. Equifax was not special in this regard.

Data privacy

Data privacy Data breaches Insurance Information Security

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Centraleyes

APRIL 22, 2024

The Federal Information Security Modernization Act (FISMA) establishes a comprehensive strategy for enhancing the cybersecurity posture of federal agencies. Department of Commerce responsible for developing and promoting standards and guidelines to enhance the security and interoperability of information systems.

Risk

Risk Information Security Encryption Cybersecurity

Hiring – (Technical) Cybersecurity Consultant

BH Consulting

JUNE 2, 2022

Our highly skilled team help clients understand risks, identify vulnerabilities and deliver critical cybersecurity and data protection solutions to their organisations. A strong familiarity with web application security vulnerabilities and controls. Hands-on security incident handling and remediation experience.

Cybersecurity

Cybersecurity Backups Penetration Testing Risk

Elections 2024, artificial intelligence could upset world balances

Security Affairs

DECEMBER 27, 2023

Key events include the European Parliament elections in June, the U.S. According to the latest threat landscape report from the European Cyber Security Agency (ENISA) , there has been an increase in the use of AI-based chatbots for fraudulent activities, deepfakes, and similar technologies over the last 12 months.

Artificial Intelligence

Artificial Intelligence Media Government Technology

Nation-state actors are using AI services and LLMs for cyberattacks

Security Affairs

FEBRUARY 14, 2024

.” The researchers pointed out that at this time the attackers have yet to use LLMs to devise novel attacks, malicious use of LLMs observed by the researchers include: LLM-informed reconnaissance: Employing LLMs to gather actionable intelligence on technologies and potential vulnerabilities.

Artificial Intelligence

Artificial Intelligence Social Engineering Phishing Engineering

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

CyberSecurity Insiders

MAY 27, 2021

The renowned global three-day conference, focused on continuing education for cybersecurity professionals and information security specialists, will be hosted as a hybrid event for the first time in 2021.

Education

Education IoT Cybersecurity Government

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

SecureWorld News

JANUARY 4, 2024

This data can be used to gauge turnover risk, assess the need for new positions, and evaluate employee productivity and workplace engagement. UAM tools also greatly help ensure data security. Integration with a customer's existing infrastructure, including other security tools and various cloud technologies , is also crucial.

Data collection

Data collection Artificial Intelligence Surveillance Risk

Understanding the Different Types of Audit Evidence

Centraleyes

APRIL 18, 2024

Compliance Assurance: Evidence is crucial in demonstrating compliance with industry-specific regulations and standards, safeguarding organizations from legal consequences, and enhancing overall security posture. As auditors delve into various aspects of cybersecurity, different forms of audit evidence contribute to a comprehensive evaluation.

Risk

Risk Penetration Testing Encryption Cybersecurity

Hacker on the road: Experiences from DEF CON 31

BH Consulting

SEPTEMBER 21, 2023

In the heart of the scorching Nevada desert, every August heralds an event that beckons hackers, law enforcement officers, and cybersecurity consultants from all around the world: Hacker Summer Camp. I was overwhelmed by the sheer size of the event and the wealth of knowledge that surrounded me.

Cybersecurity

Cybersecurity Technology Hacking Information Security

SecureWorld Returns to Houston with Energy and Enthusiasm

SecureWorld News

MAY 25, 2023

It was a great event," said Paul Dial, CISO of AECOM, who was part of a closing keynote panel on "CISO: Chief in Name Only." "It It has been years since I attended a SecureWorld event. I don't think there's any industry, any business, that technology does not play a role. I'm glad that I was able to be part of this one!"

CISO

CISO Cybersecurity Engineering Information Security

Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

Security Affairs

MARCH 20, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. Below is the timeline of the events related to the previous weeks: March 18 – China-linked threat actors are targeting the government of Ukraine.

Government

Government Antivirus Hacking Software

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

Well, information security, cybersecurity happens to be a critical part of the business, being able to achieve strategic objectives. Buerger recently joined Kraft Heinz as its Business Information Security Officer after serving as CISO at a smaller company.

Cybersecurity

Cybersecurity CISO InfoSec Risk

MEET THE RECIPIENTS OF THE 2021 (ISC)² GOVERNMENT PROFESSIONAL AWARD

CyberSecurity Insiders

OCTOBER 25, 2021

The (ISC)² Government Professional Award recognizes government cybersecurity leaders whose commitment to excellence has helped to improve government information security and advance an in-demand workforce. Amorn’s leadership skills were truly shown when a small competition grew into the Royal Thai Air Force annual main event.

Government

Government Education Cybersecurity Technology

USENIX Security ’23 ‘The Digital-Safety Risks Of Financial Technologies For Survivors Of Intimate Partner Violence’

Understanding the Core Principles of Information Security

Webinars

Trending Sources

How Do You Quantify Risk? Best Techniques

Webinars

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cyber Insurance and the Changing Global Risk Environment

How to Use Your Asset Management Software to Reduce Cyber Risks

The risk of pasting confidential company data into ChatGPT

ISACA Awards Gala to Recognize Outstanding Technology Professionals for Exceptional Contributions

Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities

Tech firms suspend use of ‘biased’ facial recognition technology

How Diversity and Inclusion Initiatives Can Reduce Cyber Risk

GUEST ESSAY: As cyber risks rise in 2020, as they surely will, don’t overlook physical security

Russia-Ukraine cyber conflict poses critical infrastructure at risk

NFL Teams Up with Cisco to Secure Super Bowl LVI

Black Hat Announces Matt Tait as One of Its Keynote Speakers for Black Hat USA 2021 Hybrid Event

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

SIEM rules ignore bulk of MITRE ATT&CK framework, placing risk burden on users

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The people problem: Large businesses shift resources to address risks tied to new and disgruntled employees

Spotlight on Cybersecurity Leaders: Bill Bowman

US Gov sanctioned Intellexa Consortium individuals and entities behind Predator spyware attacks

How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule

The Annual Insider Risk Summit Adds Experts from Accenture, Aberdeen, Deloitte, IDC and PwC to Speaker Roster

Proton Technologies makes the code of ProtonMail iOS App open source

Colonial Pipeline attack spotlights risks of geographically dispersed networks in an industry that is ‘far behind’

The business case for security strategy and architecture

SJW Group Appoints James P. Lynch as Chief Accounting Officer, Andrew Walters as Chief Financial Officer; San Jose Water Appoints Peter Fletcher as Vice President – Information Security Officer

The 5 dimensions of security resilience

GUEST ESSAY: Could CISOs be on the verge of disproving the ‘security-as-a-cost-center’ fallacy?

SPOTLIGHT: Women in Cybersecurity

Five 2023 Cybersecurity Predictions by Doug Dooley

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Hiring – (Technical) Cybersecurity Consultant

Elections 2024, artificial intelligence could upset world balances

Nation-state actors are using AI services and LLMs for cyberattacks

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

Breaking Down User Activity Monitoring Tools: Security and HR Perspectives

Understanding the Different Types of Audit Evidence

Hacker on the road: Experiences from DEF CON 31

SecureWorld Returns to Houston with Energy and Enthusiasm

Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

MEET THE RECIPIENTS OF THE 2021 (ISC)² GOVERNMENT PROFESSIONAL AWARD

Stay Connected